OpenSCKeyRecord::OpenSCKeyRecord(OpenSCToken *openSCToken, const sc_pkcs15_object_t *objectOne, const sc_pkcs15_object_t *objectTwo, const Tokend::MetaRecord &metaRecord) : OpenSCRecord(openSCToken, objectOne) { int decryptFlags = SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP; int signFlags = SC_PKCS15_PRKEY_USAGE_SIGN | SC_PKCS15_PRKEY_USAGE_SIGNRECOVER | SC_PKCS15_PRKEY_USAGE_NONREPUDIATION; sc_pkcs15_prkey_info_t *kOne = (sc_pkcs15_prkey_info_t *) objectOne->data; sc_pkcs15_prkey_info_t *kTwo = (sc_pkcs15_prkey_info_t *) objectTwo->data; // find out key attributes! attributeAtIndex(metaRecord.metaAttribute(kSecKeyDecrypt).attributeIndex(), new Tokend::Attribute(true)); attributeAtIndex(metaRecord.metaAttribute(kSecKeyUnwrap).attributeIndex(), new Tokend::Attribute(true)); attributeAtIndex(metaRecord.metaAttribute(kSecKeySign).attributeIndex(), new Tokend::Attribute(true)); mToken = openSCToken; if ((kOne->usage & signFlags) && (kTwo->usage & decryptFlags)) { mPrKeySign = objectOne; mPrKeyDecrypt = objectTwo; } else if ((kOne->usage & decryptFlags) && (kTwo->usage & signFlags)) { mPrKeySign = objectTwo; mPrKeyDecrypt = objectOne; } else PCSC::Error::throwMe(CSSM_ERRCODE_INTERNAL_ERROR); mPrKeyObj = objectOne; // Could be objectTwo also, since both keys share the same attributes }
// // PIVKeyRecord // PIVKeyRecord::PIVKeyRecord(const unsigned char *application, size_t applicationSize, const char *description, const Tokend::MetaRecord &metaRecord, unsigned char keyRef, size_t keySize) : PIVRecord(application, applicationSize, description), keyRef(keyRef), keySize(keySize) { /* Allow all keys to decrypt, unwrap, sign */ attributeAtIndex(metaRecord.metaAttribute(kSecKeyDecrypt).attributeIndex(), new Tokend::Attribute(true)); attributeAtIndex(metaRecord.metaAttribute(kSecKeyUnwrap).attributeIndex(), new Tokend::Attribute(true)); attributeAtIndex(metaRecord.metaAttribute(kSecKeySign).attributeIndex(), new Tokend::Attribute(true)); }
OpenSCKeyRecord::OpenSCKeyRecord(OpenSCToken *openSCToken, const sc_pkcs15_object_t *object, const Tokend::MetaRecord &metaRecord) : OpenSCRecord(openSCToken, object) { // find out key attributes! attributeAtIndex(metaRecord.metaAttribute(kSecKeyDecrypt).attributeIndex(), new Tokend::Attribute(true)); attributeAtIndex(metaRecord.metaAttribute(kSecKeyUnwrap).attributeIndex(), new Tokend::Attribute(true)); attributeAtIndex(metaRecord.metaAttribute(kSecKeySign).attributeIndex(), new Tokend::Attribute(true)); mToken = openSCToken; mPrKeyObj = mPrKeySign = mPrKeyDecrypt = object; }
// // BELPICKeyRecord // BELPICKeyRecord::BELPICKeyRecord(const uint8_t * keyId, const char *description, uint32_t keySize, const Tokend::MetaRecord & metaRecord, bool signOnly, bool PPDU):BELPICRecord(description), mKeyId(keyId), mKeySize(keySize), mSignOnly(signOnly), mPPDU(PPDU) { attributeAtIndex(metaRecord.metaAttribute(kSecKeyDecrypt). attributeIndex(), new Tokend::Attribute(!signOnly)); attributeAtIndex(metaRecord.metaAttribute(kSecKeyUnwrap). attributeIndex(), new Tokend::Attribute(!signOnly)); attributeAtIndex(metaRecord.metaAttribute(kSecKeySign). attributeIndex(), new Tokend::Attribute(signOnly)); attributeAtIndex(metaRecord.metaAttribute(kSecKeyKeySizeInBits). attributeIndex(), new Tokend::Attribute(keySize)); attributeAtIndex(metaRecord.metaAttribute(kSecKeyEffectiveKeySize). attributeIndex(), new Tokend::Attribute(keySize)); }
EstEIDKeyRecord::EstEIDKeyRecord(const char *description, const Tokend::MetaRecord &metaRecord, bool signOnly) : EstEIDRecord(description), mSignOnly(signOnly) { FLOG; attributeAtIndex(metaRecord.metaAttribute(kSecKeyDecrypt).attributeIndex(), new Tokend::Attribute(true)); attributeAtIndex(metaRecord.metaAttribute(kSecKeyUnwrap).attributeIndex(), new Tokend::Attribute(true)); attributeAtIndex(metaRecord.metaAttribute(kSecKeySign).attributeIndex(), new Tokend::Attribute(true)); }