1/* 2 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25// 26// SDDLSession.h - CSP session for security server CSP/DL. 27// 28#ifndef _H_SDCSPSESSION 29#define _H_SDCSPSESSION 30 31#include "SDCSPDLSession.h" 32 33#include <securityd_client/ssclient.h> 34#include <security_cdsa_client/cspclient.h> 35 36 37class SDCSPDLPlugin; 38class SDFactory; 39class SDKey; 40 41class SDCSPSession : public CSPFullPluginSession 42{ 43public: 44 SDCSPDLSession &mSDCSPDLSession; 45 SDFactory &mSDFactory; 46 CssmClient::CSP &mRawCsp; 47 48 SDCSPSession(CSSM_MODULE_HANDLE handle, 49 SDCSPDLPlugin &plug, 50 const CSSM_VERSION &version, 51 uint32 subserviceId, 52 CSSM_SERVICE_TYPE subserviceType, 53 CSSM_ATTACH_FLAGS attachFlags, 54 const CSSM_UPCALLS &upcalls, 55 SDCSPDLSession &ssCSPDLSession, 56 CssmClient::CSP &rawCsp); 57 58 SecurityServer::ClientSession &clientSession() 59 { return mClientSession; } 60 61 CSPContext *contextCreate(CSSM_CC_HANDLE handle, const Context &context); 62#if 0 63 void contextUpdate(CSSM_CC_HANDLE handle, const Context &context, 64 PluginContext *ctx); 65 void contextDelete(CSSM_CC_HANDLE handle, const Context &context, 66 PluginContext *ctx); 67#endif 68 69 void setupContext(CSPContext * &ctx, const Context &context, 70 bool encoding); 71 72 CSSM_DB_HANDLE getDatabase(CSSM_DL_DB_HANDLE *aDLDbHandle); 73 CSSM_DB_HANDLE getDatabase(const Context &context); 74 75 void makeReferenceKey(SecurityServer::KeyHandle inKeyHandle, 76 CssmKey &outKey, CSSM_DB_HANDLE inDBHandle, 77 uint32 inKeyAttr, const CssmData *inKeyLabel); 78 SDKey &lookupKey(const CssmKey &inKey); 79 80 void WrapKey(CSSM_CC_HANDLE CCHandle, 81 const Context &Context, 82 const AccessCredentials &AccessCred, 83 const CssmKey &Key, 84 const CssmData *DescriptiveData, 85 CssmKey &WrappedKey, 86 CSSM_PRIVILEGE Privilege); 87 void UnwrapKey(CSSM_CC_HANDLE CCHandle, 88 const Context &Context, 89 const CssmKey *PublicKey, 90 const CssmKey &WrappedKey, 91 uint32 KeyUsage, 92 uint32 KeyAttr, 93 const CssmData *KeyLabel, 94 const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry, 95 CssmKey &UnwrappedKey, 96 CssmData &DescriptiveData, 97 CSSM_PRIVILEGE Privilege); 98 void DeriveKey(CSSM_CC_HANDLE CCHandle, 99 const Context &Context, 100 CssmData &Param, 101 uint32 KeyUsage, 102 uint32 KeyAttr, 103 const CssmData *KeyLabel, 104 const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry, 105 CssmKey &DerivedKey); 106 void GenerateKey(CSSM_CC_HANDLE ccHandle, 107 const Context &context, 108 uint32 keyUsage, 109 uint32 keyAttr, 110 const CssmData *keyLabel, 111 const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry, 112 CssmKey &key, 113 CSSM_PRIVILEGE privilege); 114 void GenerateKeyPair(CSSM_CC_HANDLE ccHandle, 115 const Context &context, 116 uint32 publicKeyUsage, 117 uint32 publicKeyAttr, 118 const CssmData *publicKeyLabel, 119 CssmKey &publicKey, 120 uint32 privateKeyUsage, 121 uint32 privateKeyAttr, 122 const CssmData *privateKeyLabel, 123 const CSSM_RESOURCE_CONTROL_CONTEXT *credAndAclEntry, 124 CssmKey &privateKey, 125 CSSM_PRIVILEGE privilege); 126 void ObtainPrivateKeyFromPublicKey(const CssmKey &PublicKey, 127 CssmKey &PrivateKey); 128 void QueryKeySizeInBits(CSSM_CC_HANDLE CCHandle, 129 const Context &Context, 130 const CssmKey &Key, 131 CSSM_KEY_SIZE &KeySize); 132 void FreeKey(const AccessCredentials *AccessCred, 133 CssmKey &key, CSSM_BOOL Delete); 134 void GenerateRandom(CSSM_CC_HANDLE ccHandle, 135 const Context &context, 136 CssmData &randomNumber); 137 void Login(const AccessCredentials &AccessCred, 138 const CssmData *LoginName, 139 const void *Reserved); 140 void Logout(); 141 void VerifyDevice(const CssmData &DeviceCert); 142 void GetOperationalStatistics(CSPOperationalStatistics &statistics); 143 void RetrieveCounter(CssmData &Counter); 144 void RetrieveUniqueId(CssmData &UniqueID); 145 void GetTimeValue(CSSM_ALGORITHMS TimeAlgorithm, CssmData &TimeData); 146 void GetKeyOwner(const CssmKey &Key, 147 CSSM_ACL_OWNER_PROTOTYPE &Owner); 148 void ChangeKeyOwner(const AccessCredentials &AccessCred, 149 const CssmKey &Key, 150 const CSSM_ACL_OWNER_PROTOTYPE &NewOwner); 151 void GetKeyAcl(const CssmKey &Key, 152 const CSSM_STRING *SelectionTag, 153 uint32 &NumberOfAclInfos, 154 CSSM_ACL_ENTRY_INFO_PTR &AclInfos); 155 void ChangeKeyAcl(const AccessCredentials &AccessCred, 156 const CSSM_ACL_EDIT &AclEdit, 157 const CssmKey &Key); 158 void GetLoginOwner(CSSM_ACL_OWNER_PROTOTYPE &Owner); 159 void ChangeLoginOwner(const AccessCredentials &AccessCred, 160 const CSSM_ACL_OWNER_PROTOTYPE &NewOwner); 161 void GetLoginAcl(const CSSM_STRING *SelectionTag, 162 uint32 &NumberOfAclInfos, 163 CSSM_ACL_ENTRY_INFO_PTR &AclInfos); 164 void ChangeLoginAcl(const AccessCredentials &AccessCred, 165 const CSSM_ACL_EDIT &AclEdit); 166 void PassThrough(CSSM_CC_HANDLE CCHandle, 167 const Context &Context, 168 uint32 PassThroughId, 169 const void *InData, 170 void **OutData); 171private: 172 /* Validate requested key attr flags for newly generated keys */ 173 void validateKeyAttr(uint32 reqKeyAttr); 174 175 SecurityServer::ClientSession mClientSession; 176}; 177 178 179#endif // _H_SDCSPSESSION 180