1/* 2 * Copyright (c) 2002-2010 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24// 25// KeyItem.h 26// 27#ifndef _SECURITY_KEYITEM_H_ 28#define _SECURITY_KEYITEM_H_ 29 30#include <security_keychain/Item.h> 31#include <Security/SecKeyPriv.h> 32 33namespace Security 34{ 35 36namespace KeychainCore 37{ 38 39class KeyItem : public ItemImpl 40{ 41 NOCOPY(KeyItem) 42public: 43 SECCFFUNCTIONS(KeyItem, SecKeyRef, errSecInvalidItemRef, gTypes().KeyItem) 44 45 // db item constructor 46private: 47 KeyItem(const Keychain &keychain, const PrimaryKey &primaryKey, const CssmClient::DbUniqueRecord &uniqueId); 48 49 // PrimaryKey item constructor 50 KeyItem(const Keychain &keychain, const PrimaryKey &primaryKey); 51 52public: 53 static KeyItem* make(const Keychain &keychain, const PrimaryKey &primaryKey, const CssmClient::DbUniqueRecord &uniqueId); 54 static KeyItem* make(const Keychain &keychain, const PrimaryKey &primaryKey); 55 56 KeyItem(KeyItem &keyItem); 57 58 KeyItem(const CssmClient::Key &key); 59 60 virtual ~KeyItem(); 61 62 virtual void update(); 63 virtual Item copyTo(const Keychain &keychain, Access *newAccess = NULL); 64 virtual Item importTo(const Keychain &keychain, Access *newAccess = NULL, SecKeychainAttributeList *attrList = NULL); 65 virtual void didModify(); 66 67 CssmClient::SSDbUniqueRecord ssDbUniqueRecord(); 68 CssmClient::Key &key(); 69 CssmClient::CSP csp(); 70 71 const CSSM_X509_ALGORITHM_IDENTIFIER& algorithmIdentifier(); 72 unsigned int strengthInBits(const CSSM_X509_ALGORITHM_IDENTIFIER *algid); 73 74 const AccessCredentials *getCredentials( 75 CSSM_ACL_AUTHORIZATION_TAG operation, 76 SecCredentialType credentialType); 77 78 bool operator == (KeyItem &other); 79 80 static void createPair( 81 Keychain keychain, 82 CSSM_ALGORITHMS algorithm, 83 uint32 keySizeInBits, 84 CSSM_CC_HANDLE contextHandle, 85 CSSM_KEYUSE publicKeyUsage, 86 uint32 publicKeyAttr, 87 CSSM_KEYUSE privateKeyUsage, 88 uint32 privateKeyAttr, 89 SecPointer<Access> initialAccess, 90 SecPointer<KeyItem> &outPublicKey, 91 SecPointer<KeyItem> &outPrivateKey); 92 93 static void importPair( 94 Keychain keychain, 95 const CSSM_KEY &publicCssmKey, 96 const CSSM_KEY &privateCssmKey, 97 SecPointer<Access> initialAccess, 98 SecPointer<KeyItem> &outPublicKey, 99 SecPointer<KeyItem> &outPrivateKey); 100 101 static SecPointer<KeyItem> generate( 102 Keychain keychain, 103 CSSM_ALGORITHMS algorithm, 104 uint32 keySizeInBits, 105 CSSM_CC_HANDLE contextHandle, 106 CSSM_KEYUSE keyUsage, 107 uint32 keyAttr, 108 SecPointer<Access> initialAccess); 109 110 static SecPointer<KeyItem> generateWithAttributes( 111 const SecKeychainAttributeList *attrList, 112 Keychain keychain, 113 CSSM_ALGORITHMS algorithm, 114 uint32 keySizeInBits, 115 CSSM_CC_HANDLE contextHandle, 116 CSSM_KEYUSE keyUsage, 117 uint32 keyAttr, 118 SecPointer<Access> initialAccess); 119 120 virtual const CssmData &itemID(); 121 122 void RawSign(SecPadding padding, CSSM_DATA dataToSign, const AccessCredentials *credentials, CSSM_DATA& signedData); 123 void RawVerify(SecPadding padding, CSSM_DATA dataToVerify, const AccessCredentials *credentials, CSSM_DATA signature); 124 void Encrypt(SecPadding padding, CSSM_DATA dataToEncrypt, const AccessCredentials *credentials, CSSM_DATA& encryptedData); 125 void Decrypt(SecPadding padding, CSSM_DATA dataToEncrypt, const AccessCredentials *credentials, CSSM_DATA& encryptedData); 126 127 virtual CFHashCode hash(); 128 129protected: 130 virtual PrimaryKey add(Keychain &keychain); 131private: 132 CssmClient::Key mKey; 133 const CSSM_X509_ALGORITHM_IDENTIFIER *algid; 134 CssmAutoData mPubKeyHash; 135}; 136 137} // end namespace KeychainCore 138 139} // end namespace Security 140 141#endif // !_SECURITY_KEYITEM_H_ 142