#ifndef _APPLE_CSP_SESSION_H_
#define _APPLE_CSP_SESSION_H_
#include <Security/cssmplugin.h>
#include <Security/pluginsession.h>
#include <Security/CSPsession.h>
#include <Security/threading.h>
#include "BinaryKey.h"
#include "AppleCSPUtils.h"
class CSPKeyInfoProvider;
class AppleCSPPlugin;
#ifdef BSAFE_CSP_ENABLE
class BSafeFactory;
#endif
#ifdef CRYPTKIT_CSP_ENABLE
class CryptKitFactory;
#endif
class MiscAlgFactory;
#ifdef ASC_CSP_ENABLE
class AscAlgFactory;
#endif
class RSA_DSA_Factory;
class DH_Factory;
class AppleCSPSession : public CSPFullPluginSession {
public:
AppleCSPSession(
CSSM_MODULE_HANDLE handle,
AppleCSPPlugin &plug,
const CSSM_VERSION &Version,
uint32 SubserviceID,
CSSM_SERVICE_TYPE SubServiceType,
CSSM_ATTACH_FLAGS AttachFlags,
const CSSM_UPCALLS &upcalls);
~AppleCSPSession();
CSPContext *contextCreate(
CSSM_CC_HANDLE handle,
const Context &context);
void setupContext(
CSPContext * &cspCtx,
const Context &context,
bool encoding);
void FreeKey(const AccessCredentials *AccessCred,
CssmKey &KeyPtr,
CSSM_BOOL Delete);
void UnwrapKey(CSSM_CC_HANDLE CCHandle,
const Context &Context,
const CssmKey *PublicKey,
const CssmKey &WrappedKey,
uint32 KeyUsage,
uint32 KeyAttr,
const CssmData *KeyLabel,
const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry,
CssmKey &UnwrappedKey,
CssmData &DescriptiveData,
CSSM_PRIVILEGE Privilege);
void WrapKey(CSSM_CC_HANDLE CCHandle,
const Context &Context,
const AccessCredentials &AccessCred,
const CssmKey &Key,
const CssmData *DescriptiveData,
CssmKey &WrappedKey,
CSSM_PRIVILEGE Privilege);
void DeriveKey(CSSM_CC_HANDLE CCHandle,
const Context &Context,
CssmData &Param,
uint32 KeyUsage,
uint32 KeyAttr,
const CssmData *KeyLabel,
const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry,
CssmKey &DerivedKey);
void PassThrough(CSSM_CC_HANDLE CCHandle,
const Context &Context,
uint32 PassThroughId,
const void *InData,
void **OutData);
void getKeySize(const CssmKey &key,
CSSM_KEY_SIZE &size);
void addRefKey(
BinaryKey &binKey,
CssmKey &cssmKey);
BinaryKey &lookupRefKey(
const CssmKey &cssmKey);
void getRandomBytes(size_t length, uint8 *cp);
void addEntropy(size_t length, const uint8 *cp);
CssmAllocator &normAlloc() { return normAllocator; }
CssmAllocator &privAlloc() { return privAllocator; }
#ifdef BSAFE_CSP_ENABLE
BSafeFactory &bSafe4Factory;
#endif
#ifdef CRYPTKIT_CSP_ENABLE
CryptKitFactory &cryptKitFactory;
#endif
MiscAlgFactory &miscAlgFactory;
#ifdef ASC_CSP_ENABLE
AscAlgFactory &ascAlgFactory;
#endif
RSA_DSA_Factory &rsaDsaAlgFactory;
DH_Factory &dhAlgFactory;
private:
typedef std::map<KeyRef, const BinaryKey *> keyMap;
keyMap refKeyMap;
Mutex refKeyMapLock;
CssmAllocator &normAllocator;
CssmAllocator &privAllocator;
BinaryKey *lookupKeyRef(KeyRef keyRef);
void DeriveKey_PBKDF2(
const Context &Context,
const CssmData &Param,
CSSM_DATA *keyData);
void WrapKeyCms(
CSSM_CC_HANDLE CCHandle,
const Context &Context,
const AccessCredentials &AccessCred,
const CssmKey &UnwrappedKey,
CssmData &rawBlob,
bool allocdRawBlob, const CssmData *DescriptiveData,
CssmKey &WrappedKey,
CSSM_PRIVILEGE Privilege);
void UnwrapKeyCms(
CSSM_CC_HANDLE CCHandle,
const Context &Context,
const CssmKey &WrappedKey,
const CSSM_RESOURCE_CONTROL_CONTEXT *CredAndAclEntry,
CssmKey &UnwrappedKey,
CssmData &DescriptiveData,
CSSM_PRIVILEGE Privilege,
cspKeyStorage keyStorage);
bool setup(
CSPFullPluginSession::CSPContext * &cspCtx,
const Context &context);
CSPKeyInfoProvider *infoProvider(
const CssmKey &key);
};
class CSPKeyInfoProvider
{
protected:
CSPKeyInfoProvider(
const CssmKey &cssmKey) : mKey(cssmKey) { }
public:
virtual ~CSPKeyInfoProvider() { }
virtual void CssmKeyToBinary(
BinaryKey **binKey) = 0;
virtual void QueryKeySizeInBits(
CSSM_KEY_SIZE &keySize) = 0;
protected:
const CssmKey &mKey;
};
class SymmetricKeyInfoProvider : public CSPKeyInfoProvider
{
private:
SymmetricKeyInfoProvider(
const CssmKey &cssmKey);
public:
static CSPKeyInfoProvider *provider(
const CssmKey &cssmKey);
~SymmetricKeyInfoProvider() { }
void CssmKeyToBinary(
BinaryKey **binKey); void QueryKeySizeInBits(
CSSM_KEY_SIZE &keySize); };
#endif //_APPLE_CSP_SESSION_H_