[apple/security.git] / OSX / libsecurity_keychain / lib / SecItemConstants.c

/*
 * Copyright (c) 2006-2014 Apple Inc. All Rights Reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

#define __CONSTANT_CFSTRINGS__  1
#include <CoreFoundation/CFString.h>

/* String constant declarations */

#define SEC_CONST_DECL(k,v) const CFStringRef k = CFSTR(v);

// See the other SecItemContants.c for actual definitions

/* Class Key Constant */
//SEC_CONST_DECL (kSecClass, "class");

/* Class Value Constants */
//SEC_CONST_DECL (kSecClassGenericPassword, "genp");
//SEC_CONST_DECL (kSecClassInternetPassword, "inet");
//SEC_CONST_DECL (kSecClassAppleSharePassword, "apls");
//SEC_CONST_DECL (kSecClassCertificate, "cert");
//SEC_CONST_DECL (kSecClassKey, "keys");
//SEC_CONST_DECL (kSecClassIdentity, "idnt");

/* Attribute Key Constants */
//SEC_CONST_DECL (kSecAttrAccessible, "pdmn");
//SEC_CONST_DECL (kSecAttrAccessGroup, "agrp");
SEC_CONST_DECL (kSecAttrAccess, "acls");
//SEC_CONST_DECL (kSecAttrCreationDate, "cdat");
//SEC_CONST_DECL (kSecAttrModificationDate, "mdat");
//SEC_CONST_DECL (kSecAttrDescription, "desc");
//SEC_CONST_DECL (kSecAttrComment, "icmt");
//SEC_CONST_DECL (kSecAttrCreator, "crtr");
//SEC_CONST_DECL (kSecAttrType, "type");
//SEC_CONST_DECL (kSecAttrLabel, "labl");
//SEC_CONST_DECL (kSecAttrIsInvisible, "invi");
//SEC_CONST_DECL (kSecAttrIsNegative, "nega");
//SEC_CONST_DECL (kSecAttrAccount, "acct");
//SEC_CONST_DECL (kSecAttrService, "svce");
//SEC_CONST_DECL (kSecAttrGeneric, "gena");
//SEC_CONST_DECL (kSecAttrSecurityDomain, "sdmn");
//SEC_CONST_DECL (kSecAttrServer, "srvr");
//SEC_CONST_DECL (kSecAttrProtocol, "ptcl");
//SEC_CONST_DECL (kSecAttrAuthenticationType, "atyp");
//SEC_CONST_DECL (kSecAttrPort, "port");
//SEC_CONST_DECL (kSecAttrPath, "path");
//SEC_CONST_DECL (kSecAttrVolume, "volm");
//SEC_CONST_DECL (kSecAttrAddress, "addr");
//SEC_CONST_DECL (kSecAttrAFPServerSignature, "afps");
//SEC_CONST_DECL (kSecAttrAlias, "alis");
//SEC_CONST_DECL (kSecAttrSubject, "subj");
//SEC_CONST_DECL (kSecAttrIssuer, "issr");
//SEC_CONST_DECL (kSecAttrSerialNumber, "slnr");
//SEC_CONST_DECL (kSecAttrSubjectKeyID, "skid");
//SEC_CONST_DECL (kSecAttrPublicKeyHash, "pkhh");
//SEC_CONST_DECL (kSecAttrCertificateType, "ctyp");
//SEC_CONST_DECL (kSecAttrCertificateEncoding, "cenc");
//SEC_CONST_DECL (kSecAttrKeyClass, "kcls");
//SEC_CONST_DECL (kSecAttrApplicationLabel, "klbl");
//SEC_CONST_DECL (kSecAttrIsPermanent, "perm");
//SEC_CONST_DECL (kSecAttrIsModifiable, "modi");
//SEC_CONST_DECL (kSecAttrIsPrivate, "priv");
//SEC_CONST_DECL (kSecAttrApplicationTag, "atag");
//SEC_CONST_DECL (kSecAttrKeyCreator, "crtr");
//SEC_CONST_DECL (kSecAttrKeyType, "type");
SEC_CONST_DECL (kSecAttrPRF, "prf");
SEC_CONST_DECL (kSecAttrSalt, "salt");
SEC_CONST_DECL (kSecAttrRounds, "rounds");
//SEC_CONST_DECL (kSecAttrKeySizeInBits, "bsiz");
//SEC_CONST_DECL (kSecAttrEffectiveKeySize, "esiz");
//SEC_CONST_DECL (kSecAttrStartDate, "sdat");
//SEC_CONST_DECL (kSecAttrEndDate, "edat");
//SEC_CONST_DECL (kSecAttrIsSensitive, "sens");
//SEC_CONST_DECL (kSecAttrWasAlwaysSensitive, "asen");
//SEC_CONST_DECL (kSecAttrIsExtractable, "extr");
//SEC_CONST_DECL (kSecAttrWasNeverExtractable, "next");
//SEC_CONST_DECL (kSecAttrCanEncrypt, "encr");
//SEC_CONST_DECL (kSecAttrCanDecrypt, "decr");
//SEC_CONST_DECL (kSecAttrCanDerive, "drve");
//SEC_CONST_DECL (kSecAttrCanSign, "sign");
//SEC_CONST_DECL (kSecAttrCanVerify, "vrfy");
//SEC_CONST_DECL (kSecAttrCanSignRecover, "snrc");
//SEC_CONST_DECL (kSecAttrCanVerifyRecover, "vyrc");
//SEC_CONST_DECL (kSecAttrCanWrap, "wrap");
//SEC_CONST_DECL (kSecAttrCanUnwrap, "unwp");
//SEC_CONST_DECL (kSecAttrSyncViewHint, "vwht");
//SEC_CONST_DECL (kSecAttrTokenID, "tkid");
/* Attribute Constants (Private) */
//SEC_CONST_DECL (kSecAttrScriptCode, "scrp");
//SEC_CONST_DECL (kSecAttrHasCustomIcon, "cusi");
//SEC_CONST_DECL (kSecAttrCRLType, "crlt");
//SEC_CONST_DECL (kSecAttrCRLEncoding, "crle");
//SEC_CONST_DECL (kSecAttrSynchronizable, "sync");
//SEC_CONST_DECL (kSecAttrSynchronizableAny, "syna");
//SEC_CONST_DECL (kSecAttrTombstone, "tomb");
//SEC_CONST_DECL (kSecAttrNoLegacy, "nleg");
//SEC_CONST_DECL (kSecAttrMultiUser, "musr");
//SEC_CONST_DECL (kSecAttrTokenOID, "toid");
//SEC_CONST_DECL (kSecAttrUUID, "UUID");
//SEC_CONST_DECL (kSecAttrPersistantReference, "persistref");
//SEC_CONST_DECL (kSecAttrPersistentReference, "persistref");
//SEC_CONST_DECL (kSecAttrSysBound, "sysb");
//SEC_CONST_DECL (kSecAttrSHA1, "sha1");
//
//SEC_CONST_DECL (kSecAttrDeriveSyncIDFromItemAttributes, "dspk");
//SEC_CONST_DECL (kSecAttrPCSPlaintextServiceIdentifier, "pcss");
//SEC_CONST_DECL (kSecAttrPCSPlaintextPublicKey, "pcsk");
//SEC_CONST_DECL (kSecAttrPCSPlaintextPublicIdentity, "pcsi");

