-/*
- * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
- *
- * The contents of this file constitute Original Code as defined in and are
- * subject to the Apple Public Source License Version 1.2 (the 'License').
- * You may not use this file except in compliance with the License. Please obtain
- * a copy of the License at http://www.apple.com/publicsource and read it before
- * using this file.
- *
- * This Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
- * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
- * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
- * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
- * specific language governing rights and limitations under the License.
- */
-
-
-//
-// AppleCSP.cpp - top-level plugin and session implementation
-//
-#include "AppleCSP.h"
-#include "AppleCSPSession.h"
-#include "AppleCSPUtils.h"
-#include <stdio.h>
-#include "cspdebugging.h"
-#include <security_cdsa_plugin/CSPsession.h>
-#include <security_utilities/alloc.h>
-#ifdef BSAFE_CSP_ENABLE
-#include "bsafecsp.h"
-#include "bsafecspi.h"
-#endif
-#ifdef CRYPTKIT_CSP_ENABLE
-#include "cryptkitcsp.h"
-#include "FEEKeys.h"
-#endif
-#include <miscAlgFactory.h>
-#ifdef ASC_CSP_ENABLE
-#include "ascFactory.h"
-#endif
-#include <RSA_DSA_csp.h>
-#include <RSA_DSA_keys.h>
-#include <DH_csp.h>
-#include <DH_keys.h>
-
-#include "YarrowConnection.h"
-
-//
-// Make and break the plugin object
-//
-AppleCSPPlugin::AppleCSPPlugin() :
- normAllocator(Allocator::standard(Allocator::normal)),
- privAllocator(Allocator::standard(Allocator::sensitive)),
- #ifdef BSAFE_CSP_ENABLE
- bSafe4Factory(new BSafeFactory(&normAllocator, &privAllocator)),
- #endif
- #ifdef CRYPTKIT_CSP_ENABLE
- cryptKitFactory(new CryptKitFactory(&normAllocator, &privAllocator)),
- #endif
- miscAlgFactory(new MiscAlgFactory(&normAllocator, &privAllocator)),
- #ifdef ASC_CSP_ENABLE
- ascAlgFactory(new AscAlgFactory(&normAllocator, &privAllocator)),
- #endif
- rsaDsaAlgFactory(new RSA_DSA_Factory(&normAllocator, &privAllocator)),
- dhAlgFactory(new DH_Factory(&normAllocator, &privAllocator))
-{
- // misc. once-per-address-space cruft...
-}
-
-AppleCSPPlugin::~AppleCSPPlugin()
-{
- #ifdef BSAFE_CSP_ENABLE
- delete bSafe4Factory;
- #endif
- #ifdef CRYPTKIT_CSP_ENABLE
- delete cryptKitFactory;
- #endif
- delete miscAlgFactory;
- #ifdef ASC_CSP_ENABLE
- delete ascAlgFactory;
- #endif
- delete rsaDsaAlgFactory;
- delete dhAlgFactory;
-}
-
-
-//
-// Create a new plugin session, our way
-//
-PluginSession *AppleCSPPlugin::makeSession(
- CSSM_MODULE_HANDLE handle,
- const CSSM_VERSION &version,
- uint32 subserviceId,
- CSSM_SERVICE_TYPE subserviceType,
- CSSM_ATTACH_FLAGS attachFlags,
- const CSSM_UPCALLS &upcalls)
-{
- switch (subserviceType) {
- case CSSM_SERVICE_CSP:
- return new AppleCSPSession(handle,
- *this,
- version,
- subserviceId,
- subserviceType,
- attachFlags,
- upcalls);
- default:
- CssmError::throwMe(CSSMERR_CSSM_INVALID_SERVICE_MASK);
- return 0; // placebo
- }
-}
-
-
-//
-// Session constructor
-//
-AppleCSPSession::AppleCSPSession(
- CSSM_MODULE_HANDLE handle,
- AppleCSPPlugin &plug,
- const CSSM_VERSION &version,
- uint32 subserviceId,
- CSSM_SERVICE_TYPE subserviceType,
- CSSM_ATTACH_FLAGS attachFlags,
- const CSSM_UPCALLS &upcalls)
- : CSPFullPluginSession(handle,
- plug,
- version,
- subserviceId,
- subserviceType,
- attachFlags,
- upcalls),
- #ifdef BSAFE_CSP_ENABLE
- bSafe4Factory(*(dynamic_cast<BSafeFactory *>(plug.bSafe4Factory))),
- #endif
- #ifdef CRYPTKIT_CSP_ENABLE
- cryptKitFactory(*(dynamic_cast<CryptKitFactory *>(plug.cryptKitFactory))),
- #endif
- miscAlgFactory(*(dynamic_cast<MiscAlgFactory *>(plug.miscAlgFactory))),
- #ifdef ASC_CSP_ENABLE
- ascAlgFactory(*(dynamic_cast<AscAlgFactory *>(plug.ascAlgFactory))),
- #endif
- rsaDsaAlgFactory(*(dynamic_cast<RSA_DSA_Factory *>(plug.rsaDsaAlgFactory))),
- dhAlgFactory(*(dynamic_cast<DH_Factory *>(plug.dhAlgFactory))),
- normAllocator(*this),
- privAllocator(plug.privAlloc())
-{
- // anything?
