1/*
2 * Copyright (c) 2003-2005 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please
7 * obtain a copy of the License at http://www.apple.com/publicsource and
8 * read it before using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
12 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
13 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
14 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
15 * Please see the License for the specific language governing rights and
16 * limitations under the License.
17 */
18
19/*
20 * p12Crypto.h - PKCS12 Crypto routines. App space reference version.
21 *
22 * Created 2/28/03 by Doug Mitchell.
23 */
24
25#ifndef	_PKCS12_CRYPTO_H_
26#define _PKCS12_CRYPTO_H_
27
28#include <Security/cssmtype.h>
29#include "SecNssCoder.h"
30#include <security_asn1/nssUtils.h>
31#include <security_pkcs12/pkcs12Templates.h>
32
33#ifdef __cplusplus
34extern "C" {
35#endif
36
37/*
38 * Given appropriate P12-style parameters, cook up a CSSM_KEY.
39 * Eventually this will use DeriveKey; for now we do it ourself.
40 */
41CSSM_RETURN p12KeyGen_app(
42	CSSM_CSP_HANDLE		cspHand,
43	bool				isForEncr,	// true: en/decrypt   false: MAC
44	CSSM_KEY			&key,
45	CSSM_ALGORITHMS		keyAlg,
46	CSSM_ALGORITHMS		pbeHashAlg,	// SHA1, MD5 only
47	uint32				keySizeInBits,
48	uint32				iterCount,
49	CSSM_DATA			&salt,
50	const CSSM_DATA		&pwd,		// unicode, double null terminated
51	CSSM_DATA			&iv,		// referent is optional
52	SecNssCoder			&coder);	// for mallocing KeyData
53
54/*
55 * Decrypt (typically, an encrypted P7 ContentInfo contents or
56 * a P12 ShroudedKeyBag).
57 */
58CSSM_RETURN p12Decrypt_app(
59	CSSM_CSP_HANDLE		cspHand,
60	const CSSM_DATA		&cipherText,
61	CSSM_ALGORITHMS		keyAlg,
62	CSSM_ALGORITHMS		encrAlg,
63	CSSM_ALGORITHMS		pbeHashAlg,			// SHA1, MD5 only
64	uint32				keySizeInBits,
65	uint32				blockSizeInBytes,	// for IV
66	CSSM_PADDING		padding,			// CSSM_PADDING_PKCS7, etc.
67	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBCPadIV8, etc.
68	uint32				iterCount,
69	const CSSM_DATA		&salt,
70	const CSSM_DATA		&pwd,		// unicode, double null terminated
71	SecNssCoder			&coder,		// for mallocing KeyData and plainText
72	CSSM_DATA			&plainText);
73
74/*
75 * Calculate the MAC for a PFX. Caller is either going compare
76 * the result against an existing PFX's MAC or drop the result into
77 * a newly created PFX.
78 */
79CSSM_RETURN p12GenMac_app(
80	CSSM_CSP_HANDLE		cspHand,
81	const CSSM_DATA		&ptext,	// e.g., NSS_P12_DecodedPFX.derAuthSaafe
82	CSSM_ALGORITHMS		alg,	// better be SHA1!
83	unsigned			iterCount,
84	const CSSM_DATA		&salt,
85	const CSSM_DATA		&pwd,		// unicode, double null terminated
86	SecNssCoder			&coder,		// for mallocing macData
87	CSSM_DATA			&macData);	// RETURNED
88
89CSSM_RETURN p12VerifyMac_app(
90	const NSS_P12_DecodedPFX 	&pfx,
91	CSSM_CSP_HANDLE				cspHand,
92	const CSSM_DATA				&pwd,	// unicode, double null terminated
93	SecNssCoder					&coder);// for temp mallocs
94
95
96#ifdef __cplusplus
97}
98#endif
99
100#endif	/* _PKCS12_CRYPTO_H_ */
101
102