CPKIFNSSAesKeyWrap Class Reference
#include <PKIFNSSAesKeyWrap.h>
Detailed Description
Applications do not typically operate directly on colleague objects. Information provided in this section is intended for developers creating custom colleagues that implement similar functionality.This class provides an interface to symmetric key functionality provided by NSS.
TSP-enforcing: No
Definition at line 30 of file PKIFNSSAesKeyWrap.h.
Public Types | |
| enum | { thisComponent = TOOLKIT_CRYPTO_NSSRAW } |
Public Member Functions | |
| CPKIFNSSAesKeyWrap (void) | |
| virtual | ~CPKIFNSSAesKeyWrap (void) |
| void | Initialize () |
| bool | SupportsAlgorithm (const CPKIFKeyMaterial &key) |
| void | Decrypt (const CPKIFKeyMaterial &key, unsigned char *pData, int nDataLen, unsigned char *pResult, int *pnResultLen, bool pad=true) |
| void | Encrypt (const CPKIFKeyMaterial &key, unsigned char *pData, int nDataLen, unsigned char *pResult, int *pnResultLen, bool pad=true) |
| IPKIFRawCryptContext * | CryptInit (const CPKIFKeyMaterial &key, bool pad=true) |
| void | Decrypt (IPKIFRawCryptContext *cryptContext, unsigned char *pData, int nDataLen, unsigned char *pResult, int *pnResultLen, bool final) |
| void | Encrypt (IPKIFRawCryptContext *cryptContext, unsigned char *pData, int nDataLen, unsigned char *pResult, int *pnResultLen, bool final) |
| void | Sign (const CPKIFKeyMaterial &key, unsigned char *pHashData, int nHashDataLen, unsigned char *pSignature, int *nSignatureLen, PKIFCRYPTO::HASH_ALG hashAlg) |
| bool | Verify (const CPKIFKeyMaterial &key, unsigned char *pHashData, int nHashDataLen, unsigned char *pSignature, int nSignatureLen, PKIFCRYPTO::HASH_ALG hashAlg) |
| bool | VerifyCertificate (const CPKIFCertificate &issCert, const CPKIFCertificate &subCert) |
| IPKIFRawCryptContext * | HMACInit (const CPKIFKeyMaterial &key, PKIFCRYPTO::HASH_ALG ha) |
| void | HMACUpdate (IPKIFRawCryptContext *ctx, unsigned char *pData, int nDataLen) |
| void | HMACFinal (IPKIFRawCryptContext *ctx, unsigned char *pResult, int *pnResultLen) |
Protected Member Functions | |
| template<bool _CryptDirection> | |
| void | CryptFunc (IPKIFRawCryptContext *cryptContext, unsigned char *pData, int nDataLen, unsigned char *pResult, int *pnResultLen, bool final) |
Member Enumeration Documentation
| anonymous enum |
Constructor & Destructor Documentation
| CPKIFNSSAesKeyWrap::CPKIFNSSAesKeyWrap | ( | void | ) |
Interface: External
This function creates CPKIFNSSAesKeyWrap objects. As with all colleague objects, a call to Initialize is necessary before using instances of this class, i.e. construction and initialization requires two steps
- Returns:
- None
Definition at line 41 of file PKIFNSSAesKeyWrap.cpp.
References LOG_STRING_DEBUG, and TOOLKIT_CRYPTO_NSSRAW.
| CPKIFNSSAesKeyWrap::~CPKIFNSSAesKeyWrap | ( | void | ) | [virtual] |
Interface: External
This function destroys CPKIFNSSAesKeyWrap objects
- Returns:
- None
Definition at line 52 of file PKIFNSSAesKeyWrap.cpp.
References LOG_STRING_DEBUG, and TOOLKIT_CRYPTO_NSSRAW.
Member Function Documentation
| void CPKIFNSSAesKeyWrap::Initialize | ( | void | ) | [virtual] |
Interface: External
This function initializes an instance of CPKIFCAPIRaw for use
- Returns:
- None
Reimplemented from IPKIFColleague.
Definition at line 63 of file PKIFNSSAesKeyWrap.cpp.
References LOG_STRING_DEBUG, and TOOLKIT_CRYPTO_NSSRAW.
| bool CPKIFNSSAesKeyWrap::SupportsAlgorithm | ( | const CPKIFKeyMaterial & | key | ) | [virtual] |
Interface: External
This function is used to query an instance for support of the algorithm identified by the key parameter.
- Return values:
-
true if the algorithm specified by the key parameter is supported false if the algorithm specified by the key parameter is not supported
- Parameters:
-
key [in] Reference to a CPKIFKeyMaterial object containing at least an algorithm identifier
Implements IPKIFCryptoAlgSupport.
Definition at line 75 of file PKIFNSSAesKeyWrap.cpp.
References PKIFCRYPTO::AES128Wrap, PKIFCRYPTO::AES192Wrap, PKIFCRYPTO::AES256Wrap, CPKIFKeyMaterial::ContainsSymmetricKeyMaterial(), CPKIFKeyMaterial::GetSymmetricKeyAlgorithm(), LOG_STRING_DEBUG, and TOOLKIT_CRYPTO_NSSRAW.
| void CPKIFNSSAesKeyWrap::Decrypt | ( | const CPKIFKeyMaterial & | key, | |
| unsigned char * | pData, | |||
| int | nDataLen, | |||
| unsigned char * | pResult, | |||
| int * | pnResultLen, | |||
| bool | pad = true | |||
| ) | [virtual] |
Interface: External
This function performs decryption using symmetric key material. This function takes a key material object.
- Returns:
- None
- Parameters:
-
key [in] Reference to a CPKIFKeyMaterial object containing key material to use when performing crypto operations pData [in] Pointer to a buffer containing input data nDataLen [in] Integer indicating the size of the buffer passed via the pData parameter pResult [out] Pointer to a buffer to receive the resulting data pnResultLen [in/out] Pointer to an integer used to pass the size of the pResult parameter to Decrypt and to return the size of the resulting data pad [in] boolean value that indicates whether padding should be handled by the crypto engine. PKCS#1 padding will apply to RSA keys, PKCS#5 padding to symmetric keys. All other padding schemes must be handled by the caller.
Implements IPKIFCryptoRawOperations.
Definition at line 96 of file PKIFNSSAesKeyWrap.cpp.
References CPKIFKeyMaterial::ContainsSymmetricKeyMaterial(), and CryptInit().
| void CPKIFNSSAesKeyWrap::Encrypt | ( | const CPKIFKeyMaterial & | key, | |
| unsigned char * | pData, | |||
| int | nDataLen, | |||
| unsigned char * | pResult, | |||
| int * | pnResultLen, | |||
| bool | pad = true | |||
| ) | [virtual] |
Interface: External
This function performs encryption using symmetric key material. This function takes a key material object.
- Returns:
- None
- Parameters:
-
key [in] Reference to a CPKIFKeyMaterial object containing key material to use when performing crypto operations pData [in] Pointer to a buffer containing input data nDataLen [in] Integer indicating the size of the buffer passed via the pData parameter pResult [out] Pointer to a buffer to receive the resulting data pnResultLen [in/out] Pointer to an integer used to pass the size of the pResult parameter to Decrypt and to return the size of the resulting data pad [in] boolean value that indicates whether padding should be handled by the crypto engine. PKCS#1 padding will apply to RSA keys, PKCS#5 padding to symmetric keys. All other padding schemes must be handled by the caller.
Implements IPKIFCryptoRawOperations.
Definition at line 132 of file PKIFNSSAesKeyWrap.cpp.
References CPKIFKeyMaterial::ContainsSymmetricKeyMaterial(), and CryptInit().
| IPKIFRawCryptContext * CPKIFNSSAesKeyWrap::CryptInit | ( | const CPKIFKeyMaterial & | key, | |
| bool | pad = true | |||
| ) | [virtual] |
Interface: External
This function is used to prepare a crypt context object with presented key material. The crypt context object may then be passed to operations that perform cryptographic operations using the key material. This function is typically used to prepare for operations on large amounts of data. This function may generate an exception containing one of the following error codes
- Returns:
- A pointer to IPKIFRawCryptContext
- Exceptions:
-
CPKIFCryptoException(COMMON_INVALID_INPUT)
- Parameters:
-
key [in] Reference to a smart pointer to a CPKIFKeyMaterial object containing the key material to use for an Encryption or Decryption operation pad [in] A boolean value indicating if padding should be applied
Implements IPKIFCryptoRawOperations.
Definition at line 173 of file PKIFNSSAesKeyWrap.cpp.
References PKIFCRYPTO::AES, PKIFCRYPTO::AES128, PKIFCRYPTO::AES128Wrap, PKIFCRYPTO::AES192, PKIFCRYPTO::AES192Wrap, PKIFCRYPTO::AES256, PKIFCRYPTO::AES256Wrap, COMMON_INVALID_INPUT, CPKIFKeyMaterial::ContainsSymmetricKeyMaterial(), CPKIFKeyMaterial::GetIV(), CPKIFKeyMaterial::GetSymmetricKey(), CPKIFKeyMaterial::GetSymmetricKeyAlgorithm(), CPKIFKeyMaterial::GetSymmetricKeyLength(), LOG_STRING_DEBUG, CPKIFNSSAesKeyWrapCryptContext::m_params, CPKIFNSSAesKeyWrapCryptContext::m_slot, CPKIFNSSAesKeyWrapCryptContext::m_wrappingkey, and TOOLKIT_CRYPTO_NSSRAW.
| void CPKIFNSSAesKeyWrap::Decrypt | ( | IPKIFRawCryptContext * | cryptContext, | |
| unsigned char * | pData, | |||
| int | nDataLen, | |||
| unsigned char * | pResult, | |||
| int * | pnResultLen, | |||
| bool | final | |||
| ) | [virtual] |
Interface: External
This function performs decryption using symmetric key material. This function takes a crypt context and can be used when operating on large blocks of data.
- Returns:
- None
- Parameters:
-
cryptContext [in] Pointer to an IPKIFRawCryptContext object created via a call to CryptInit and containing the key material to use when decrypting pData [in] Pointer to a buffer containing ciphertext to decrypt nDataLen [in] Integer indicating the size of the buffer passed via the pData parameter pResult [out] Pointer to a buffer to receive the decrypted data pnResultLen [in/out] Pointer to an integer used to pass the size of the pResult parameter to Decrypt and to return the size of the decrypted data final [in] Boolean that indicates if more data will be passed via a subsequent call to Decrypt (false if more data will be passed and true if this is the final call to Decrypt for this ciphertext)
Implements IPKIFCryptoRawOperations.
Definition at line 241 of file PKIFNSSAesKeyWrap.cpp.
References COMMON_INVALID_INPUT, CPKIFNSSAesKeyWrapCryptContext::m_params, CPKIFNSSAesKeyWrapCryptContext::m_wrappingkey, PKIFNSS_CIPHER_OP_FAILED, RAISE_CRYPTO_EXCEPTION, and TOOLKIT_CRYPTO_NSSRAW.
| void CPKIFNSSAesKeyWrap::Encrypt | ( | IPKIFRawCryptContext * | cryptContext, | |
| unsigned char * | pData, | |||
| int | nDataLen, | |||
| unsigned char * | pResult, | |||
| int * | pnResultLen, | |||
| bool | final | |||
| ) | [virtual] |
Interface: External
This function performs encryption using symmetric key material. This function takes a crypt context and can be used when operating on large blocks of data
- Returns:
- None
- Parameters:
-
cryptContext [in] Pointer to an IPKIFRawCryptContext object created via a call to CryptInit and containing the key material to use when encrypting pData [in] Pointer to a buffer containing plaintext to encrypt nDataLen [in] Integer indicating the size of the buffer passed via the pData parameter pResult [out] Pointer to a buffer to receive the encrypted data pnResultLen [in/out] Pointer to an integer used to pass the size of the pResult parameter to Encrypt and to return the size of the encrypted data final [in] Boolean that indicates if more data will be passed via a subsequent call to Encrypt (false if more data will be passed and true if this is the final call to Encrypt for this plaintext)
Implements IPKIFCryptoRawOperations.
