1/* 2 * Copyright (c) 2000-2001,2011-2012,2014 Apple Inc. All Rights Reserved. 3 * 4 * The contents of this file constitute Original Code as defined in and are 5 * subject to the Apple Public Source License Version 1.2 (the 'License'). 6 * You may not use this file except in compliance with the License. Please obtain 7 * a copy of the License at http://www.apple.com/publicsource and read it before 8 * using this file. 9 * 10 * This Original Code and all software distributed under the License are 11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS 12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT 13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the 15 * specific language governing rights and limitations under the License. 16 */ 17 18 19// 20// SSContext.h - Security Server contexts 21// 22#ifndef _H_SS_CONTEXT 23#define _H_SS_CONTEXT 24 25#include <security_cdsa_plugin/CSPsession.h> 26#include <securityd_client/ssclient.h> 27#include <security_cdsa_utilities/digestobject.h> 28#include <security_cdsa_client/cspclient.h> 29 30// 31// Parent class for all CSPContexts implemented in this CSP. Currently the 32// only thing we add is a reference to our creator's session. 33// 34class SSCSPSession; 35class SSKey; 36 37class SSContext : public CSPFullPluginSession::CSPContext 38{ 39public: 40 SSContext(SSCSPSession &session); 41 ~SSContext() { clearOutBuf(); } 42 virtual void init(const Context &context, bool encoding); 43 44protected: 45 SecurityServer::ClientSession &clientSession(); 46 SSCSPSession &mSession; 47 48 // mOutBuf provides a holding tank for implied final() operations 49 // resulting from an outputSize(true, 0). This form of outputSize() 50 // is understood to only occur just prior to the final() call. To avoid 51 // an extra RPC (just to perform the outputSize(), most subclasses of 52 // SSContext actually perform the final() operation at this time, 53 // storing the result in mOutBuf. At final(), mOutBuf() is just copied 54 // to the caller's supplied output buffer. 55 CssmData mOutBuf; 56 57 // We remember a pointer to the passed in context and assume it will 58 // remain a valid from init(), update() all the way though the call to 59 // final(). 60 const Context *mContext; 61 62 void clearOutBuf(); 63 void copyOutBuf(CssmData &out); 64}; 65 66// context for signature (sign and verify) 67class SSSignatureContext : public SSContext 68{ 69public: 70 SSSignatureContext(SSCSPSession &session); 71 ~SSSignatureContext(); 72 virtual void init(const Context &context, bool signing); 73 virtual void update(const CssmData &data); 74 virtual size_t outputSize(bool final, size_t inSize); 75 76 /* sign */ 77 void sign(CssmData &sig); 78 virtual void final(CssmData &out); 79 80 /* verify */ 81 virtual void final(const CssmData &in); 82 83 /* for raw sign/verify - optionally called after init */ 84 virtual void setDigestAlgorithm(CSSM_ALGORITHMS digestAlg); 85 86private: 87 /* stash the context's key for final sign/verify */ 88 SecurityServer::KeyHandle mKeyHandle; 89 90 /* alg-dependent, calculated at init time */ 91 CSSM_ALGORITHMS mSigAlg; // raw signature alg 92 CSSM_ALGORITHMS mDigestAlg; // digest 93 94 /* exactly one of these is used to collect updates */ 95 NullDigest *mNullDigest; 96 CssmClient::Digest *mDigest; 97}; 98 99// Context for GenerateRandom operations 100class SSRandomContext : public SSContext 101{ 102public: 103 SSRandomContext(SSCSPSession &session); 104 virtual void init(const Context &context, bool); 105 virtual size_t outputSize(bool final, size_t inSize); 106 virtual void final(CssmData &out); 107 108private: 109 uint32 mOutSize; // spec'd in context at init() time 110}; 111 112// Context for Encrypt and Decrypt operations 113class SSCryptContext : public SSContext 114{ 115public: 116 SSCryptContext(SSCSPSession &session); 117 ~SSCryptContext(); 118 virtual void init(const Context &context, bool encoding); 119 virtual size_t inputSize(size_t outSize); 120 virtual size_t outputSize(bool final, size_t inSize); 121 virtual void minimumProgress(size_t &in, size_t &out); 122 virtual void update(void *inp, size_t &inSize, void *outp, 123 size_t &outSize); 124 virtual void final(CssmData &out); 125 126private: 127 SecurityServer::KeyHandle mKeyHandle; 128 NullDigest mNullDigest; // accumulator 129}; 130 131// Digest, using raw CSP 132class SSDigestContext : public SSContext 133{ 134public: 135 SSDigestContext(SSCSPSession &session); 136 ~SSDigestContext(); 137 virtual void init(const Context &context, bool); 138 virtual void update(const CssmData &data); 139 virtual void final(CssmData &out); 140 virtual size_t outputSize(bool final, size_t inSize); 141 142private: 143 CssmClient::Digest *mDigest; 144}; 145 146// common class for MAC generate, verify 147class SSMACContext : public SSContext 148{ 149public: 150 SSMACContext(SSCSPSession &session); 151 virtual void init(const Context &context, bool); 152 virtual void update(const CssmData &data); 153 virtual size_t outputSize(bool final, size_t inSize); 154 155 /* sign */ 156 void genMac(CssmData &mac); 157 virtual void final(CssmData &out); 158 /* verify */ 159 virtual void final(const CssmData &in); 160 161private: 162 SecurityServer::KeyHandle mKeyHandle; 163 NullDigest mNullDigest; // accumulator 164}; 165 166 167#endif // _H_SS_CONTEXT 168