/* * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, * 2018, 2019 * Jonathan Schleifer <js@heap.zone> * * All rights reserved. * * This file is part of ObjFW. It may be distributed under the terms of the * Q Public License 1.0, which can be found in the file LICENSE.QPL included in * the packaging of this file. * * Alternatively, it may be distributed under the terms of the GNU General * Public License, either version 2 or 3, which can be found in the file * LICENSE.GPLv2 or LICENSE.GPLv3 respectively included in the packaging of this * file. */ #import "OFData.h" OF_ASSUME_NONNULL_BEGIN /*! * @class OFSecureData OFSecureData.h ObjFW/OFSecureData.h * * @brief A class for storing arbitrary data in secure memory, securely wiping * it when it gets deallocated. * * @note Secure memory might be unavailable on the platform, in which case this * falls back to insecure (potentially swappable) memory. */ OF_SUBCLASSING_RESTRICTED @interface OFSecureData: OFData { struct page *_page; } #ifdef OF_HAVE_CLASS_PROPERTIES @property (class, readonly, nonatomic, getter=isSecure) bool secure; #endif /*! * @brief All items of the OFSecureData as a C array. * * Modifying the returned array directly is allowed and will change the contents * of the data. */ @property (readonly, nonatomic) void *mutableItems OF_RETURNS_INNER_POINTER; /*! * @brief Whether OFSecureData is secure, meaning preventing the data from * being swapped out is supported. */ + (bool)isSecure; /*! * @brief Preallocates the specified number of bytes. * * This is useful to allocate secure memory before enabling a sandbox that does * not allow it anymore. * * @note This may only be called once per thread! * @note Preallocated memory is only available for OFSecureData that is smaller * than a single page! * * @param size The number of bytes to preallocate */ + (void)preallocateMemoryWithSize: (size_t)size; /*! * @brief Creates a new, autoreleased OFSecureData with count items of item * size 1, all set to zero. * * @param count The number of zero items the OFSecureData should contain * @return A new, autoreleased OFSecureData */ + (instancetype)dataWithCount: (size_t)count; /*! * @brief Creates a new, autoreleased OFSecureData with count items of the * specified item size, all set to zero. * * @param itemSize The size of a single item in the OFSecureData in bytes * @param count The number of zero items the OFSecureData should contain * @return A new, autoreleased OFSecureData */ + (instancetype)dataWithItemSize: (size_t)itemSize count: (size_t)count; #ifdef OF_HAVE_FILES + (instancetype)dataWithContentsOfFile: (OFString *)path OF_UNAVAILABLE; #endif + (instancetype)dataWithContentsOfURL: (OFURL *)URL OF_UNAVAILABLE; + (instancetype)dataWithStringRepresentation: (OFString *)string OF_UNAVAILABLE; + (instancetype)dataWithBase64EncodedString: (OFString *)string OF_UNAVAILABLE; + (instancetype)dataWithSerialization: (OFXMLElement *)element OF_UNAVAILABLE; /*! * @brief Initializes an already allocated OFSecureData with count items of * item size 1, all set to zero. * * @param count The number of zero items the OFSecureData should contain * @return An initialized OFSecureData */ - (instancetype)initWithCount: (size_t)count; /*! * @brief Initializes an already allocated OFSecureData with count items of the * specified item size, all set to zero. * * @param itemSize The size of a single item in the OFSecureData in bytes * @param count The number of zero items the OFSecureData should contain * @return An initialized OFSecureData */ - (instancetype)initWithItemSize: (size_t)itemSize count: (size_t)count; /*! * @brief Returns a specific item of the OFSecureData. * * Modifying the returned item directly is allowed and will change the contents * of the data array. * * @param index The number of the item to return * @return The specified item of the OFSecureData */ - (void *)mutableItemAtIndex: (size_t)index OF_RETURNS_INNER_POINTER; /*! * @brief Checks the OFSecureData for equality to another object. * * If the specified object is a subclass of @ref OFData, the comparison is * performed in constant time. * * @param object The object which should be tested for equality * @return A boolean whether the OFSecureData is equal to the specified object */ - (bool)isEqual: (nullable id)object; /*! * @brief Zeroes the data. */ - (void)zero; #ifdef OF_HAVE_FILES - (instancetype)initWithContentsOfFile: (OFString *)path OF_UNAVAILABLE; #endif - (instancetype)initWithContentsOfURL: (OFURL *)URL OF_UNAVAILABLE; - (instancetype)initWithStringRepresentation: (OFString *)string OF_UNAVAILABLE; - (instancetype)initWithBase64EncodedString: (OFString *)string OF_UNAVAILABLE; - (instancetype)initWithSerialization: (OFXMLElement *)element OF_UNAVAILABLE; - (OFString *)stringRepresentation OF_UNAVAILABLE; - (OFString *)stringByBase64Encoding OF_UNAVAILABLE; #ifdef OF_HAVE_FILES - (void)writeToFile: (OFString *)path OF_UNAVAILABLE; #endif - (void)writeToURL: (OFURL *)URL OF_UNAVAILABLE; - (OFXMLElement *)XMLElementBySerializing OF_UNAVAILABLE; - (OFData *)messagePackRepresentation OF_UNAVAILABLE; @end OF_ASSUME_NONNULL_END