VirtualBox

source: vbox/trunk/src/VBox/Main/include/SecretKeyStore.h@ 55319

Last change on this file since 55319 was 55182, checked in by vboxsync, 10 years ago

Main,FE/VBoxManage: Support exporting machines as appliances which have encrypted disks. Because the OVF standard doesn't support encrypted disks so far we always decrypt exported images which requires the password before starting the export proess
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 5.8 KB
Line 
1/** @file
2 * Main - Secret key interface.
3 */
4
5/*
6 * Copyright (C) 2015 Oracle Corporation
7 *
8 * This file is part of VirtualBox Open Source Edition (OSE), as
9 * available from http://www.virtualbox.org. This file is free software;
10 * you can redistribute it and/or modify it under the terms of the GNU
11 * General Public License (GPL) as published by the Free Software
12 * Foundation, in version 2 as it comes in the "COPYING" file of the
13 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
14 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
15 */
16
17#ifndef ____H_SECRETKEYSTORE
18#define ____H_SECRETKEYSTORE
19
20#include "VirtualBoxBase.h"
21#include "VBox/com/array.h"
22
23class SecretKey
24{
25 public:
26
27 /**
28 * Constructor for a secret key.
29 *
30 * @param pbKey The key buffer.
31 * @param cbKey Size of the key.
32 * @param fKeyBufNonPageable Flag whether the key buffer should be non pageable.
33 */
34 SecretKey(const uint8_t *pbKey, size_t cbKey, bool fKeyBufNonPageable);
35
36 /**
37 * Secret key destructor.
38 */
39 ~SecretKey();
40
41 /**
42 * Increments the reference counter of the key.
43 *
44 * @returns The new reference count.
45 */
46 uint32_t retain();
47
48 /**
49 * Releases a reference of the key.
50 * If the reference counter reaches 0 the key buffer might be protected
51 * against further access or the data will become scrambled.
52 *
53 * @returns The new reference count.
54 */
55 uint32_t release();
56
57 /**
58 * Returns the reference count of the secret key.
59 */
60 uint32_t refCount();
61
62 /**
63 * Sets the possible number of users for this key.
64 *
65 * @returns VBox status code.
66 * @param cUsers The possible number of user for this key.
67 */
68 int setUsers(uint32_t cUsers);
69
70 /**
71 * Returns the possible amount of users.
72 *
73 * @returns Possible amount of users.
74 */
75 uint32_t getUsers();
76
77 /**
78 * Sets the remove on suspend flag.
79 *
80 * @returns VBox status code.
81 * @param fRemoveOnSuspend Flag whether to remove the key on host suspend.
82 */
83 int setRemoveOnSuspend(bool fRemoveOnSuspend);
84
85 /**
86 * Returns whether the key should be destroyed on suspend.
87 */
88 bool getRemoveOnSuspend();
89
90 /**
91 * Returns the buffer to the key.
92 */
93 const void *getKeyBuffer();
94
95 /**
96 * Returns the size of the key.
97 */
98 size_t getKeySize();
99
100 private:
101 /** Reference counter of the key. */
102 volatile uint32_t m_cRefs;
103 /** Key material. */
104 uint8_t *m_pbKey;
105 /** Size of the key in bytes. */
106 size_t m_cbKey;
107 /** Flag whether to remove the key on suspend. */
108 bool m_fRemoveOnSuspend;
109 /** Number of entities which will use this key. */
110 uint32_t m_cUsers;
111};
112
113class SecretKeyStore
114{
115 public:
116
117 /**
118 * Constructor for a secret key store.
119 *
120 * @param fKeyBufNonPageable Flag whether the key buffer is required to
121 * be non pageable.
122 */
123 SecretKeyStore(bool fKeyBufNonPageable);
124
125 /**
126 * Destructor of a secret key store. This will free all stored secret keys
127 * inluding the key buffers. Make sure there no one accesses one of the keys
128 * stored.
129 */
130 ~SecretKeyStore();
131
132 /**
133 * Add a secret key to the store.
134 *
135 * @returns VBox status code.
136 * @param strKeyId The key identifier.
137 * @param pbKey The key to store.
138 * @param cbKey Size of the key.
139 */
140 int addSecretKey(const com::Utf8Str &strKeyId, const uint8_t *pbKey, size_t cbKey);
141
142 /**
143 * Deletes a key from the key store associated with the given identifier.
144 *
145 * @returns VBox status code.
146 * @param strKeyId The key identifier.
147 */
148 int deleteSecretKey(const com::Utf8Str &strKeyId);
149
150 /**
151 * Returns the secret key object associated with the given identifier.
152 * This increments the reference counter of the secret key object.
153 *
154 * @returns VBox status code.
155 * @param strKeyId The key identifier.
156 * @param ppKey Where to store the secret key object on success.
157 */
158 int retainSecretKey(const com::Utf8Str &strKeyId, SecretKey **ppKey);
159
160 /**
161 * Releases a reference to the secret key object.
162 *
163 * @returns VBox status code.
164 * @param strKeyId The key identifier.
165 */
166 int releaseSecretKey(const com::Utf8Str &strKeyId);
167
168 /**
169 * Deletes all secret keys from the key store.
170 *
171 * @returns VBox status code.
172 * @param fSuspend Flag whether to delete only keys which are
173 * marked for deletion during a suspend.
174 * @param fForce Flag whether to force deletion if some keys
175 * are still in use. Otherwise an error is returned.
176 */
177 int deleteAllSecretKeys(bool fSuspend, bool fForce);
178
179 private:
180
181 typedef std::map<com::Utf8Str, SecretKey *> SecretKeyMap;
182
183 /** The map to map key identifers to secret keys. */
184 SecretKeyMap m_mapSecretKeys;
185 /** Flag whether key buffers should be non pagable. */
186 bool m_fKeyBufNonPageable;
187};
188
189#endif /* !____H_SECRETKEYSTORE */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette