1/* 2 * Copyright (c) 2001-2003,2011,2014 Apple Inc. All Rights Reserved. 3 * 4 * The contents of this file constitute Original Code as defined in and are 5 * subject to the Apple Public Source License Version 1.2 (the 'License'). 6 * You may not use this file except in compliance with the License. Please 7 * obtain a copy of the License at http://www.apple.com/publicsource and 8 * read it before using this file. 9 * 10 * This Original Code and all software distributed under the License are 11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 12 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 13 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 14 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 15 * Please see the License for the specific language governing rights and 16 * limitations under the License. 17 */ 18 19/* 20 File: cuCdsaUtils.h 21 22 Description: common CDSA access utilities 23 24 Author: dmitch 25*/ 26 27#ifndef _COMMON_CDSA_UTILS_H_ 28#define _COMMON_CDSA_UTILS_H_ 29 30#include <Security/cssm.h> 31#include <Security/SecKeychain.h> 32 33#ifdef __cplusplus 34extern "C" { 35#endif 36 37/* common memory allocators shared by app and CSSM */ 38extern void * cuAppMalloc (CSSM_SIZE size, void *allocRef); 39extern void cuAppFree (void *mem_ptr, void *allocRef); 40extern void * cuAppRealloc (void *ptr, CSSM_SIZE size, void *allocRef); 41extern void * cuAppCalloc (uint32 num, CSSM_SIZE size, void *allocRef); 42 43#define APP_MALLOC(s) cuAppMalloc(s, NULL) 44#define APP_FREE(p) cuAppFree(p, NULL) 45#define APP_REALLOC(p, s) cuAppRealloc(p, s, NULL) 46#define APP_CALLOC(n, s) cuAppRealloc(n, s, NULL) 47 48extern CSSM_BOOL cuCompareCssmData( 49 const CSSM_DATA *d1, 50 const CSSM_DATA *d2); 51 52/* OID flavor of same, which will break when an OID is not a CSSM_DATA */ 53#define cuCompareOid(o1, o2) cuCompareCssmData(o1, o2) 54 55void cuPrintError(const char *op, CSSM_RETURN err); 56 57/* Init CSSM; returns CSSM_FALSE on error. Reusable. */ 58extern CSSM_BOOL cuCssmStartup(); 59 60/* Attach to CSP. Returns zero on error. */ 61extern CSSM_CSP_HANDLE cuCspStartup( 62 CSSM_BOOL bareCsp); // true ==> CSP, false ==> CSP/DL 63 64/* Attach to DL side of CSPDL. */ 65extern CSSM_DL_HANDLE cuDlStartup(); 66 67/* Attach to CL, TP */ 68extern CSSM_CL_HANDLE cuClStartup(); 69extern CSSM_TP_HANDLE cuTpStartup(); 70 71/* Open a DB, ensure it's empty. */ 72CSSM_DB_HANDLE cuDbStartup( 73 CSSM_DL_HANDLE dlHand, // from dlStartup() 74 const char *dbName); 75 76/* Attach to existing DB or create an empty new one. */ 77CSSM_DB_HANDLE cuDbStartupByName(CSSM_DL_HANDLE dlHand, 78 char *dbName, 79 CSSM_BOOL doCreate, 80 CSSM_BOOL quiet); 81 82/* detach and unload */ 83CSSM_RETURN cuCspDetachUnload( 84 CSSM_CSP_HANDLE cspHand, 85 CSSM_BOOL bareCsp); // true ==> CSP, false ==> CSP/DL 86CSSM_RETURN cuClDetachUnload( 87 CSSM_CL_HANDLE clHand); 88CSSM_RETURN cuDlDetachUnload( 89 CSSM_DL_HANDLE dlHand); 90CSSM_RETURN cuTpDetachUnload( 91 CSSM_TP_HANDLE tpHand); 92/* 93 * Derive symmetric key using PBE. 94 */ 95extern CSSM_RETURN cuCspDeriveKey(CSSM_CSP_HANDLE cspHand, 96 uint32 keyAlg, // CSSM_ALGID_RC5, etc. 97 const char *keyLabel, 98 unsigned keyLabelLen, 99 uint32 keyUsage, // CSSM_KEYUSE_ENCRYPT, etc. 100 uint32 keySizeInBits, 101 CSSM_DATA_PTR password, // in PKCS-5 lingo 102 CSSM_DATA_PTR salt, // ditto 103 uint32 iterationCnt, // ditto 104 CSSM_KEY_PTR key); 105 106/* 107 * Generate key pair of arbitrary algorithm. 108 */ 109extern CSSM_RETURN cuCspGenKeyPair(CSSM_CSP_HANDLE cspHand, 110 CSSM_DL_DB_HANDLE *dlDbHand, // optional 111 uint32 algorithm, 112 const char *keyLabel, 113 unsigned keyLabelLen, 114 uint32 keySize, // in bits 115 CSSM_KEY_PTR pubKey, // mallocd by caller 116 CSSM_KEYUSE pubKeyUsage, // CSSM_KEYUSE_ENCRYPT, etc. 117 CSSM_KEYATTR_FLAGS pubAttrs, // CSSM_KEYATTR_EXTRACTABLE, etc. 118 CSSM_KEY_PTR privKey, // mallocd by caller 119 CSSM_KEYUSE privKeyUsage, // CSSM_KEYUSE_DECRYPT, etc. 120 CSSM_KEYATTR_FLAGS privAttrs); // CSSM_KEYATTR_EXTRACTABLE, etc. 121 122/* Convert a reference key to a raw key. */ 123CSSM_RETURN cuRefKeyToRaw(CSSM_CSP_HANDLE cspHand, 124 const CSSM_KEY *refKey, 125 CSSM_KEY_PTR rawKey); // RETURNED 126 127/* 128 * Add a certificate to a keychain. 129 */ 130CSSM_RETURN cuAddCertToKC( 131 SecKeychainRef keychain, 132 const CSSM_DATA *cert, 133 CSSM_CERT_TYPE certType, 134 CSSM_CERT_ENCODING certEncoding, 135 const char *printName, // C string 136 const CSSM_DATA *keyLabel); // ?? 137 138/* 139 * Convert a CSSM_DATA_PTR, referring to a DER-encoded int, to an 140 * unsigned. 141 */ 142unsigned cuDER_ToInt( 143 const CSSM_DATA *DER_Data); 144 145/* 146 * Verify a CRL against system anchors and intermediate certs. 147 */ 148CSSM_RETURN cuCrlVerify( 149 CSSM_TP_HANDLE tpHand, 150 CSSM_CL_HANDLE clHand, 151 CSSM_CSP_HANDLE cspHand, 152 const CSSM_DATA *crlData, 153 CSSM_DL_DB_HANDLE_PTR certKeychain, // intermediate certs 154 const CSSM_DATA *anchors, // optional - if NULL, use Trust Settings 155 uint32 anchorCount); 156 157#ifdef __cplusplus 158} 159#endif 160 161#endif /* _COMMON_CDSA_UTILS_H_ */ 162