Definition at line 324 of file PKIFNSSAesKeyWrap.cpp.
References COMMON_INVALID_INPUT, CPKIFNSSAesKeyWrapCryptContext::m_params, CPKIFNSSAesKeyWrapCryptContext::m_slot, CPKIFNSSAesKeyWrapCryptContext::m_wrappingkey, PKIFNSS_CIPHER_OP_FAILED, RAISE_CRYPTO_EXCEPTION, and TOOLKIT_CRYPTO_NSSRAW.
| void CPKIFNSSAesKeyWrap::Sign | ( | const CPKIFKeyMaterial & | key, | |
| unsigned char * | pHashData, | |||
| int | nHashDataLen, | |||
| unsigned char * | pSignature, | |||
| int * | nSignatureLen, | |||
| PKIFCRYPTO::HASH_ALG | hashAlg | |||
| ) | [virtual] |
Interface: External
This function throws an exception. Digital signature generation using raw key material is not currently supported
- Returns:
- None
- Exceptions:
-
CPKIFCryptoException(COMMON_NOT_IMPLEMENTED)
- Parameters:
-
key [in] Reference to a CPKIFKeyMaterial object containing key material to use for signature generation pHashData [in] Pointer to a buffer containing the message digest to sign nHashDataLen [in] Integer indicating the length of the buffer passed via the pHashData parameter pSignature [out] Pointer to a buffer to receive the generated digital signature nSignatureLen [in/out] Pointer to a integer used to pass the size of the pSignature buffer to Sign and to return the size of the generated signature from hashAlg [in] Hash algorithm used in the signature
Implements IPKIFCryptoRawOperations.
Definition at line 390 of file PKIFNSSAesKeyWrap.cpp.
References COMMON_NOT_IMPLEMENTED, LOG_STRING_DEBUG, RAISE_CRYPTO_EXCEPTION, and TOOLKIT_CRYPTO_NSSRAW.
| bool CPKIFNSSAesKeyWrap::Verify | ( | const CPKIFKeyMaterial & | key, | |
| unsigned char * | pHashData, | |||
| int | nHashDataLen, | |||
| unsigned char * | pSignature, | |||
| int | nSignatureLen, | |||
| PKIFCRYPTO::HASH_ALG | hashAlg | |||
| ) | [virtual] |
Interface: External
This function verifies a digital signature over the given data using the public key from the specified key (which most likely includes an X.509 certificate). All Verify functions assume the data passed is a hash of the data to be verified, i.e. this function perform no hashing
- Returns:
- This function returns true if the signature verifies and false otherwise. Some errors can result in exceptions
- Parameters:
-
key [in] Reference to a CPKIFKeyMaterial object containing key material to use when verifying the signature pHashData [in] Pointer to a buffer containing the message digest that was signed to produce the signature conveyed via the pSignature parameter nHashDataLen [in] Integer indicating the length of the value passed via the pHashData parameter pSignature [in] Pointer to a buffer containing the signature to verify nSignatureLen [in] Integer indicating the size of the value passed via the pSignature parameter hashAlg [in] Hash algorithm used with signature
Implements IPKIFCryptoRawOperations.
Definition at line 502 of file PKIFNSSAesKeyWrap.cpp.
References COMMON_NOT_IMPLEMENTED, LOG_STRING_DEBUG, RAISE_CRYPTO_EXCEPTION, and TOOLKIT_CRYPTO_NSSRAW.
| bool CPKIFNSSAesKeyWrap::VerifyCertificate | ( | const CPKIFCertificate & | issCert, | |
| const CPKIFCertificate & | subCert | |||
| ) | [virtual] |
Interface: External
This convenience function can be used to verify signatures on a certificate given a subject certificate and the certificate of its issuer
- Returns:
- This function returns true if the signature on subCert can be verified using the public key material from issCert
- Parameters:
-
issCert [in] Reference to a smart pointer to a CPKIFCertificate object containing the certificate to use when verifying the certificate passed via the subCert parameter subCert [in] Reference to a smart pointer to a CPKIFCertificate object containing the certificate to verify using the certificate passed via the issCert parameter
Implements IPKIFCryptoRawOperations.
