1/*
2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19/*
20 * FEEAsymmetricContext.h - CSPContexts for FEE asymmetric encryption
21 *
22 */
23
24#ifdef	CRYPTKIT_CSP_ENABLE
25
26#ifndef _FEE_ASYMMETRIC_CONTEXT_H_
27#define _FEE_ASYMMETRIC_CONTEXT_H_
28
29#include <security_cdsa_plugin/CSPsession.h>
30#include "AppleCSP.h"
31#include "AppleCSPContext.h"
32#include "AppleCSPSession.h"
33#include "BlockCryptor.h"
34#include <security_cryptkit/feeFEED.h>
35#include <security_cryptkit/feeFEEDExp.h>
36
37namespace CryptKit {
38
39class FEEDContext : public BlockCryptor {
40public:
41	FEEDContext(AppleCSPSession &session) :
42		BlockCryptor(session),
43		mFeeFeed(NULL),
44		mPrivKey(NULL),
45		mPubKey(NULL),
46		mInitFlag(false) 	{ }
47	~FEEDContext();
48
49	/* called by CSPFullPluginSession */
50	void init(const Context &context, bool encoding = true);
51
52	/* called by BlockCryptor */
53	void encryptBlock(
54		const void		*plainText,			// length implied (one block)
55		size_t			plainTextLen,
56		void			*cipherText,
57		size_t			&cipherTextLen,		// in/out, throws on overflow
58		bool			final);
59	void decryptBlock(
60		const void		*cipherText,		// length implied (one cipher block)
61		size_t			cipherTextLen,
62		void			*plainText,
63		size_t			&plainTextLen,		// in/out, throws on overflow
64		bool			final);
65
66	/*
67 	 * Additional query size support, necessary because we don't conform to
68	 * BlockCryptor's standard one-to-one block scheme
69	 */
70 	size_t inputSize(
71		size_t 			outSize);			// input for given output size
72	size_t outputSize(
73		bool 			final = false,
74		size_t 			inSize = 0); 		// output for given input size
75	void minimumProgress(
76		size_t 			&in,
77		size_t 			&out); 				// minimum progress chunks
78
79
80private:
81		feeFEED			mFeeFeed;
82		feePubKey		mPrivKey;
83		bool			mAllocdPrivKey;
84		feePubKey		mPubKey;
85		bool			mAllocdPubKey;
86		bool			mInitFlag;			// allows easy reuse
87};	/* FEEDContext */
88
89
90class FEEDExpContext : public BlockCryptor {
91public:
92	FEEDExpContext(AppleCSPSession &session) :
93		BlockCryptor(session),
94		mFeeFeedExp(NULL),
95		mFeeKey(NULL),
96		mInitFlag(false) 	{ }
97
98	~FEEDExpContext();
99
100	/* called by CSPFullPluginSession */
101	void init(const Context &context, bool encoding = true);
102
103	/* called by BlockCryptor */
104	void encryptBlock(
105		const void		*plainText,			// length implied (one block)
106		size_t			plainTextLen,
107		void			*cipherText,
108		size_t			&cipherTextLen,		// in/out, throws on overflow
109		bool			final);
110	void decryptBlock(
111		const void		*cipherText,		// length implied (one cipher block)
112		size_t			cipherTextLen,
113		void			*plainText,
114		size_t			&plainTextLen,		// in/out, throws on overflow
115		bool			final);
116
117private:
118		feeFEEDExp		mFeeFeedExp;
119		feePubKey		mFeeKey;
120		bool			mAllocdFeeKey;
121		bool			mInitFlag;			// allows easy reuse
122};	/* FEEDExpContext */
123
124/*
125 * Elliptic curve Diffie-Hellman key exchange. The public key is
126 * specified in one of two ways - a raw X9.62 format public key
127 * string in Param, or a CSSM_KEY in the Context.
128 * Requested size, in keyData->Length, must be the same size as
129 * the keys' modulus. Data is returned in keyData->Data, which is
130 * allocated by the caller.
131 * Optionally performs X9.63 key derivation if algId ==
132 * CSSM_ALGID_ECDH_X963_KDF, with the optional SharedInfo passed
133 * as optional context attribute CSSM_ATTRIBUTE_SALT.
134 */
135extern void DeriveKey_ECDH (
136	const Context &context,
137	CSSM_ALGORITHMS algId,
138	const CssmData &Param,
139	CSSM_DATA *keyData,
140	AppleCSPSession &session);
141
142} /* namespace CryptKit */
143
144#endif 	/* _FEE_ASYMMETRIC_CONTEXT_H_ */
145#endif	/* CRYPTKIT_CSP_ENABLE */
146