1/*
2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19//
20// AppleCSPContext.h - CSP-wide contexts
21//
22#ifndef _H_APPLE_CSP_CONTEXT
23#define _H_APPLE_CSP_CONTEXT
24
25#include <security_cdsa_plugin/CSPsession.h>
26#include "BinaryKey.h"
27
28//
29// Parent class for all CSPContexts implemented in this CSP.
30// Currently the only thing we add is a reference to our
31// creator's session.
32//
33class AppleCSPSession;
34
35class AppleCSPContext : public CSPFullPluginSession::CSPContext
36{
37public:
38	AppleCSPContext(AppleCSPSession &session)
39		: mSession(session) {}
40
41    ~AppleCSPContext();
42
43	/*
44	 * get symmetric key bits - context.key can be either ref or raw.
45	 * A convenience routine typically used by symmetric contexts'
46	 * init() routines.
47	 */
48	static void symmetricKeyBits(
49		const Context 	&context,
50		AppleCSPSession &session,
51		CSSM_ALGORITHMS	requiredAlg,	// throws if this doesn't match key alg
52		CSSM_KEYUSE 	intendedUse,	// throws if key usage doesn't match this
53		uint8			*&keyBits,		// RETURNED (not mallocd or copied)
54		CSSM_SIZE		&keyLen);		// RETURNED
55
56protected:
57	AppleCSPSession	&session() { return mSession; }
58
59private:
60	AppleCSPSession	&mSession;
61};
62
63//
64// Context for CSSM_ALGID_APPLE_YARROW.
65//
66class YarrowContext : public AppleCSPContext
67{
68public:
69	YarrowContext(AppleCSPSession &session);
70	virtual ~YarrowContext();
71	virtual void init(const Context &context, bool encoding = true);
72	void final(CssmData &out);
73	size_t outputSize(bool final, size_t inSize) { return outSize; }
74
75private:
76	uint32	outSize;
77};
78
79//
80// Classes which inherit from AppleCSPContext and which also perform
81// key pair generation inherit from this class as well.
82//
83class AppleKeyPairGenContext  {
84public:
85	virtual ~AppleKeyPairGenContext();
86
87	//
88	// Subclass implements generate(const Context &, CssmKey &,
89	// CssmKey &). That method (called from CSPFullPluginSession)
90	// allocates two subclass-specific BinaryKeys and calls this
91	// method. This will eventually call down to generate(const Context &,
92	// BinaryKey &, BinaryKey &) and optionally to
93	// BinaryKey::generateKeyBlob.
94	//
95	void generate(
96		const Context 	&context,
97		AppleCSPSession	&session,		// for ref keys
98		CssmKey 		&pubKey,
99		BinaryKey 		*pubBinKey,
100		CssmKey 		&privKey,
101		BinaryKey		*privBinKey);
102
103protected:
104	// Subclasses must implement this. It cooks up a key pair.
105	virtual void generate(
106		const Context 	&context,
107		BinaryKey		&pubBinKey,		// valid on successful return
108		BinaryKey		&privBinKey, 	// ditto
109		uint32 			&keySize) = 0;	// ditto
110};
111
112//
113// Classes which inherit from AppleCSPContext and which also perform
114// symmetric key generation inherit from this class as well.
115//
116class AppleSymmKeyGenContext  {
117public:
118	//
119	// Subclass implements generate(const Context &, CssmKey &,
120	// CssmKey &). Note that the second CssmKey is a dummy
121	// argument. That method merely calls generateSymKey, allowing us
122	// to get to the associated AppleCSPSession if we need to
123	// store reference keys. We take care of all attribute and
124	// usage validation and of header formatting. Parameters for
125	// validation typlically specified in constructor via an
126	// algorithm factory.
127	//
128	AppleSymmKeyGenContext(
129		uint32			minSize,	// in bits
130		uint32			maxSize,	// ditto
131		bool			byteSized)	// true --> key size must
132									//   be multiple of 8 bits
133		:	minSizeInBits(minSize),
134			maxSizeInBits(maxSize),
135			mustBeByteSized(byteSized)  {}
136
137	void generateSymKey(
138		const Context 	&context,
139		AppleCSPSession	&session,		// for ref keys
140		CssmKey 		&cssmKey);		// RETURNED
141
142private:
143	uint32			minSizeInBits;
144	uint32			maxSizeInBits;
145	bool			mustBeByteSized;
146
147};
148
149/*
150 * Generic symmetric key generation context, for algorithms whose
151 * requirements can be expressed in min/max key size and
152 * mustBeByteSized. Such algorithms just need create one of these
153 * from an algorithm factory.
154 */
155class AppleSymmKeyGenerator : public AppleCSPContext, private AppleSymmKeyGenContext {
156public:
157	AppleSymmKeyGenerator(
158		AppleCSPSession &session,
159		uint32			minSize,		// in bits
160		uint32			maxSize,		// ditto
161		bool			byteSized) :	// true --> key size must
162										//   be multiple of 8 bits
163			AppleCSPContext(session),
164			AppleSymmKeyGenContext(minSize, maxSize, byteSized) { }
165
166	void init(const Context &context, bool encoding = true) { }
167
168	/* this just passes the request up to AppleSymmKeyGenContext */
169	void generate(
170		const Context 	&context,
171		CssmKey 		&symKey,
172		CssmKey 		&dummyKey) {
173			AppleSymmKeyGenContext::generateSymKey(
174					context,
175					session(),
176					symKey);
177		}
178
179};
180
181#endif	/* _H_APPLE_CSP_CONTEXT */
182