1  /*
  2   * Copyright (c) 2000-2002,2011,2014 Apple Inc. All Rights Reserved.
  3   * 
  4   * The contents of this file constitute Original Code as defined in and are
  5   * subject to the Apple Public Source License Version 1.2 (the 'License').
  6   * You may not use this file except in compliance with the License. Please obtain
  7   * a copy of the License at http://www.apple.com/publicsource and read it before
  8   * using this file.
  9   * 
 10   * This Original Code and all software distributed under the License are
 11   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 12   * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 13   * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 14   * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 15   * specific language governing rights and limitations under the License.
 16   */
 17  
 18  
 19  /*
 20   * DH_keys.h - Diffie-Hellman key pair support
 21   */
 22   
 23  #ifndef	_DH_KEYS_H_
 24  #define _DH_KEYS_H_
 25  
 26  #include <AppleCSPContext.h>
 27  #include <AppleCSPSession.h>
 28  #include "AppleCSPKeys.h"
 29  #include <DH_csp.h>
 30  #include <openssl/dh_legacy.h>
 31  #include <security_cdsa_utilities/context.h>
 32  #include <security_utilities/debugging.h>
 33  #include <security_asn1/SecNssCoder.h>
 34  #include <Security/osKeyTemplates.h>
 35  
 36  #define DH_PUB_KEY_FORMAT		CSSM_KEYBLOB_RAW_FORMAT_PKCS3
 37  #define DH_PRIV_KEY_FORMAT		CSSM_KEYBLOB_RAW_FORMAT_PKCS3
 38  
 39  #define	DH_MIN_KEY_SIZE			512			/* FIXME */
 40  #define DH_MAX_KEY_SIZE			2048
 41  
 42  #define cspDhDebug(args...)		secinfo("dhDebug", ## args)
 43  
 44  /*
 45   * Diffie-Hellman version of a BinaryKey.
 46   */
 47  class DHBinaryKey : public BinaryKey {
 48  public:
 49  	DHBinaryKey(DH *dhKey = NULL);
 50  	~DHBinaryKey();
 51  	void generateKeyBlob(
 52  		Allocator 		&allocator,
 53  		CssmData			&blob,
 54  		CSSM_KEYBLOB_FORMAT	&format,
 55  		AppleCSPSession		&session,
 56  		const CssmKey		*paramKey,		/* optional, unused here */
 57  		CSSM_KEYATTR_FLAGS 	&attrFlags);	/* IN/OUT */
 58  		
 59  	/*
 60  	 * This may contain a fully-capable private key, or a public
 61  	 * key with as little as the pub_key field set. 
 62  	 */
 63  	DH						*mDhKey;
 64  };
 65  
 66  class DHKeyPairGenContext : 
 67  	public AppleCSPContext, private AppleKeyPairGenContext  {
 68  public:
 69  	DHKeyPairGenContext(
 70  		AppleCSPSession &session,
 71  		const Context &) :
 72  			AppleCSPContext(session),
 73  			mGenAttrs(NULL) {}
 74  
 75  	~DHKeyPairGenContext() { freeGenAttrs(); }
 76  	
 77  	// no init functionality, but we need to implement it
 78  	void init(
 79  		const Context &, 
 80  		bool) { }
 81  		
 82  	// this one is specified in, and called from, CSPFullPluginSession
 83  	void generate(
 84  		const Context 	&context, 
 85  		CssmKey 		&pubKey, 
 86  		CssmKey 		&privKey);
 87  		
 88  	// this one is specified in, and called from, AppleKeyPairGenContext
 89  	void generate(
 90  		const Context 	&context,
 91  		BinaryKey		&pubBinKey,	
 92  		BinaryKey		&privBinKey,
 93  		uint32			&keySize);
 94  	
 95  	// specified in, and called from, CSPFullPluginSession�- generate parameters
 96  	void generate(
 97  		const Context 	&context, 
 98  		uint32 			bitSize,
 99  		CssmData 		&params,
100  		uint32 			&attrCount, 
101  		Context::Attr * &attrs);
102  
103  	/*
104  	 * Necessary to handle and deflect "context changed" notification which occurs
105  	 * after the strange return from "generate parameters", when the plugin adds
106  	 * the "returned" values to the Context.
107  	 */
108  	bool changed(const Context &context) { return true; }
109  
110  	void dhGenParams(
111  		uint32			keySizeInBits,
112  		unsigned		g,					// probably should be BIGNUM
113  		int				privValueLength, 	// optional
114  		NSS_DHParameter	&algParams,
115  		SecNssCoder		&coder);			// for temp contents of algParams
116  	
117  private:
118  	/* gross hack to store attributes "returned" from GenParams */
119  	Context::Attr		*mGenAttrs;
120  	void				freeGenAttrs();
121  };	/* DHKeyPairGenContext */
122  
123  /*
124   * CSPKeyInfoProvider for Diffie-Hellman keys
125   */
126  class DHKeyInfoProvider : public CSPKeyInfoProvider 
127  {
128  private:
129  	DHKeyInfoProvider(
130  		const CssmKey		&cssmKey,
131  		AppleCSPSession		&session);
132  public:
133  	static CSPKeyInfoProvider *provider(
134  		const CssmKey 		&cssmKey,
135  		AppleCSPSession		&session);
136  
137  	~DHKeyInfoProvider() { }
138  	void CssmKeyToBinary(
139  		CssmKey				*paramKey,	// optional, ignored here
140  		CSSM_KEYATTR_FLAGS	&attrFlags,	// IN/OUT
141  		BinaryKey			**binKey);	// RETURNED
142  	void QueryKeySizeInBits(
143  		CSSM_KEY_SIZE		&keySize);	// RETURNED
144  	bool getHashableBlob(
145  		Allocator 		&allocator,
146  		CssmData			&hashBlob);
147  };
148  
149  #endif	/* _DH_KEYS_H_ */