1#ifndef __TRANSFORM_SIGN_VERIFY__
2#define __TRANSFORM_SIGN_VERIFY__
3
4
5/*
6 * Copyright (c) 2010-2011 Apple Inc. All Rights Reserved.
7 *
8 * @APPLE_LICENSE_HEADER_START@
9 *
10 * This file contains Original Code and/or Modifications of Original Code
11 * as defined in and that are subject to the Apple Public Source License
12 * Version 2.0 (the 'License'). You may not use this file except in
13 * compliance with the License. Please obtain a copy of the License at
14 * http://www.opensource.apple.com/apsl/ and read it before using this
15 * file.
16 *
17 * The Original Code and all software distributed under the License are
18 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
19 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
20 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
21 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
22 * Please see the License for the specific language governing rights and
23 * limitations under the License.
24 *
25 * @APPLE_LICENSE_HEADER_END@
26 */
27
28#include "SecTransform.h"
29#include <Security/SecBase.h>
30
31
32#ifdef __cplusplus
33extern "C" {
34#endif
35
36	extern CFStringRef kSecKeyAttributeName, kSecSignatureAttributeName, kSecInputIsAttributeName;
37	// WARNING: kSecInputIsRaw is frequently cryptographically unsafe (for example if you don't blind a DSA or ECDSA signature you give away the key very quickly), please only use it if you really know the math.
38	extern CFStringRef kSecInputIsPlainText, kSecInputIsDigest, kSecInputIsRaw;
39	// Supported optional attributes: kSecDigestTypeAttribute (kSecDigestMD2, kSecDigestMD4, kSecDigestMD5, kSecDigestSHA1, kSecDigestSHA2), kSecDigestLengthAttribute
40
41	/*!
42	 @function SecSignTransformCreate
43	 @abstract			Creates a sign computation object.
44	 @param key		A SecKey with the private key used for signing.
45	 @param error		A pointer to a CFErrorRef.  This pointer will be set
46	 if an error occurred.  This value may be NULL if you
47	 do not want an error returned.
48	 @result				A pointer to a SecTransformRef object.  This object must
49	 be released with CFRelease when you are done with
50	 it.  This function will return NULL if an error
51	 occurred.
52	 @discussion			This function creates a transform which computes a
53	 cryptographic signature.   The InputIS defaults to kSecInputIsPlainText,
54	 and the DigestType and DigestLength default to something appropriate for
55	 the type of key you have supplied.
56	 */
57
58	SecTransformRef SecSignTransformCreate(SecKeyRef key,
59											 CFErrorRef* error
60											 )
61	__OSX_AVAILABLE_STARTING(__MAC_10_7,__IPHONE_NA);
62
63	/*!
64	 @function SecVerifyTransformCreate
65	 @abstract			Creates a verify computation object.
66	 @param key		A SecKey with the public key used for signing.
67	 @param signature	A CFDataRef with the signature.   This value may be
68	 NULL, and you may connect a transform to kSecTransformSignatureAttributeName
69	 to supply it from another signature.
70	 @param error		A pointer to a CFErrorRef.  This pointer will be set
71	 if an error occurred.  This value may be NULL if you
72	 do not want an error returned.
73	 @result				A pointer to a SecTransformRef object.  This object must
74	 be released with CFRelease when you are done with
75	 it.  This function will return NULL if an error
76	 occurred.
77	 @discussion			This function creates a transform which verifies a
78	 cryptographic signature.  The InputIS defaults to kSecInputIsPlainText,
79	 and the DigestType and DigestLength default to something appropriate for
80	 the type of key you have supplied.
81	 */
82
83	SecTransformRef SecVerifyTransformCreate(SecKeyRef key,
84											 CFDataRef signature,
85											 CFErrorRef* error
86											 )
87	__OSX_AVAILABLE_STARTING(__MAC_10_7,__IPHONE_NA);
88
89
90#ifdef __cplusplus
91};
92#endif
93
94
95#endif
96