]> git.saurik.com Git - apple/securityd.git/blob - src/tokenkey.cpp
securityd-55126.2.tar.gz
[apple/securityd.git] / src / tokenkey.cpp
1 /*
2 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 //
26 // tokenkey - remote reference key on an attached hardware token
27 //
28 #include "tokenkey.h"
29 #include "tokendatabase.h"
30
31
32 //
33 // Construct a TokenKey from a reference handle and key header
34 //
35 TokenKey::TokenKey(TokenDatabase &db, KeyHandle tokenKey, const CssmKey::Header &hdr)
36 : Key(db), mKey(tokenKey), mHeader(hdr)
37 {
38 db.addReference(*this);
39 }
40
41
42 //
43 // Destruction of a TokenKey releases the reference from tokend
44 //
45 TokenKey::~TokenKey()
46 {
47 try {
48 database().token().tokend().releaseKey(mKey);
49 } catch (...) {
50 secdebug("tokendb", "%p release key handle %u threw (ignored)",
51 this, mKey);
52 }
53 }
54
55
56 //
57 // Links through the object mesh
58 //
59 TokenDatabase &TokenKey::database() const
60 {
61 return referent<TokenDatabase>();
62 }
63
64 Token &TokenKey::token()
65 {
66 return database().token();
67 }
68
69 GenericHandle TokenKey::tokenHandle() const
70 {
71 return mKey; // tokend-side handle
72 }
73
74
75 //
76 // Canonical external attributes (taken directly from the key header)
77 //
78 CSSM_KEYATTR_FLAGS TokenKey::attributes()
79 {
80 return mHeader.attributes();
81 }
82
83
84 //
85 // Return-to-caller processing (trivial in this case)
86 //
87 void TokenKey::returnKey(Handle &h, CssmKey::Header &hdr)
88 {
89 h = this->handle();
90 hdr = mHeader;
91 }
92
93
94 //
95 // We're a key (duh)
96 //
97 AclKind TokenKey::aclKind() const
98 {
99 return keyAcl;
100 }
101
102
103 //
104 // Right now, key ACLs are at the process level
105 //
106 SecurityServerAcl &TokenKey::acl()
107 {
108 return *this;
109 }
110
111
112 //
113 // The related database is, naturally enough, the TokenDatabase we're in
114 //
115 Database *TokenKey::relatedDatabase()
116 {
117 return &database();
118 }
119
120
121 //
122 // Generate the canonical key digest.
123 // This is not currently supported through tokend. If we need it,
124 // we'll have to force unlock and fake it (in tokend, most likely).
125 //
126 const CssmData &TokenKey::canonicalDigest()
127 {
128 CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
129 }