]> git.saurik.com Git - apple/security.git/blob - AppleX509CL/AppleX509CLSession.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-179.tar.gz
[apple/security.git] / AppleX509CL / AppleX509CLSession.h
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 //
20 // AppleX509CLSession.h - general CL session functions.
21 //
22 #ifndef _H_APPLEX509CLSESSION
23 #define _H_APPLEX509CLSESSION
24
25 #include <Security/CLsession.h>
26 #include "CLCachedEntry.h"
27 #include "DecodedCert.h"
28 #include "LockedMap.h"
29 #include <Security/threading.h>
30 #include <Security/cssmapple.h>
31
32 class AppleX509CLSession : public CLPluginSession {
33
34 public:
35
36 AppleX509CLSession(
37 CSSM_MODULE_HANDLE theHandle,
38 CssmPlugin &plug,
39 const CSSM_VERSION &version,
40 uint32 subserviceId,
41 CSSM_SERVICE_TYPE subserviceType,
42 CSSM_ATTACH_FLAGS attachFlags,
43 const CSSM_UPCALLS &upcalls);
44
45 ~AppleX509CLSession();
46
47 // ====================================================================
48 // Cert Interpretation
49 // ====================================================================
50
51 void CertDescribeFormat(
52 uint32 &NumberOfFields,
53 CSSM_OID_PTR &OidList);
54
55 // Non-cached
56
57 void CertGetAllFields(
58 const CssmData &Cert,
59 uint32 &NumberOfFields,
60 CSSM_FIELD_PTR &CertFields);
61
62 CSSM_HANDLE CertGetFirstFieldValue(
63 const CssmData &Cert,
64 const CssmData &CertField,
65 uint32 &NumberOfMatchedFields,
66 CSSM_DATA_PTR &Value);
67
68 bool CertGetNextFieldValue(
69 CSSM_HANDLE ResultsHandle,
70 CSSM_DATA_PTR &Value);
71
72
73 // Cached
74
75 void CertCache(
76 const CssmData &Cert,
77 CSSM_HANDLE &CertHandle);
78
79 CSSM_HANDLE CertGetFirstCachedFieldValue(
80 CSSM_HANDLE CertHandle,
81 const CssmData &CertField,
82 uint32 &NumberOfMatchedFields,
83 CSSM_DATA_PTR &Value);
84
85 bool CertGetNextCachedFieldValue(
86 CSSM_HANDLE ResultsHandle,
87 CSSM_DATA_PTR &Value);
88
89 void CertAbortCache(
90 CSSM_HANDLE CertHandle);
91
92 void CertAbortQuery(
93 CSSM_HANDLE ResultsHandle);
94
95
96
97 // Templates
98
99 void CertCreateTemplate(
100 uint32 NumberOfFields,
101 const CSSM_FIELD CertFields[],
102 CssmData &CertTemplate);
103
104 void CertGetAllTemplateFields(
105 const CssmData &CertTemplate,
106 uint32 &NumberOfFields,
107 CSSM_FIELD_PTR &CertFields);
108
109
110 // Memory
111
112 void FreeFields(
113 uint32 NumberOfFields,
114 CSSM_FIELD_PTR &FieldArray);
115 void FreeFieldValue(
116 const CssmData &CertOrCrlOid,
117 CssmData &Value);
118
119 // Key
120
121 void CertGetKeyInfo(
122 const CssmData &Cert,
123 CSSM_KEY_PTR &Key);
124
125 // ====================================================================
126 // CRL Interpretation
127 // ====================================================================
128
129 // Non-cached
130
131 void CrlDescribeFormat(
132 uint32 &NumberOfFields,
133 CSSM_OID_PTR &OidList);
134
135 void CrlGetAllFields(
136 const CssmData &Crl,
137 uint32 &NumberOfCrlFields,
138 CSSM_FIELD_PTR &CrlFields);
139
140 CSSM_HANDLE CrlGetFirstFieldValue(
141 const CssmData &Crl,
142 const CssmData &CrlField,
143 uint32 &NumberOfMatchedFields,
144 CSSM_DATA_PTR &Value);
145
146 bool CrlGetNextFieldValue(
147 CSSM_HANDLE ResultsHandle,
148 CSSM_DATA_PTR &Value);
149
150 void IsCertInCrl(
151 const CssmData &Cert,
152 const CssmData &Crl,
153 CSSM_BOOL &CertFound);
154
155
156 // Cached
157
158 void CrlCache(
159 const CssmData &Crl,
160 CSSM_HANDLE &CrlHandle);
161
162 void CrlGetAllCachedRecordFields(CSSM_HANDLE CrlHandle,
163 const CssmData &CrlRecordIndex,
164 uint32 &NumberOfFields,
165 CSSM_FIELD_PTR &CrlFields);
166
167 CSSM_HANDLE CrlGetFirstCachedFieldValue(
168 CSSM_HANDLE CrlHandle,
169 const CssmData *CrlRecordIndex,
170 const CssmData &CrlField,
171 uint32 &NumberOfMatchedFields,
172 CSSM_DATA_PTR &Value);
173