Definition at line 479 of file PKIFNSSAesKeyWrap.cpp.
References COMMON_NOT_IMPLEMENTED, LOG_STRING_DEBUG, RAISE_CRYPTO_EXCEPTION, and TOOLKIT_CRYPTO_NSSRAW.
| IPKIFRawCryptContext * CPKIFNSSAesKeyWrap::HMACInit | ( | const CPKIFKeyMaterial & | key, | |
| PKIFCRYPTO::HASH_ALG | ha | |||
| ) | [virtual] |
Interface: External
This function is used to initialize an HMAC context with a symmetric key and hash algorithm. It returs a context which may then be passed to HMACUpdate and HMACFinal to produce a message authentication code using the key material.
This function may generate an exception containing one of the following error codes
- Returns:
- A poiter to IPKIFRawCryptContext
- Exceptions:
-
CPKIFCryptoException(PKIF_NSS_UNSUPPORTED_ALG) CPKIFCryptoException(PKIF_NSS_RAW_IMPORT_FAILED) CPKIFCryptoException(COMMON_INVALID_INPUT)
Implements IPKIFCryptoRawOperations.
Definition at line 428 of file PKIFNSSAesKeyWrap.cpp.
References COMMON_NOT_IMPLEMENTED, LOG_STRING_DEBUG, RAISE_CRYPTO_EXCEPTION, and TOOLKIT_CRYPTO_NSSRAW.
| void CPKIFNSSAesKeyWrap::HMACUpdate | ( | IPKIFRawCryptContext * | ctx, | |
| unsigned char * | pData, | |||
| int | nDataLen | |||
| ) | [virtual] |
Interface: External
This function is used to contribute data to an HMAC context. Once an HMAC context is established, it operates identically to a hash context
- Returns:
- None
- Exceptions:
-
CPKIFCryptoException(PKIFNSS_INCORRECT_HASH_CONTEXT) CPKIFCryptoException(PKIFNSS_EMPTY_HASH_CONTEXT) CPKIFCryptoException(PKIFNSS_DIGEST_OP_FAILED)
Implements IPKIFCryptoRawOperations.
Definition at line 447 of file PKIFNSSAesKeyWrap.cpp.
References COMMON_NOT_IMPLEMENTED, LOG_STRING_DEBUG, RAISE_CRYPTO_EXCEPTION, and TOOLKIT_CRYPTO_NSSRAW.
| void CPKIFNSSAesKeyWrap::HMACFinal | ( | IPKIFRawCryptContext * | ctx, | |
| unsigned char * | pResult, | |||
| int * | pnResultLen | |||
| ) | [virtual] |
Interface: External
This function is used to retrieve the result from an HMAC context. HMAC contexts are not valid after a call to HMACFinal and should be deleted.
- Returns:
- None
- Exceptions:
-
CPKIFCryptoException(PKIFNSS_INCORRECT_HASH_CONTEXT) CPKIFCryptoException(PKIFNSS_EMPTY_HASH_CONTEXT) CPKIFCryptoException(PKIFNSS_DIGEST_OP_FAILED)
Implements IPKIFCryptoRawOperations.
Definition at line 465 of file PKIFNSSAesKeyWrap.cpp.
References COMMON_NOT_IMPLEMENTED, LOG_STRING_DEBUG, RAISE_CRYPTO_EXCEPTION, and TOOLKIT_CRYPTO_NSSRAW.
| void CPKIFNSSAesKeyWrap::CryptFunc | ( | IPKIFRawCryptContext * | cryptContext, | |
| unsigned char * | pData, | |||
| int | nDataLen, | |||
| unsigned char * | pResult, | |||
| int * | pnResultLen, | |||
| bool | final | |||
| ) | [inline, protected] |
The documentation for this class was generated from the following files:
