1/* 2 * Copyright (c) 2013-2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24/*! 25 @header SecKeybagSupport.h - The thing that does the stuff with the gibli. 26 */ 27 28#ifndef _SECURITYD_SECKEYBAGSUPPORT_H_ 29#define _SECURITYD_SECKEYBAGSUPPORT_H_ 30 31#include <CoreFoundation/CoreFoundation.h> 32#include <utilities/SecAKSWrappers.h> 33 34#if TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_IPHONE_SIMULATOR) 35#define USE_KEYSTORE 1 36#elif TARGET_OS_EMBEDDED && !TARGET_IPHONE_SIMULATOR 37#define USE_KEYSTORE 1 38#else /* no keystore on this platform */ 39#define USE_KEYSTORE 0 40#endif 41 42#if USE_KEYSTORE 43#include <Kernel/IOKit/crypto/AppleKeyStoreDefs.h> 44#endif /* USE_KEYSTORE */ 45 46__BEGIN_DECLS 47 48// TODO: Get this out of this file 49#if USE_KEYSTORE 50typedef int32_t keyclass_t; 51#else 52 53/* TODO: this needs to be available in the sim! */ 54typedef int32_t keyclass_t; 55typedef int32_t key_handle_t; 56enum key_classes { 57 key_class_ak = 6, 58 key_class_ck, 59 key_class_dk, 60 key_class_aku, 61 key_class_cku, 62 key_class_dku, 63 key_class_akpu 64}; 65#endif /* !USE_KEYSTORE */ 66 67enum SecKsCryptoOp { 68 kSecKsWrap = 10, 69 kSecKsUnwrap, 70 kSecKsDelete 71}; 72 73 74/* KEYBAG_NONE is private to security and have special meaning. 75 They should not collide with AppleKeyStore constants, but are only referenced 76 in here. 77 */ 78#define KEYBAG_NONE (-1) /* Set q_keybag to KEYBAG_NONE to obtain cleartext data. */ 79#define KEYBAG_DEVICE (g_keychain_keybag) /* actual keybag used to encrypt items */ 80extern keybag_handle_t g_keychain_keybag; 81 82bool use_hwaes(void); 83bool ks_crypt(uint32_t operation, keybag_handle_t keybag, 84 keyclass_t keyclass, uint32_t textLength, const uint8_t *source, keyclass_t *actual_class, 85 CFMutableDataRef dest, CFErrorRef *error); 86#if USE_KEYSTORE 87bool ks_crypt_acl(uint32_t operation, keybag_handle_t keybag, 88 keyclass_t keyclass, uint32_t textLength, const uint8_t *source, 89 CFMutableDataRef dest, CFDataRef acl, CFDataRef acm_context, CFDataRef caller_access_groups, 90 CFErrorRef *error); 91#endif 92bool ks_open_keybag(CFDataRef keybag, CFDataRef password, keybag_handle_t *handle, CFErrorRef *error); 93bool ks_close_keybag(keybag_handle_t keybag, CFErrorRef *error); 94 95__END_DECLS 96 97#endif /* _SECURITYD_SECKEYBAGSUPPORT_H_ */ 98