174 bool CrlGetNextCachedFieldValue(
175 CSSM_HANDLE ResultsHandle,
176 CSSM_DATA_PTR &Value);
177
178 void IsCertInCachedCrl(
179 const CssmData &Cert,
180 CSSM_HANDLE CrlHandle,
181 CSSM_BOOL &CertFound,
182 CssmData &CrlRecordIndex);
183
184 void CrlAbortCache(
185 CSSM_HANDLE CrlHandle);
186
187 void CrlAbortQuery(
188 CSSM_HANDLE ResultsHandle);
189
190
191 // Template
192
193 void CrlCreateTemplate(
194 uint32 NumberOfFields,
195 const CSSM_FIELD *CrlTemplate,
196 CssmData &NewCrl);
197
198 void CrlSetFields(
199 uint32 NumberOfFields,
200 const CSSM_FIELD *CrlTemplate,
201 const CssmData &OldCrl,
202 CssmData &ModifiedCrl);
203
204 void CrlAddCert(
205 CSSM_CC_HANDLE CCHandle,
206 const CssmData &Cert,
207 uint32 NumberOfFields,
208 const CSSM_FIELD CrlEntryFields[],
209 const CssmData &OldCrl,
210 CssmData &NewCrl);
211
212 void CrlRemoveCert(
213 const CssmData &Cert,
214 const CssmData &OldCrl,
215 CssmData &NewCrl);
216
217 // ====================================================================
218 // Verify/Sign
219 // ====================================================================
220
221 // Certs
222
223 void CertVerifyWithKey(
224 CSSM_CC_HANDLE CCHandle,
225 const CssmData &CertToBeVerified);
226
227 void CertVerify(
228 CSSM_CC_HANDLE CCHandle,
229 const CssmData &CertToBeVerified,
230 const CssmData *SignerCert,
231 const CSSM_FIELD *VerifyScope,
232 uint32 ScopeSize);
233
234 void CertSign(
235 CSSM_CC_HANDLE CCHandle,
236 const CssmData &CertTemplate,
237 const CSSM_FIELD *SignScope,
238 uint32 ScopeSize,
239 CssmData &SignedCert);
240
241 // Cert Groups
242
243 void CertGroupFromVerifiedBundle(
244 CSSM_CC_HANDLE CCHandle,
245 const CSSM_CERT_BUNDLE &CertBundle,
246 const CssmData *SignerCert,
247 CSSM_CERTGROUP_PTR &CertGroup);
248
249 void CertGroupToSignedBundle(
250 CSSM_CC_HANDLE CCHandle,
251 const CSSM_CERTGROUP &CertGroupToBundle,
252 const CSSM_CERT_BUNDLE_HEADER *BundleInfo,
253 CssmData &SignedBundle);
254
255 // CRLs
256
257 void CrlVerifyWithKey(
258 CSSM_CC_HANDLE CCHandle,
259 const CssmData &CrlToBeVerified);
260
261 void CrlVerify(
262 CSSM_CC_HANDLE CCHandle,
263 const CssmData &CrlToBeVerified,
264 const CssmData *SignerCert,
265 const CSSM_FIELD *VerifyScope,
266 uint32 ScopeSize);
267
268 void CrlSign(
269 CSSM_CC_HANDLE CCHandle,
270 const CssmData &UnsignedCrl,
271 const CSSM_FIELD *SignScope,
272 uint32 ScopeSize,
273 CssmData &SignedCrl);
274
275 // ====================================================================
276 // Module Specific Pass-Through
277 // ====================================================================
278
279 void PassThrough(
280 CSSM_CC_HANDLE CCHandle,
281 uint32 PassThroughId,
282 const void *InputParams,
283 void **OutputParams);
284
285 private:
286 /* routines in Session_Cert.cpp */
287 void getAllParsedCertFields(
288 const DecodedCert &cert,
289 uint32 &NumberOfFields, // RETURNED
290 CSSM_FIELD_PTR &CertFields); // RETURNED
291
292 /* routines in Session_Crypto.cpp */
293 void signData(
294 CSSM_CC_HANDLE ccHand,
295 const CssmData &tbs,
296 CssmOwnedData &sig); // mallocd and returned
297 void verifyData(
298 CSSM_CC_HANDLE ccHand,
299 const CssmData &tbs,
300 const CssmData &sig);
301
302 /* routines in Session_CSR.cpp */
303 void generateCsr(
304 CSSM_CC_HANDLE CCHandle,
305 const CSSM_APPLE_CL_CSR_REQUEST *csrReq,
306 CSSM_DATA_PTR &csrPtr);
307 void verifyCsr(
308 const CSSM_DATA *csrPtr);
309
310 /*
311 * Maps of cached certs, CRLs, and active queries
312 * This one holds cached certs and CRLs.
313 */
314 LockedMap<CSSM_HANDLE, CLCachedEntry> cacheMap;
315 LockedMap<CSSM_HANDLE, CLQuery> queryMap;
316
317 CLCachedCert *lookupCachedCert(CSSM_HANDLE handle);
318 CLCachedCRL *lookupCachedCRL(CSSM_HANDLE handle);
319 };
320
321 #endif //_H_APPLEX509CLSESSION
mirror of Security