-}
-
-AppleCSPSession::~AppleCSPSession()
-{
- // anything?
-}
-
-//
-// Called at (CSSM) context create time. This is ignored; we do a full
-// context setup later, at setupContext time.
-//
-CSPFullPluginSession::CSPContext *
-AppleCSPSession::contextCreate(
- CSSM_CC_HANDLE handle,
- const Context &context)
-{
- return NULL;
-}
-
-//
-// Called by CSPFullPluginSession when an op is actually commencing.
-// Context can safely assumed to be fully formed and stable for the
-// duration of the op; thus we wait until now to set up our
-// CSPContext as appropriate to the op.
-//
-void AppleCSPSession::setupContext(
- CSPContext * &cspCtx,
- const Context &context,
- bool encoding)
-{
- /*
- * Note we leave the decision as to whether it's OK to
- * reuse a context to the individual factories.
- */
- #ifdef BSAFE_CSP_ENABLE
- /* Give BSAFE the firsrt shot if it's present */
- if (bSafe4Factory.setup(*this, cspCtx, context)) {
- CASSERT(cspCtx != NULL);
- return;
- }
- #endif
- if (rsaDsaAlgFactory.setup(*this, cspCtx, context)) {
- CASSERT(cspCtx != NULL);
- return;
- }
- if (miscAlgFactory.setup(*this, cspCtx, context)) {
- CASSERT(cspCtx != NULL);
- return;
- }
- if (dhAlgFactory.setup(*this, cspCtx, context)) {
- CASSERT(cspCtx != NULL);
- return;
- }
- #ifdef CRYPTKIT_CSP_ENABLE
- if (cryptKitFactory.setup(*this, cspCtx, context)) {
- CASSERT(cspCtx != NULL);
- return;
- }
- #endif
- #ifdef ASC_CSP_ENABLE
- if (ascAlgFactory.setup(*this, cspCtx, context)) {
- CASSERT(cspCtx != NULL);
- return;
- }
- #endif
- if(setup(cspCtx, context)) {
- CASSERT(cspCtx != NULL);
- return;
- }
- dprintf0("AppleCSPSession::setupContext: invalid algorithm\n");
- CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
-}
-
-/*
- * Used for generating crypto contexts at this level.
- * Analogous to AlgorithmFactory.setup().
- */
-bool AppleCSPSession::setup(
- CSPFullPluginSession::CSPContext * &cspCtx,
- const Context &context)
-{
- if (cspCtx) {
- return false; // not ours or already set
- }
-
- switch(context.type()) {
- case CSSM_ALGCLASS_RANDOMGEN:
- switch (context.algorithm()) {
- case CSSM_ALGID_APPLE_YARROW:
- cspCtx = new YarrowContext(*this);
- return true;
- /* other random algs here */
- default:
- return false;
- }
- /* other contexts here */
- default:
- return false;
- }
- /* NOT REACHED */
- return false;
-
-}
-
-//
-// Context for CSSM_ALGID_APPLE_YARROW.
