1/* 2 * Copyright (c) 2004,2011-2012,2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25// 26// SDContext.h - Security Server contexts 27// 28#ifndef _H_SD_CONTEXT 29#define _H_SD_CONTEXT 30 31#include <security_cdsa_plugin/CSPsession.h> 32#include <securityd_client/ssclient.h> 33#include <security_cdsa_utilities/digestobject.h> 34#include <security_cdsa_client/cspclient.h> 35 36// 37// Parent class for all CSPContexts implemented in this CSP. Currently the 38// only thing we add is a reference to our creator's session. 39// 40class SDCSPSession; 41class SDKey; 42 43class SDContext : public CSPFullPluginSession::CSPContext 44{ 45public: 46 SDContext(SDCSPSession &session); 47 ~SDContext() { clearOutBuf(); } 48 virtual void init(const Context &context, bool encoding); 49 50protected: 51 SecurityServer::ClientSession &clientSession(); 52 SDCSPSession &mSession; 53 54 // mOutBuf provides a holding tank for implied final() operations 55 // resulting from an outputSize(true, 0). This form of outputSize() 56 // is understood to only occur just prior to the final() call. To avoid 57 // an extra RPC (just to perform the outputSize(), most subclasses of 58 // SDContext actually perform the final() operation at this time, 59 // storing the result in mOutBuf. At final(), mOutBuf() is just copied 60 // to the caller's supplied output buffer. 61 CssmData mOutBuf; 62 63 // We remember a pointer to the passed in context and assume it will 64 // remain a valid from init(), update() all the way though the call to 65 // final(). 66 const Context *mContext; 67 68 void clearOutBuf(); 69 void copyOutBuf(CssmData &out); 70}; 71 72// context for signature (sign and verify) 73class SDSignatureContext : public SDContext 74{ 75public: 76 SDSignatureContext(SDCSPSession &session); 77 ~SDSignatureContext(); 78 virtual void init(const Context &context, bool signing); 79 virtual void update(const CssmData &data); 80 virtual size_t outputSize(bool final, size_t inSize); 81 82 /* sign */ 83 void sign(CssmData &sig); 84 virtual void final(CssmData &out); 85 86 /* verify */ 87 virtual void final(const CssmData &in); 88 89 /* for raw sign/verify - optionally called after init */ 90 virtual void setDigestAlgorithm(CSSM_ALGORITHMS digestAlg); 91 92private: 93 /* stash the context's key for final sign/verify */ 94 SecurityServer::KeyHandle mKeyHandle; 95 96 /* alg-dependent, calculated at init time */ 97 CSSM_ALGORITHMS mSigAlg; // raw signature alg 98 CSSM_ALGORITHMS mDigestAlg; // digest 99 100 /* exactly one of these is used to collect updates */ 101 NullDigest *mNullDigest; 102 CssmClient::Digest *mDigest; 103}; 104 105// Context for GenerateRandom operations 106class SDRandomContext : public SDContext 107{ 108public: 109 SDRandomContext(SDCSPSession &session); 110 virtual void init(const Context &context, bool); 111 virtual size_t outputSize(bool final, size_t inSize); 112 virtual void final(CssmData &out); 113 114private: 115 uint32 mOutSize; // spec'd in context at init() time 116}; 117 118// Context for Encrypt and Decrypt operations 119class SDCryptContext : public SDContext 120{ 121public: 122 SDCryptContext(SDCSPSession &session); 123 ~SDCryptContext(); 124 virtual void init(const Context &context, bool encoding); 125 virtual size_t inputSize(size_t outSize); 126 virtual size_t outputSize(bool final, size_t inSize); 127 virtual void minimumProgress(size_t &in, size_t &out); 128 virtual void update(void *inp, size_t &inSize, void *outp, 129 size_t &outSize); 130 virtual void final(CssmData &out); 131 132private: 133 SecurityServer::KeyHandle mKeyHandle; 134 NullDigest mNullDigest; // accumulator 135}; 136 137// Digest, using raw CSP 138class SDDigestContext : public SDContext 139{ 140public: 141 SDDigestContext(SDCSPSession &session); 142 ~SDDigestContext(); 143 virtual void init(const Context &context, bool); 144 virtual void update(const CssmData &data); 145 virtual void final(CssmData &out); 146 virtual size_t outputSize(bool final, size_t inSize); 147 148private: 149 CssmClient::Digest *mDigest; 150}; 151 152// common class for MAC generate, verify 153class SDMACContext : public SDContext 154{ 155public: 156 SDMACContext(SDCSPSession &session); 157 virtual void init(const Context &context, bool); 158 virtual void update(const CssmData &data); 159 virtual size_t outputSize(bool final, size_t inSize); 160 161 /* sign */ 162 void genMac(CssmData &mac); 163 virtual void final(CssmData &out); 164 /* verify */ 165 virtual void final(const CssmData &in); 166 167private: 168 SecurityServer::KeyHandle mKeyHandle; 169 NullDigest mNullDigest; // accumulator 170}; 171 172 173#endif // _H_SD_CONTEXT 174