src/key.h

   1 /*
   2  * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * Copyright (c) 1999-2003 Apple Computer, Inc.  All Rights Reserved.
   7  *
   8  * This file contains Original Code and/or Modifications of Original Code
   9  * as defined in and that are subject to the Apple Public Source License
  10  * Version 2.0 (the 'License'). You may not use this file except in
  11  * compliance with the License. Please obtain a copy of the License at
  12  * http://www.opensource.apple.com/apsl/ and read it before using this
  13  * file.
  14  *
  15  * The Original Code and all software distributed under the License are
  16  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  17  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  18  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  19  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  20  * Please see the License for the specific language governing rights and
  21  * limitations under the License.
  22  *
  23  * @APPLE_LICENSE_HEADER_END@
  24  */
  25
  26
  27 //
  28 // key - representation of SecurityServer key objects
  29 //
  30 #ifndef _H_KEY
  31 #define _H_KEY
  32
  33 #include "securityserver.h"
  34 #include "structure.h"
  35 #include "acls.h"
  36 #include <security_cdsa_utilities/handleobject.h>
  37 #include <security_cdsa_client/keyclient.h>
  38
  39
  40 class Database;
  41
  42
  43 //
  44 // A Key object represents a CSSM_KEY known to the SecurityServer.
  45 // We give each Key a handle that allows our clients to access it, while we use
  46 // the Key's ACL to control such accesses.
  47 // A Key can be used by multiple Connections. Whether more than one Key can represent
  48 // the same actual key object is up to the CSP we use, so let's be tolerant about that.
  49 //
  50 // A note on key attributes: We keep two sets of attribute bits. The internal bits are used
  51 // when talking to our CSP; the external bits are used when negotiating with our client(s).
  52 // The difference is the bits in managedAttributes, which relate to persistent key storage
  53 // and are not digestible by our CSP. The internal attributes are kept in mKey. The external
  54 // ones are kept in mAttributes.
  55 //
  56 class Key : public PerProcess, public SecurityServerAcl {
  57 public:
  58         Key();
  59
  60         Database &database() const;
  61
  62         virtual const CssmData &canonicalDigest() = 0;
  63         virtual CSSM_KEYATTR_FLAGS attributes() = 0;
  64
  65         virtual void returnKey(Handle &h, CssmKey::Header &hdr) = 0;
  66
  67 public:
  68     // key attributes that should not be passed on to the CSP
  69     static const uint32 managedAttributes = KeyBlob::managedAttributes;
  70         // these attributes are "forced on" in internal keys (but not always in external attributes)
  71         static const uint32 forcedAttributes = KeyBlob::forcedAttributes;
  72         // these attributes are internally generated, and invalid on input
  73         static const uint32 generatedAttributes =
  74                 CSSM_KEYATTR_ALWAYS_SENSITIVE | CSSM_KEYATTR_NEVER_EXTRACTABLE;
  75
  76         // a version of KeySpec that self-checks and masks for CSP operation
  77         class KeySpec : public CssmClient::KeySpec {
  78         public:
  79                 KeySpec(uint32 usage, uint32 attrs);
  80                 KeySpec(uint32 usage, uint32 attrs, const CssmData &label);
  81         };
  82 };
  83
  84
  85 #endif //_H_KEY