-//
-YarrowContext::YarrowContext(AppleCSPSession &session)
- : AppleCSPContext(session)
-{
- // nothing for now
-}
-
-YarrowContext::~YarrowContext()
-{
- // nothing for now
-}
-
-//
-// Only job here is to snag the length and process the optional seed argument
-//
-void YarrowContext::init(
- const Context &context,
- bool encoding)
-{
- /* stash requested length for use later in outputSize() */
- outSize = context.getInt(CSSM_ATTRIBUTE_OUTPUT_SIZE,
- CSSMERR_CSP_INVALID_ATTR_OUTPUT_SIZE);
-
- /* optional seed */
- CssmCryptoData *cseed = context.get<CssmCryptoData>(CSSM_ATTRIBUTE_SEED);
- if(cseed == NULL) {
- /* we're done */
- return;
- }
- CssmData seed = (*cseed)();
- if((seed.Length == 0) ||
- (seed.Data == NULL)) {
- CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_SEED);
- }
- session().addEntropy((size_t)seed.Length, seed.Data);
-}
-
-void YarrowContext::final(
- CssmData &out)
-{
- session().getRandomBytes((size_t)out.Length, out.Data);
-}
-
-/***
- *** Binary Key support.
- ***/
-
-// Given a CSSM_DATA, extract its KeyRef.
-static KeyRef CssmDataToKeyRef(
- const CSSM_DATA &data)
-{
- if(data.Length != sizeof(KeyRef)) {
- CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_REFERENCE);
- }
-
- uint8 *cp = data.Data + sizeof(KeyRef) - 1;
- KeyRef keyRef = 0;
- for(unsigned dex=0; dex<sizeof(KeyRef); dex++) {
- keyRef <<= 8;
- keyRef |= *cp--;
- }
- return keyRef;
-}
-
-// Place a KeyRef into a CSSM_DATA, mallocing if necessary.
-static void keyRefToCssmData(
- KeyRef keyRef,
- CSSM_DATA &data,
- Allocator &allocator)
-{
- if(data.Length > sizeof(keyRef)) {
- /* don't leave old raw key material lying around */
- memset(data.Data + sizeof(keyRef), 0, data.Length - sizeof(keyRef));
- }
- else if(data.Length < sizeof(keyRef)) {
- /* not enough space for even a keyRef, force realloc */
- allocator.free(data.Data);
- data.Data = NULL;
- data.Length = 0;
- }
- setUpData(data, sizeof(keyRef), allocator);
-
- uint8 *cp = data.Data;
- for(unsigned i=0; i<sizeof(keyRef); i++) {
- *cp++ = keyRef & 0xff;
- keyRef >>= 8;
- }
-}
-
-// Look up a BinaryKey by its KeyRef. Returns NULL if not
-// found. refKeyMapLock held on entry and exit.
-BinaryKey *AppleCSPSession::lookupKeyRef(
- KeyRef keyRef)
-{
- const BinaryKey *binKey;
-
- // use safe version, don't create new entry if this key
- // isn't there
- keyMap::iterator it = refKeyMap.find(keyRef);
- if(it == refKeyMap.end()) {
- return NULL;
- }
- binKey = it->second;
- assert(binKey == reinterpret_cast<const BinaryKey *>(keyRef));
- assert(binKey->mKeyRef == keyRef);
- return const_cast<BinaryKey *>(binKey);
-}
-
-// add a BinaryKey to our refKeyMap. Sets up cssmKey
-// as appropriate.
-void AppleCSPSession::addRefKey(
- BinaryKey &binKey,
- CssmKey &cssmKey)
-{
- // for now, KeyRef is just the address of the BinaryKey
- KeyRef keyRef = reinterpret_cast<KeyRef>(&binKey);
-
- binKey.mKeyRef = keyRef;
- binKey.mKeyHeader = CssmKey::Header::overlay(cssmKey.KeyHeader);
- {
- StLock<Mutex> _(refKeyMapLock);
- assert(lookupKeyRef(keyRef) == NULL);
- refKeyMap[keyRef] = &binKey;
- }
- cssmKey.KeyHeader.BlobType = CSSM_KEYBLOB_REFERENCE;
- cssmKey.KeyHeader.Format = CSSM_KEYBLOB_REF_FORMAT_INTEGER;
- keyRefToCssmData(keyRef, cssmKey.KeyData, normAllocator);
- secdebug("freeKey", "CSP addRefKey key %p keyData %p keyRef %p",
- &cssmKey, cssmKey.KeyData.Data, &binKey);
-}
-
-// Given a CssmKey in reference form, obtain the associated
-// BinaryKey. Throws CSSMERR_CSP_INVALID_KEY_REFERENCE if
-// key not found in session key map.
