#ifndef _H_SSBLOB
#define _H_SSBLOB
#include <Security/SecurityServerClient.h>
#include <Security/cssm.h>
#include <Security/utilities.h>
#include <Security/cssmalloc.h>
#include <Security/cssmacl.h>
#include <Security/memutils.h>
namespace Security
{
using LowLevelMemoryUtilities::increment;
namespace SecurityServer
{
class Blob {
protected:
template <class T>
T *at(off_t offset) { return LowLevelMemoryUtilities::increment<T>(this, offset); }
void *at(off_t offset) { return LowLevelMemoryUtilities::increment(this, offset); }
};
class CommonBlob : public Blob {
public:
uint32 magic; uint32 version;
static const uint32 magicNumber = 0xfade0711;
static const uint32 version_MacOS_10_0 = 0x00000100; static const uint32 version_MacOS_10_1 = 0x00000101; static const uint32 currentVersion = version_MacOS_10_0;
public:
void initialize(uint32 version = currentVersion);
void validate(CSSM_RETURN failureCode) const;
void *data() { return at(0); }
};
class DbBlob : public CommonBlob {
public:
struct Signature {
uint8 bytes[16];
bool operator < (const Signature &sig) const
{ return memcmp(bytes, sig.bytes, sizeof(bytes)) < 0; }
bool operator == (const Signature &sig) const
{ return memcmp(bytes, sig.bytes, sizeof(bytes)) == 0; }
};
struct PrivateBlob : public Blob {
uint8 encryptionKey[24]; uint8 signingKey[20];
void *privateAclBlob() { return at(sizeof(PrivateBlob)); }
};
public:
uint32 startCryptoBlob; uint32 totalLength;
Signature randomSignature; uint32 sequence; DBParameters params;
uint8 salt[20]; uint8 iv[8];
uint8 blobSignature[20];
void *publicAclBlob() { return at(sizeof(DbBlob)); }
size_t publicAclBlobLength() const
{ return startCryptoBlob - sizeof(DbBlob); }
void *cryptoBlob() { return at(startCryptoBlob); }
size_t cryptoBlobLength() const { return totalLength - startCryptoBlob; }
uint32 length() const { return totalLength; }
DbBlob *copy(CssmAllocator &alloc = CssmAllocator::standard()) const
{
DbBlob *blob = alloc.malloc<DbBlob>(length());
memcpy(blob, this, length());
return blob;
}
};
class KeyBlob : public CommonBlob {
public:
uint32 startCryptoBlob; uint32 totalLength;
uint8 iv[8];
CssmKey::Header header; struct WrappedFields {
CSSM_KEYBLOB_TYPE blobType;
CSSM_KEYBLOB_FORMAT blobFormat;
CSSM_ALGORITHMS wrapAlgorithm;
CSSM_ENCRYPT_MODE wrapMode;
} wrappedHeader;
uint8 blobSignature[20];
void *publicAclBlob() { return at(sizeof(KeyBlob)); }
size_t publicAclBlobLength() const
{ return startCryptoBlob - sizeof(KeyBlob); }
void *cryptoBlob() { return at(startCryptoBlob); }
size_t cryptoBlobLength() const { return totalLength - startCryptoBlob; }
uint32 length() const { return totalLength; }
static const uint32 managedAttributes =
CSSM_KEYATTR_ALWAYS_SENSITIVE |
CSSM_KEYATTR_NEVER_EXTRACTABLE |
CSSM_KEYATTR_PERMANENT;
public:
KeyBlob *copy(CssmAllocator &alloc) const
{
KeyBlob *blob = alloc.malloc<KeyBlob>(length());
memcpy(blob, this, length());
return blob;
}
};
}
}
#endif //_H_SSBLOB