/* * Copyright (c) 2000-2001,2004,2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * * This file contains Original Code and/or Modifications of Original Code * as defined in and that are subject to the Apple Public Source License * Version 2.0 (the 'License'). You may not use this file except in * compliance with the License. Please obtain a copy of the License at * http://www.opensource.apple.com/apsl/ and read it before using this * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. * Please see the License for the specific language governing rights and * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ // // localkey - Key objects that store a local CSSM key object // #ifndef _H_LOCALKEY #define _H_LOCALKEY #include "key.h" #include <security_cdsa_client/keyclient.h> class LocalDatabase; // // A LocalKey object represents a CssmKey known to securityd. This subclass of Key is the // parent of all Key objects that rely on local storage of the raw key matter. Cryptographic // operations are performed by a local CSP within securityd's address space. // // LocalKeys are paired with LocalDatabases; LocalKey subclasses must be produced by, and must // belong to, subclasses of LocalDatabase. // // LocalKeys implement their ACLs with a local evaluation machine that does not rely on an outside // agent for evaluation. It is still possible for different subclasses of LocalDatabase to host // their ObjectAcl instances at different globality layers. // // Since the local CSP refuses to deal with storage-related key attributes, we split the keys's // CSSM_KEY_ATTRBITS into two parts: // (*) The KeyHeader.attributes() contain attributes as seen by the local CSP. // (*) The local mAttributes member contains attributes as seen by the client. // The two are related by a simple formula: take the external attributes, remove the global-storage // bits, add the EXTRACTABLE bit (so securityd itself can get at the key matter), and use that in // the CssmKey. The reverse transition is done on the way out. A local subclass of KeySpec is used // to make this more consistent. Just follow the pattern. // class LocalKey : public Key { public: LocalKey(Database &db, const CssmKey &newKey, uint32 moreAttributes); virtual ~LocalKey(); LocalDatabase &database() const; // yield the decoded internal key -- internal attributes CssmClient::Key key() { return keyValue(); } const CssmKey &cssmKey() { return keyValue(); } operator CssmClient::Key () { return keyValue(); } operator const CssmKey &() { return keyValue(); } operator const CSSM_KEY & () { return keyValue(); } // yield the approximate external key header -- external attributes void returnKey(U32HandleObject::Handle &h, CssmKey::Header &hdr); // generate the canonical key digest const CssmData &canonicalDigest(); CSSM_KEYATTR_FLAGS attributes(); public: // key attributes that should not be passed on to the CSP static const CSSM_KEYATTR_FLAGS managedAttributes = KeyBlob::managedAttributes; // these attributes are "forced on" in internal keys (but not always in external attributes) static const CSSM_KEYATTR_FLAGS forcedAttributes = KeyBlob::forcedAttributes; // these attributes are internally generated, and invalid on input static const CSSM_KEYATTR_FLAGS generatedAttributes = CSSM_KEYATTR_ALWAYS_SENSITIVE | CSSM_KEYATTR_NEVER_EXTRACTABLE; // a version of KeySpec that self-checks and masks for CSP operation class KeySpec : public CssmClient::KeySpec { public: KeySpec(CSSM_KEYUSE usage, CSSM_KEYATTR_FLAGS attrs); KeySpec(CSSM_KEYUSE usage, CSSM_KEYATTR_FLAGS attrs, const CssmData &label); }; private: void setup(const CssmKey &newKey, CSSM_KEYATTR_FLAGS attrs); CssmClient::Key keyValue(); protected: LocalKey(Database &db, CSSM_KEYATTR_FLAGS attributes); void setOwner(const AclEntryPrototype *owner); virtual void getKey(); // decode into mKey or throw virtual void getHeader(CssmKey::Header &hdr); // get header (only) without mKey protected: bool mValidKey; // CssmKey form is valid CssmClient::Key mKey; // clear form CssmKey (attributes modified) CSSM_KEYATTR_FLAGS mAttributes; // full attributes (external form) CssmAutoData mDigest; // computed key digest (cached) }; #endif //_H_LOCALKEY