#ifndef _SECURITY_KEYITEM_H_
#define _SECURITY_KEYITEM_H_
#include <Security/Item.h>
#include <Security/SecKeyPriv.h>
namespace Security
{
namespace KeychainCore
{
class KeyItem : public ItemImpl
{
NOCOPY(KeyItem)
public:
SECCFFUNCTIONS(KeyItem, SecKeyRef, errSecInvalidItemRef)
KeyItem(const Keychain &keychain, const PrimaryKey &primaryKey, const CssmClient::DbUniqueRecord &uniqueId);
KeyItem(const Keychain &keychain, const PrimaryKey &primaryKey);
KeyItem(KeyItem &keyItem);
KeyItem(const CssmClient::Key &key);
virtual ~KeyItem() throw();
virtual void update();
virtual Item copyTo(const Keychain &keychain, Access *newAccess = NULL);
virtual void didModify();
CssmClient::SSDbUniqueRecord ssDbUniqueRecord();
CssmClient::Key &key();
CssmClient::CSP csp();
const CSSM_X509_ALGORITHM_IDENTIFIER& algorithmIdentifier();
unsigned int strengthInBits(const CSSM_X509_ALGORITHM_IDENTIFIER *algid);
const AccessCredentials *getCredentials(
CSSM_ACL_AUTHORIZATION_TAG operation,
SecCredentialType credentialType);
static void createPair(
Keychain keychain,
CSSM_ALGORITHMS algorithm,
uint32 keySizeInBits,
CSSM_CC_HANDLE contextHandle,
CSSM_KEYUSE publicKeyUsage,
uint32 publicKeyAttr,
CSSM_KEYUSE privateKeyUsage,
uint32 privateKeyAttr,
SecPointer<Access> initialAccess,
SecPointer<KeyItem> &outPublicKey,
SecPointer<KeyItem> &outPrivateKey);
static void importPair(
Keychain keychain,
const CSSM_KEY &publicCssmKey,
const CSSM_KEY &privateCssmKey,
SecPointer<Access> initialAccess,
SecPointer<KeyItem> &outPublicKey,
SecPointer<KeyItem> &outPrivateKey);
static KeyItem *generate(
Keychain keychain,
CSSM_ALGORITHMS algorithm,
uint32 keySizeInBits,
CSSM_CC_HANDLE contextHandle,
CSSM_KEYUSE keyUsage,
uint32 keyAttr,
SecPointer<Access> initialAccess);
protected:
virtual PrimaryKey add(Keychain &keychain);
private:
CssmClient::Key mKey;
const CSSM_X509_ALGORITHM_IDENTIFIER *algid;
};
}
}
#endif // !_SECURITY_KEYITEM_H_