-BinaryKey & AppleCSPSession::lookupRefKey(
- const CssmKey &cssmKey)
-{
- KeyRef keyRef;
- BinaryKey *binKey;
-
- keyRef = CssmDataToKeyRef(cssmKey.KeyData);
- {
- StLock<Mutex> _(refKeyMapLock);
- binKey = lookupKeyRef(keyRef);
- }
- if(binKey == NULL) {
- CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_REFERENCE);
- }
- assert(Guid::overlay(binKey->mKeyHeader.CspId) == plugin.myGuid());
-
- /*
- * Verify sensitive fields have not changed between when the BinaryKey was
- * created/stored and when the caller passed in the ref key.
- * Some fields were changed by addRefKey, so make a local copy....
- */
- CSSM_KEYHEADER localHdr = cssmKey.KeyHeader;
- localHdr.BlobType = binKey->mKeyHeader.BlobType;
- localHdr.Format = binKey->mKeyHeader.Format;
- if(memcmp(&localHdr, &binKey->mKeyHeader, sizeof(CSSM_KEYHEADER))) {
- CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_REFERENCE);
- }
- return (*binKey);
-}
-
-// CSPFullPluginSession declares & implements this.
-// Note that we ignore the delete argument; since we don't
-// store anything, freeing is the same as deleting.
-void AppleCSPSession::FreeKey(
- const AccessCredentials *AccessCred,
- CssmKey &KeyPtr,
- CSSM_BOOL Delete)
-{
-
- if((KeyPtr.blobType() == CSSM_KEYBLOB_REFERENCE) &&
- (KeyPtr.cspGuid() == plugin.myGuid())) {
- // it's a ref key we generated - delete associated BinaryKey
- KeyRef keyRef = CssmDataToKeyRef(KeyPtr.KeyData);
- {
- StLock<Mutex> _(refKeyMapLock);
- BinaryKey *binKey = lookupKeyRef(keyRef);
- if(binKey != NULL) {
- secdebug("freeKey", "CSP FreeKey key %p keyData %p binKey %p",
- &KeyPtr, KeyPtr.KeyData.Data, binKey);
- try {
- refKeyMap.erase(keyRef);
- delete binKey;
- }
- catch (...) {
- errorLog0("Error deleting/erasing known "
- "ref key\n");
- }
- }
- else {
- secdebug("freeKey", "CSP freeKey unknown key");
- }
- }
- }
- CSPFullPluginSession::FreeKey(AccessCred, KeyPtr, Delete);
-}
-
-/* Passthrough, used for key digest */
-void AppleCSPSession::PassThrough(
- CSSM_CC_HANDLE CCHandle,
- const Context &Context,
- uint32 PassThroughId,
- const void *InData,
- void **OutData)
-{
- *OutData = NULL;
-
- /* validate context */
- if(Context.type() != CSSM_ALGCLASS_NONE) {
- CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
- }
-
- switch(PassThroughId) {
- case CSSM_APPLECSP_KEYDIGEST:
- {
- CssmKey &key = Context.get<CssmKey>(
- CSSM_ATTRIBUTE_KEY,
- CSSMERR_CSP_MISSING_ATTR_KEY);
-
- /* validate key as best we can */
- switch(key.keyClass()) {
- case CSSM_KEYCLASS_PUBLIC_KEY:
- case CSSM_KEYCLASS_PRIVATE_KEY:
- case CSSM_KEYCLASS_SESSION_KEY:
- break;
- default:
- CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_CLASS);
- }
-
- /*
- * Ref key: obtain binary, ask it for blob
- * Raw key: get info provider, ask it for the blob. This
- * allows for an optimized path which avoids
- * converting to a BinaryKey.
