cdsa/cdsa_client/cryptoclient.cpp

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // cryptoclient - client interface to CSSM CSP encryption/decryption operations
  21 //
  22 #include <Security/cryptoclient.h>
  23
  24 using namespace CssmClient;
  25
  26
  27 Crypt::Crypt(const CSP &csp, CSSM_ALGORITHMS alg) : Context(csp, alg)
  28 {
  29         // set defaults
  30         mMode = CSSM_ALGMODE_NONE;
  31         mCred = NULL;
  32         mInitVector = NULL;
  33         mPadding = CSSM_PADDING_NONE;
  34 }
  35
  36 void Crypt::key(const Key &key)
  37 {
  38         mKey = key;
  39         set(CSSM_ATTRIBUTE_KEY, static_cast<const CssmKey &>(key));
  40 }
  41
  42 void
  43 Crypt::activate()
  44 {
  45         if (!mActive)
  46         {
  47         // Some crypto operations require a credential.
  48         // Use a null credential if none was specified.
  49         if (!mCred)
  50             mCred = &AccessCredentials::null;
  51
  52         // Key is required unless we have a NULL algorithm (cleartext wrap/unwrap),
  53         // in which case we'll make a symmetric context (it shouldn't matter then).
  54                 if (!mKey && mAlgorithm != CSSM_ALGID_NONE)
  55                         CssmError::throwMe(CSSMERR_CSP_MISSING_ATTR_KEY);
  56                 if (!mKey || mKey->keyClass() == CSSM_KEYCLASS_SESSION_KEY)
  57                 {       // symmetric key
  58                         check(CSSM_CSP_CreateSymmetricContext(attachment()->handle(), mAlgorithm,
  59                                 mMode, mCred, mKey, mInitVector, mPadding, NULL,
  60                                 &mHandle));
  61                 }
  62                 else
  63                 {
  64                         check(CSSM_CSP_CreateAsymmetricContext(attachment()->handle(), mAlgorithm,
  65                                 mCred, mKey, mPadding, &mHandle));
  66                         //@@@ stick mode and initVector explicitly into the context?
  67                 }
  68                 mActive = true;
  69         }
  70 }
  71 void Crypt::cred(const AccessCredentials *c)
  72 {
  73     if (!(mCred = c))
  74         mCred = &AccessCredentials::null;
  75     set(CSSM_ATTRIBUTE_ACCESS_CREDENTIALS, *mCred);
  76 }
  77
  78
  79 //
  80 // Manage encryption contexts
  81 //
  82
  83 uint32
  84 Encrypt::encrypt(const CssmData *in, uint32 inCount,
  85                                                 CssmData *out, uint32 outCount, CssmData &remData)
  86 {
  87         unstaged();
  88         uint32 total;
  89         check(CSSM_EncryptData(handle(), in, inCount, out, outCount, &total, &remData));
  90         return total;
  91 }
  92
  93 void
  94 Encrypt::init()
  95 {
  96         check(CSSM_EncryptDataInit(handle()));
  97         mStaged = true;
  98 }
  99
 100 uint32
 101 Encrypt::encrypt(const CssmData *in, uint32 inCount,
 102         CssmData *out, uint32 outCount)
 103 {
 104         staged();
 105         uint32 total;
 106         check(CSSM_EncryptDataUpdate(handle(), in, inCount, out, outCount, &total));
 107         return total;
 108 }
 109
 110 void
 111 Encrypt::final(CssmData &remData)
 112 {
 113         staged();
 114         check(CSSM_EncryptDataFinal(handle(), &remData));
 115         mStaged = false;
 116 }
 117
 118
 119 //
 120 // Manage Decryption contexts
 121 //
 122
 123 uint32
 124 Decrypt::decrypt(const CssmData *in, uint32 inCount,
 125         CssmData *out, uint32 outCount, CssmData &remData)
 126 {
 127         unstaged();
 128         uint32 total;
 129         check(CSSM_DecryptData(handle(), in, inCount, out, outCount, &total, &remData));
 130         return total;
 131 }
 132
 133 void
 134 Decrypt::init()
 135 {
 136         check(CSSM_DecryptDataInit(handle()));
 137         mStaged = true;
 138 }
 139
 140 uint32
 141 Decrypt::decrypt(const CssmData *in, uint32 inCount,
 142         CssmData *out, uint32 outCount)
 143 {
 144         staged();
 145         uint32 total;
 146         check(CSSM_DecryptDataUpdate(handle(), in, inCount, out, outCount, &total));
 147         return total;
 148 }
 149
 150 void
 151 Decrypt::final(CssmData &remData)
 152 {
 153         staged();
 154         check(CSSM_DecryptDataFinal(handle(), &remData));
 155         mStaged = false;
 156 }