1/*
2 * Copyright (c) 2007-2009 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24/*!
25	@header SecImportExport
26	contains import/export functionality for keys and certificates.
27*/
28
29#ifndef _SECURITY_SECIMPORTEXPORT_H_
30#define _SECURITY_SECIMPORTEXPORT_H_
31
32#include <Security/SecBase.h>
33#include <CoreFoundation/CFArray.h>
34#include <CoreFoundation/CFData.h>
35#include <CoreFoundation/CFDictionary.h>
36
37__BEGIN_DECLS
38
39/*!
40    @enum Import/Export options
41    @discussion Predefined key constants used to pass in arguments to the
42        import/export functions
43    @constant kSecImportExportPassphrase Specifies a passphrase represented by
44        a CFStringRef to be used to encrypt/decrypt.
45*/
46extern CFStringRef kSecImportExportPassphrase
47    __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
48
49/*!
50    @enum Import/Export item description
51    @discussion Predefined key constants used to pass back a CFArray with a
52        CFDictionary per item.
53
54    @constant kSecImportItemLabel a CFStringRef representing the item label.
55        This implementation specific identifier cannot be expected to have
56        any format.
57    @constant kSecImportItemKeyID a CFDataRef representing the key id.  Often
58        the SHA-1 digest of the public key.
59    @constant kSecImportItemIdentity a SecIdentityRef representing the identity.
60    @constant kSecImportItemTrust a SecTrustRef set up with all relevant
61        certificates.  Not guaranteed to succesfully evaluate.
62    @constant kSecImportItemCertChain a CFArrayRef holding all relevant
63        certificates for this item's identity
64*/
65extern CFStringRef kSecImportItemLabel
66    __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
67extern CFStringRef kSecImportItemKeyID
68    __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
69extern CFStringRef kSecImportItemTrust
70    __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
71extern CFStringRef kSecImportItemCertChain
72    __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
73extern CFStringRef kSecImportItemIdentity
74    __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
75
76/*!
77	@function SecPKCS12Import
78	@abstract return contents of a PKCS#12 formatted blob.
79    @param pkcs12_data PKCS#12 formatted data
80    @param options Dictionary containing options for decode.  A
81        kSecImportExportPassphrase is required at a minimum.  Only password-
82        based PKCS#12 blobs are currently supported.
83    @param items Array containing a dictionary for every item extracted.  See
84        kSecImportItem constants.
85	@result errSecSuccess in case of success. errSecDecode means either the
86        blob can't be read or it is malformed. errSecAuthFailed means an
87        incorrect password was passed, or data in the container got damaged.
88*/
89OSStatus SecPKCS12Import(CFDataRef pkcs12_data, CFDictionaryRef options,
90    CFArrayRef *items) __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_2_0);
91
92__END_DECLS
93
94#endif /* !_SECURITY_SECIMPORTEXPORT_H_ */
95