71 void LocalDatabase::generateSignature(const Context &context, Key &key,
74 	context.replace(CSSM_ATTRIBUTE_KEY, myKey(key).cssmKey());
75 	key.validate(CSSM_ACL_AUTHORIZATION_SIGN, context);
76 	CssmClient::Sign signer(Server::csp(), context.algorithm(), signOnlyAlgorithm);
77 	signer.override(context);
81 void LocalDatabase::verifySignature(const Context &context, Key &key,
84 	context.replace(CSSM_ATTRIBUTE_KEY, myKey(key).cssmKey());
85 	CssmClient::Verify verifier(Server::csp(), context.algorithm(), verifyOnlyAlgorithm);
86 	verifier.override(context);
90 void LocalDatabase::generateMac(const Context &context, Key &key,
93 	context.replace(CSSM_ATTRIBUTE_KEY, myKey(key).cssmKey());
94 	key.validate(CSSM_ACL_AUTHORIZATION_MAC, context);
95 	CssmClient::GenerateMac signer(Server::csp(), context.algorithm());
96 	signer.override(context);
100 void LocalDatabase::verifyMac(const Context &context, Key &key,
103 	context.replace(CSSM_ATTRIBUTE_KEY, myKey(key).cssmKey());
104 	key.validate(CSSM_ACL_AUTHORIZATION_MAC, context);
105 	CssmClient::VerifyMac verifier(Server::csp(), context.algorithm());
106 	verifier.override(context);
114 void LocalDatabase::encrypt(const Context &context, Key &key,
117 	context.replace(CSSM_ATTRIBUTE_KEY, myKey(key).cssmKey());
118 	key.validate(CSSM_ACL_AUTHORIZATION_ENCRYPT, context);
119 	CssmClient::Encrypt cryptor(Server::csp(), context.algorithm());
120 	cryptor.override(context);
129 void LocalDatabase::decrypt(const Context &context, Key &key,
132 	context.replace(CSSM_ATTRIBUTE_KEY, myKey(key).cssmKey());
133 	key.validate(CSSM_ACL_AUTHORIZATION_DECRYPT, context);
134 	CssmClient::Decrypt cryptor(Server::csp(), context.algorithm());
135 	cryptor.override(context);
150 void LocalDatabase::generateKey(const Context &context,
154 	// prepare a context
155 	CssmClient::GenerateKey generate(Server::csp(), context.algorithm());
156 	generate.override(context);
167 void LocalDatabase::generateKey(const Context &context,
172 	// prepare a context
173 	CssmClient::GenerateKey generate(Server::csp(), context.algorithm());
174 	generate.override(context);
194 // Note that the key argument (the key in the context) is optional because of the special
198 void LocalDatabase::wrapKey(const Context &context, const AccessCredentials *cred,
202     keyToBeWrapped.validate(context.algorithm() == CSSM_ALGID_NONE ?
206         context.replace(CSSM_ATTRIBUTE_KEY, myKey(*wrappingKey).cssmKey());
207 		wrappingKey->validate(CSSM_ACL_AUTHORIZATION_ENCRYPT, context);
209     CssmClient::WrapKey wrap(Server::csp(), context.algorithm());
210     wrap.override(context);
215 void LocalDatabase::unwrapKey(const Context &context,
221         context.replace(CSSM_ATTRIBUTE_KEY, myKey(*wrappingKey).cssmKey());
222 		wrappingKey->validate(CSSM_ACL_AUTHORIZATION_DECRYPT, context);
226     CssmClient::UnwrapKey unwrap(Server::csp(), context.algorithm());
227     unwrap.override(context);
247 void LocalDatabase::deriveKey(const Context &context, Key *key,
252 		key->validate(CSSM_ACL_AUTHORIZATION_DERIVE, context);
253         context.replace(CSSM_ATTRIBUTE_KEY, myKey(*key).cssmKey());
255 	CssmClient::DeriveKey derive(Server::csp(), context.algorithm(), CSSM_ALGID_NONE);
256 	derive.override(context);
271 void LocalDatabase::getOutputSize(const Context &context, Key &key, uint32 inputSize,
274     // We're fudging here somewhat, since the context can be any type.
276 	context.replace(CSSM_ATTRIBUTE_KEY, myKey(key).cssmKey());
277     CssmClient::Digest ctx(Server::csp(), context.algorithm());
278     ctx.override(context);

Indexes created Wed Jun 26 11:41:58 MDT 2024