/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*
 * FEECSPUtils.h - Misc. utility function for FEE/CryptKit CSP. 
 *
 * Created 2/20/2001 by dmitch.
 */
 
#ifdef	CRYPTKIT_CSP_ENABLE

#include <Security/utilities.h>
#include <Security/debugging.h>
#include <Security/logging.h>
#include "FEECSPUtils.h"
#include "FEEKeys.h"
#include <CryptKit/feeFunctions.h>
#include <CryptKit/feePublicKey.h>

#define feeMiscDebug(args...)	secdebug("feeMisc", ## args)

/* Given a FEE error, throw appropriate CssmError */
void CryptKit::throwCryptKit(
	feeReturn 	frtn, 
	const char	*op)		/* optional */
{
	if(op) {
		Security::Syslog::error("Apple CSP %s: %s", op, feeReturnString(frtn));
	}
	switch(frtn) {
		case FR_Success:
			return;
		case FR_BadPubKey:
		case FR_BadPubKeyString:
		case FR_IncompatibleKey:
		case FR_BadKeyBlob:
			CssmError::throwMe(CSSMERR_CSP_INVALID_KEY);
		case FR_IllegalDepth:
			CssmError::throwMe(CSSMERR_CSP_UNSUPPORTED_KEY_SIZE);
		case FR_BadSignatureFormat:		/* signature corrupted */
			CssmError::throwMe(CSSMERR_CSP_INVALID_SIGNATURE);
		case FR_InvalidSignature:		/* signature intact, but not valid */
			CssmError::throwMe(CSSMERR_CSP_VERIFY_FAILED);
		case FR_IllegalArg:			/* illegal argument */
			CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
		case FR_BadCipherText:		/* malformed ciphertext */
		case FR_BadEnc64:			/* bad enc64() format */
			CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
		case FR_Unimplemented:		/* unimplemented function */
			CssmError::throwMe(CSSMERR_CSP_FUNCTION_NOT_IMPLEMENTED);
		case FR_Memory:		/* unimplemented function */
			CssmError::throwMe(CSSMERR_CSP_MEMORY_ERROR);
		case FR_ShortPrivData:
			CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_SEED);
		case FR_IllegalCurve:		/* e.g., ECDSA with Montgomery curve */
			CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY);

		/* I don't think we should ever see these no matter what the 
		 * caller throws at us */
		case FR_WrongSignatureType:	/* ElGamal vs. ECDSA */
		case FR_BadUsageName:		/* bad usageName */
		case FR_BadCipherFile:
		case FR_Internal:			/* internal library error */
			CssmError::throwMe(CSSMERR_CSP_INTERNAL_ERROR);
	}
}

/* 
 * Given a Context:
 * -- obtain CSSM key of specified CSSM_ATTRIBUTE_TYPE
 * -- validate keyClass
 * -- validate keyUsage
 * -- convert to feePubKey, allocating the feePubKey if necessary
 */
feePubKey CryptKit::contextToFeeKey(
	const Context 		&context,
	AppleCSPSession	 	&session,
	CSSM_ATTRIBUTE_TYPE	attrType,	  // CSSM_ATTRIBUTE_KEY, CSSM_ATTRIBUTE_PUBLIC_KEY
	CSSM_KEYCLASS		keyClass,	  // CSSM_KEYCLASS_{PUBLIC,PRIVATE}_KEY
	CSSM_KEYUSE			usage,		  // CSSM_KEYUSE_ENCRYPT, CSSM_KEYUSE_SIGN, etc.
	bool				&mallocdKey)  // RETURNED
{
    CssmKey &cssmKey = 
		context.get<CssmKey>(attrType, CSSMERR_CSP_MISSING_ATTR_KEY);
	const CSSM_KEYHEADER &hdr = cssmKey.KeyHeader;
	if(hdr.AlgorithmId != CSSM_ALGID_FEE) {
		CssmError::throwMe(CSSMERR_CSP_ALGID_MISMATCH);
	}
	if(hdr.KeyClass != keyClass) {
		CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_CLASS);
	}
	cspValidateIntendedKeyUsage(&hdr, usage);
	cspVerifyKeyTimes(hdr);
	return cssmKeyToFee(cssmKey, session, mallocdKey);
}