- */
- CssmData blobToHash;
- switch(key.blobType()) {
- case CSSM_KEYBLOB_RAW:
- {
- CSPKeyInfoProvider *provider = infoProvider(key);
- bool converted =
- provider->getHashableBlob(privAllocator, blobToHash);
- if(converted) {
- /* took optimized case; proceed */
- delete provider;
- break;
- }
-
- /* convert to BinaryKey and ask it to do the work */
- BinaryKey *binKey;
- CSSM_KEYATTR_FLAGS flags = 0; // not used
- provider->CssmKeyToBinary(NULL, // no paramKey
- flags,
- &binKey);
- binKey->mKeyHeader =
- CssmKey::Header::overlay(key.KeyHeader);
- CSSM_KEYBLOB_FORMAT rawFormat;
- rawFormat = CSSM_KEYBLOB_RAW_FORMAT_DIGEST;
- CSSM_KEYATTR_FLAGS attrFlags = 0;
- binKey->generateKeyBlob(privAllocator,
- blobToHash,
- rawFormat,
- *this,
- NULL,
- attrFlags);
- delete binKey;
- delete provider;
- break;
- }
- case CSSM_KEYBLOB_REFERENCE:
- {
- BinaryKey &binKey = lookupRefKey(key);
- CSSM_KEYBLOB_FORMAT rawFormat;
- rawFormat = CSSM_KEYBLOB_RAW_FORMAT_DIGEST;
- CSSM_KEYATTR_FLAGS attrFlags = 0;
- binKey.generateKeyBlob(privAllocator,
- blobToHash,
- rawFormat,
- *this,
- NULL,
- attrFlags);
- }
- break;
- default:
- CssmError::throwMe(CSSMERR_CSP_INVALID_KEY);
- }
-
- /* obtain sha1 hash of blobToHash */
-
- CSSM_DATA_PTR outHash = NULL;
- try {
- outHash =
- (CSSM_DATA_PTR)normAllocator.malloc(sizeof(CSSM_DATA));
- outHash->Data =
- (uint8 *)normAllocator.malloc(SHA1_DIGEST_SIZE);
- outHash->Length = SHA1_DIGEST_SIZE;
- }
- catch(...) {
- freeCssmData(blobToHash, privAllocator);
- throw;
- }
- cspGenSha1Hash(blobToHash.data(), blobToHash.length(),
- outHash->Data);
- freeCssmData(blobToHash, privAllocator);
- *OutData = outHash;
- return;
- }
- default:
- CssmError::throwMe(CSSMERR_CSP_INVALID_PASSTHROUGH_ID);
- }
- /* NOT REACHED */
-}
-
-/*
- * CSPSession version of QueryKeySizeInBits.
- */
-void AppleCSPSession::getKeySize(const CssmKey &key,
- CSSM_KEY_SIZE &size)
-{
- CSPKeyInfoProvider *provider = infoProvider(key);
- try {
- provider->QueryKeySizeInBits(size);
- }
- catch(...) {
- /* don't leak this on error */
- delete provider;
- throw;
- }
- delete provider;
-}
-
-void AppleCSPSession::getRandomBytes(size_t length, uint8 *cp)
-{
- try {
- cspGetRandomBytes(cp, (unsigned)length);
- }
- catch(...) {
- errorLog0("CSP: YarrowClient failure\n");
- }
-}
-
-void AppleCSPSession::addEntropy(size_t length, const uint8 *cp)
-{
- try {
- cspAddEntropy(cp, (unsigned)length);
- }
- catch(...) {
- #if CSP_ALLOW_FEE_RNG
- return;
- #else
- throw;
- #endif
- }
-}
-
-/***
- *** CSPKeyInfoProvider support.
- ***/
-
-/*
- * Find a CSPKeyInfoProvider subclass for the specified key.
- */
-CSPKeyInfoProvider *AppleCSPSession::infoProvider(
- const CssmKey &key)
-{
- CSPKeyInfoProvider *provider = NULL;
-
- #ifdef BSAFE_CSP_ENABLE
- /* Give BSAFE first shot, if it's here */
- provider = BSafe::BSafeKeyInfoProvider::provider(key, *this);
- if(provider != NULL) {
- return provider;
- }
- #endif
-
- provider = RSAKeyInfoProvider::provider(key, *this);
- if(provider != NULL) {
- return provider;
- }
-
- provider = SymmetricKeyInfoProvider::provider(key, *this);
- if(provider != NULL) {
- return provider;
- }
-
- #ifdef CRYPTKIT_CSP_ENABLE
- provider = CryptKit::FEEKeyInfoProvider::provider(key, *this);
- if(provider != NULL) {
- return provider;
- }
- #endif
-
- provider = DSAKeyInfoProvider::provider(key, *this);
- if(provider != NULL) {
- return provider;
- }
-
- provider = DHKeyInfoProvider::provider(key, *this);
- if(provider != NULL) {
- return provider;
- }
-
- CssmError::throwMe(CSSMERR_CSP_INVALID_KEY);
-}
-
projects / apple / security.git / blobdiff