/* 
 * Convert a CssmKey to a feePubKey. May result in the creation of a new
 * feePubKey (when cssmKey is a raw key); allocdKey is true in that case
 * in which case the caller generally has to free the allocd key).
 */
feePubKey CryptKit::cssmKeyToFee(
	const CssmKey	&cssmKey,
	AppleCSPSession	&session,
	bool			&allocdKey)	// RETURNED
{
	feePubKey feeKey = NULL;
	allocdKey = false;
	
	const CSSM_KEYHEADER *hdr = &cssmKey.KeyHeader;
	if(hdr->AlgorithmId != CSSM_ALGID_FEE) {
		// someone else's key (should never happen)
		CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
	}
	switch(hdr->BlobType) {
		case CSSM_KEYBLOB_RAW:
			feeKey = rawCssmKeyToFee(cssmKey);
			allocdKey = true;
			break;
		case CSSM_KEYBLOB_REFERENCE:
		{
			BinaryKey &binKey = session.lookupRefKey(cssmKey);
			FEEBinaryKey *feeBinKey = dynamic_cast<FEEBinaryKey *>(&binKey);
			/* this cast failing means that this is some other
			 * kind of binary key */
			if(feeBinKey == NULL) {
				feeMiscDebug("CryptKit::cssmKeyToFee: wrong BinaryKey subclass\n");
				CssmError::throwMe(CSSMERR_CSP_INVALID_KEY);
			}
			assert(feeBinKey->feeKey() != NULL);
			feeKey = feeBinKey->feeKey();
			break;
		}
		default:
			CssmError::throwMe(CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT);
	}
	return feeKey;
}

/* 
 * Convert a raw CssmKey to a newly alloc'd feePubKey.
 */
feePubKey CryptKit::rawCssmKeyToFee(
	const CssmKey	&cssmKey)
{
	const CSSM_KEYHEADER *hdr = &cssmKey.KeyHeader;
	assert(hdr->BlobType == CSSM_KEYBLOB_RAW); 
	
	if(hdr->AlgorithmId != CSSM_ALGID_FEE) {
		// someone else's key (should never happen)
		CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
	}
	bool derBlob;
	switch(hdr->Format) {
		case FEE_KEYBLOB_DEFAULT_FORMAT:
			derBlob = true;
			break;
		case CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING:
			derBlob = false;
			break;
		default:
			feeMiscDebug("CryptKit::rawCssmKeyToFee: format mismatch\n");
			CssmError::throwMe(hdr->KeyClass == CSSM_KEYCLASS_PRIVATE_KEY ?
				CSSMERR_CSP_INVALID_ATTR_PRIVATE_KEY_FORMAT :
				CSSMERR_CSP_INVALID_ATTR_PUBLIC_KEY_FORMAT);
	}
	switch(hdr->KeyClass) {
		case CSSM_KEYCLASS_PUBLIC_KEY:
		case CSSM_KEYCLASS_PRIVATE_KEY:
			break;
		default:
			// someone else's key
			CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_CLASS);
	}
	
	feePubKey feeKey = feePubKeyAlloc();
	if(feeKey == NULL) {
		CssmError::throwMe(CSSMERR_CSP_MEMORY_ERROR);
	}
	feeReturn frtn = FR_Internal;
	switch(hdr->KeyClass) {
		case CSSM_KEYCLASS_PUBLIC_KEY:
			if(derBlob) {
				frtn = feePubKeyInitFromDERPubBlob(feeKey,
					cssmKey.KeyData.Data,
					cssmKey.KeyData.Length);
			}
			else {
				frtn = feePubKeyInitFromPubBlob(feeKey,
					cssmKey.KeyData.Data,
					cssmKey.KeyData.Length);
			}
			break;
		case CSSM_KEYCLASS_PRIVATE_KEY:
			if(derBlob) {
				frtn = feePubKeyInitFromDERPrivBlob(feeKey,
					cssmKey.KeyData.Data,
					cssmKey.KeyData.Length);
			}
			else {
				frtn = feePubKeyInitFromPrivBlob(feeKey,
					cssmKey.KeyData.Data,
					cssmKey.KeyData.Length);
			}
	}
	if(frtn) {
		feePubKeyFree(feeKey);
		throwCryptKit(frtn, "feePubKeyInitFromKeyBlob");
	}
	return feeKey;
}

/*
 * Glue function which allows C code to use AppleCSPSession 
 * as an RNG. A ptr to this function gets passed down to 
 * CryptKit C functions as a feeRandFcn.
 */
feeReturn CryptKit::feeRandCallback(
	void *ref,					// actually an AppleCSPSession *
	unsigned char *bytes,		// must be alloc'd by caller 
	unsigned numBytes)
{
	AppleCSPSession *session = 
		reinterpret_cast<AppleCSPSession *>(ref);
	try {
		session->getRandomBytes(numBytes, bytes);
	}
	catch(...) {
		return FR_Internal;
	}
	return FR_Success;
}

#endif	/* CRYPTKIT_CSP_ENABLE */