//SEC_CONST_DECL (kSecDataInetExtraNotes, "binn");
//SEC_CONST_DECL (kSecDataInetExtraHistory, "bini");
//SEC_CONST_DECL (kSecDataInetExtraClientDefined0, "bin0");
//SEC_CONST_DECL (kSecDataInetExtraClientDefined1, "bin1");
//SEC_CONST_DECL (kSecDataInetExtraClientDefined2, "bin2");
//SEC_CONST_DECL (kSecDataInetExtraClientDefined3, "bin3");

/* Predefined access groups constants */
//SEC_CONST_DECL (kSecAttrAccessGroupToken, "com.apple.token");

/* Search Constants */
//SEC_CONST_DECL (kSecMatchPolicy, "m_Policy");
//SEC_CONST_DECL (kSecMatchItemList, "m_ItemList");
//SEC_CONST_DECL (kSecMatchSearchList, "m_SearchList");
//SEC_CONST_DECL (kSecMatchIssuers, "m_Issuers");
//SEC_CONST_DECL (kSecMatchEmailAddressIfPresent, "m_EmailAddressIfPresent");
//SEC_CONST_DECL (kSecMatchSubjectContains, "m_SubjectContains");
SEC_CONST_DECL (kSecMatchSubjectStartsWith, "m_SubjectStartsWith");
SEC_CONST_DECL (kSecMatchSubjectEndsWith, "m_SubjectEndsWith");
SEC_CONST_DECL (kSecMatchSubjectWholeString, "m_SubjectWholeString");
//SEC_CONST_DECL (kSecMatchCaseInsensitive, "m_CaseInsensitive");
SEC_CONST_DECL (kSecMatchDiacriticInsensitive, "m_DiacriticInsensitive");
SEC_CONST_DECL (kSecMatchWidthInsensitive, "m_WidthInsensitive");
//SEC_CONST_DECL (kSecMatchTrustedOnly, "m_TrustedOnly");
//SEC_CONST_DECL (kSecMatchValidOnDate, "m_ValidOnDate");
//SEC_CONST_DECL (kSecMatchLimit, "m_Limit");
/* Could just use kCFBooleanTrue and kCFBooleanFalse for these 2. */
//SEC_CONST_DECL (kSecMatchLimitOne, "m_LimitOne");
//SEC_CONST_DECL (kSecMatchLimitAll, "m_LimitAll");

/* Return Type Key Constants */
//SEC_CONST_DECL (kSecReturnData, "r_Data");
//SEC_CONST_DECL (kSecReturnAttributes, "r_Attributes");
//SEC_CONST_DECL (kSecReturnRef, "r_Ref");
//SEC_CONST_DECL (kSecReturnPersistentRef, "r_PersistentRef");

/* Value Type Key Constants */
//SEC_CONST_DECL (kSecValueData, "v_Data");
//SEC_CONST_DECL (kSecValueRef, "v_Ref");
//SEC_CONST_DECL (kSecValuePersistentRef, "v_PersistentRef");

/* Other Constants */
//SEC_CONST_DECL (kSecUseItemList, "u_ItemList");
SEC_CONST_DECL (kSecUseKeychain, "u_Keychain");
//SEC_CONST_DECL (kSecUseSystemKeychain, "u_SystemKeychain");
//SEC_CONST_DECL (kSecUseSyncBubbleKeychain, "u_SyncBubbleKeychain");

/* kSecAttrAccessible Value Constants. */
//SEC_CONST_DECL (kSecAttrAccessibleWhenUnlocked, "ak");
//SEC_CONST_DECL (kSecAttrAccessibleAfterFirstUnlock, "ck");
//SEC_CONST_DECL (kSecAttrAccessibleAlways, "dk");
//SEC_CONST_DECL (kSecAttrAccessibleWhenUnlockedThisDeviceOnly, "aku");
//SEC_CONST_DECL (kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly, "cku");
//SEC_CONST_DECL (kSecAttrAccessibleAlwaysThisDeviceOnly, "dku");
//SEC_CONST_DECL (kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly, "akpu");
/* kSecAttrAccessible Value Constants (Private). */
//SEC_CONST_DECL (kSecAttrAccessibleAlwaysPrivate, "dk");
//SEC_CONST_DECL (kSecAttrAccessibleAlwaysThisDeviceOnlyPrivate, "dku");

/* kSecAttrProtocol Value Constants. */
//SEC_CONST_DECL (kSecAttrProtocolFTP, "ftp ");
//SEC_CONST_DECL (kSecAttrProtocolFTPAccount, "ftpa");
//SEC_CONST_DECL (kSecAttrProtocolHTTP, "http");
//SEC_CONST_DECL (kSecAttrProtocolIRC, "irc ");
//SEC_CONST_DECL (kSecAttrProtocolNNTP, "nntp");
//SEC_CONST_DECL (kSecAttrProtocolPOP3, "pop3");
//SEC_CONST_DECL (kSecAttrProtocolSMTP, "smtp");
//SEC_CONST_DECL (kSecAttrProtocolSOCKS, "sox ");
//SEC_CONST_DECL (kSecAttrProtocolIMAP, "imap");
//SEC_CONST_DECL (kSecAttrProtocolLDAP, "ldap");
//SEC_CONST_DECL (kSecAttrProtocolAppleTalk, "atlk");
//SEC_CONST_DECL (kSecAttrProtocolAFP, "afp ");
//SEC_CONST_DECL (kSecAttrProtocolTelnet, "teln");
//SEC_CONST_DECL (kSecAttrProtocolSSH, "ssh ");
//SEC_CONST_DECL (kSecAttrProtocolFTPS, "ftps");
//SEC_CONST_DECL (kSecAttrProtocolHTTPS, "htps");
//SEC_CONST_DECL (kSecAttrProtocolHTTPProxy, "htpx");
//SEC_CONST_DECL (kSecAttrProtocolHTTPSProxy, "htsx");
//SEC_CONST_DECL (kSecAttrProtocolFTPProxy, "ftpx");
//SEC_CONST_DECL (kSecAttrProtocolSMB, "smb ");
//SEC_CONST_DECL (kSecAttrProtocolRTSP, "rtsp");
//SEC_CONST_DECL (kSecAttrProtocolRTSPProxy, "rtsx");
//SEC_CONST_DECL (kSecAttrProtocolDAAP, "daap");
//SEC_CONST_DECL (kSecAttrProtocolEPPC, "eppc");
//SEC_CONST_DECL (kSecAttrProtocolIPP, "ipp ");
//SEC_CONST_DECL (kSecAttrProtocolNNTPS, "ntps");
//SEC_CONST_DECL (kSecAttrProtocolLDAPS, "ldps");
//SEC_CONST_DECL (kSecAttrProtocolTelnetS, "tels");
//SEC_CONST_DECL (kSecAttrProtocolIMAPS, "imps");
//SEC_CONST_DECL (kSecAttrProtocolIRCS, "ircs");
//SEC_CONST_DECL (kSecAttrProtocolPOP3S, "pops");

/* kSecAttrAuthenticationType Value Constants. */
//SEC_CONST_DECL (kSecAttrAuthenticationTypeNTLM, "ntlm");
//SEC_CONST_DECL (kSecAttrAuthenticationTypeMSN, "msna");
//SEC_CONST_DECL (kSecAttrAuthenticationTypeDPA, "dpaa");
//SEC_CONST_DECL (kSecAttrAuthenticationTypeRPA, "rpaa");
//SEC_CONST_DECL (kSecAttrAuthenticationTypeHTTPBasic, "http");
//SEC_CONST_DECL (kSecAttrAuthenticationTypeHTTPDigest, "httd");
//SEC_CONST_DECL (kSecAttrAuthenticationTypeHTMLForm, "form");
//SEC_CONST_DECL (kSecAttrAuthenticationTypeDefault, "dflt");

/* kSecAttrKeyClass Value Constants. Based on <Security/cssmtype.h>
 CSSM_KEYCLASS_PUBLIC_KEY =		0,
 CSSM_KEYCLASS_PRIVATE_KEY =		1,
 CSSM_KEYCLASS_SESSION_KEY =		2,
 */
//SEC_CONST_DECL (kSecAttrKeyClassPublic, "0");
//SEC_CONST_DECL (kSecAttrKeyClassPrivate, "1");
//SEC_CONST_DECL (kSecAttrKeyClassSymmetric, "2");

/* kSecAttrKeyType Value Constants. Based on CSSM_ALGORITHMS. */
SEC_CONST_DECL (kSecAttrKeyTypeDES, "14");
SEC_CONST_DECL (kSecAttrKeyType3DES, "17");
SEC_CONST_DECL (kSecAttrKeyTypeRC2, "23");
SEC_CONST_DECL (kSecAttrKeyTypeRC4, "25");

//SEC_CONST_DECL (kSecAttrKeyTypeRSA, "42");
SEC_CONST_DECL (kSecAttrKeyTypeDSA, "43");
SEC_CONST_DECL (kSecAttrKeyTypeCAST, "56");
SEC_CONST_DECL (kSecAttrKeyTypeECDSA, "73"); /**/
//SEC_CONST_DECL (kSecAttrKeyTypeEC, "73"); /* rdar://13326326 */
//SEC_CONST_DECL (kSecAttrKeyTypeECSECPrimeRandom, "73");
SEC_CONST_DECL (kSecAttrKeyTypeAES, "2147483649"); /* <Security/cssmapple.h> */
//SEC_CONST_DECL (kSecAttrKeyTypeECSECPrimeRandomPKA, "2147483678");  /* <Security/cssmapple.h> CSSM_ALGID__FIRST_UNUSED */
//SEC_CONST_DECL (kSecAttrKeyTypeSecureEnclaveAttestation, "2147483679"); /* <Security/cssmapple.h> CSSM_ALGID__FIRST_UNUSED + 1 */

SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA1, "hsha1");
SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA224, "hsha224");
SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA256, "hsha256");
SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA384, "hsha384");
SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA512, "hsha512");


/* Constants used by SecKeyGeneratePair() - in SecKey.h.  Never used in
 any SecItem apis directly. */
//SEC_CONST_DECL (kSecPrivateKeyAttrs, "private");
//SEC_CONST_DECL (kSecPublicKeyAttrs, "public");
/* Used for SecKeyGenerateSymmetric */
SEC_CONST_DECL (kSecSymmetricKeyAttrs, "symmetric");
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2006-2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
b1ab9ed8 A	4	* @APPLE_LICENSE_HEADER_START@
d8f41ccd	5	*
b1ab9ed8 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
d8f41ccd	12	*
b1ab9ed8 A	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
d8f41ccd	20	*
b1ab9ed8 A	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24	#define __CONSTANT_CFSTRINGS__ 1
	25	#include <CoreFoundation/CFString.h>
	26
	27	/* String constant declarations */
	28
5c19dc3a	29	#define SEC_CONST_DECL(k,v) const CFStringRef k = CFSTR(v);
b1ab9ed8	30
79b9da22 A	31	// See the other SecItemContants.c for actual definitions
79b9da22 A	32
b1ab9ed8	33	/* Class Key Constant */
79b9da22	34	//SEC_CONST_DECL (kSecClass, "class");
b1ab9ed8 A	35
b1ab9ed8 A	36	/* Class Value Constants */
79b9da22 A	37	//SEC_CONST_DECL (kSecClassGenericPassword, "genp");
	38	//SEC_CONST_DECL (kSecClassInternetPassword, "inet");
	39	//SEC_CONST_DECL (kSecClassAppleSharePassword, "apls");
	40	//SEC_CONST_DECL (kSecClassCertificate, "cert");
	41	//SEC_CONST_DECL (kSecClassKey, "keys");
	42	//SEC_CONST_DECL (kSecClassIdentity, "idnt");
b1ab9ed8 A	43
b1ab9ed8 A	44	/* Attribute Key Constants */
79b9da22 A	45	//SEC_CONST_DECL (kSecAttrAccessible, "pdmn");
79b9da22 A	46	//SEC_CONST_DECL (kSecAttrAccessGroup, "agrp");
b1ab9ed8	47	SEC_CONST_DECL (kSecAttrAccess, "acls");
79b9da22 A	48	//SEC_CONST_DECL (kSecAttrCreationDate, "cdat");
	49	//SEC_CONST_DECL (kSecAttrModificationDate, "mdat");
	50	//SEC_CONST_DECL (kSecAttrDescription, "desc");
	51	//SEC_CONST_DECL (kSecAttrComment, "icmt");
	52	//SEC_CONST_DECL (kSecAttrCreator, "crtr");
	53	//SEC_CONST_DECL (kSecAttrType, "type");
	54	//SEC_CONST_DECL (kSecAttrLabel, "labl");
	55	//SEC_CONST_DECL (kSecAttrIsInvisible, "invi");
	56	//SEC_CONST_DECL (kSecAttrIsNegative, "nega");
	57	//SEC_CONST_DECL (kSecAttrAccount, "acct");
	58	//SEC_CONST_DECL (kSecAttrService, "svce");
	59	//SEC_CONST_DECL (kSecAttrGeneric, "gena");
	60	//SEC_CONST_DECL (kSecAttrSecurityDomain, "sdmn");
	61	//SEC_CONST_DECL (kSecAttrServer, "srvr");
	62	//SEC_CONST_DECL (kSecAttrProtocol, "ptcl");
	63	//SEC_CONST_DECL (kSecAttrAuthenticationType, "atyp");
	64	//SEC_CONST_DECL (kSecAttrPort, "port");
	65	//SEC_CONST_DECL (kSecAttrPath, "path");
	66	//SEC_CONST_DECL (kSecAttrVolume, "volm");
	67	//SEC_CONST_DECL (kSecAttrAddress, "addr");
	68	//SEC_CONST_DECL (kSecAttrAFPServerSignature, "afps");
	69	//SEC_CONST_DECL (kSecAttrAlias, "alis");
	70	//SEC_CONST_DECL (kSecAttrSubject, "subj");
	71	//SEC_CONST_DECL (kSecAttrIssuer, "issr");
	72	//SEC_CONST_DECL (kSecAttrSerialNumber, "slnr");
	73	//SEC_CONST_DECL (kSecAttrSubjectKeyID, "skid");
	74	//SEC_CONST_DECL (kSecAttrPublicKeyHash, "pkhh");
	75	//SEC_CONST_DECL (kSecAttrCertificateType, "ctyp");
	76	//SEC_CONST_DECL (kSecAttrCertificateEncoding, "cenc");
	77	//SEC_CONST_DECL (kSecAttrKeyClass, "kcls");
	78	//SEC_CONST_DECL (kSecAttrApplicationLabel, "klbl");
	79	//SEC_CONST_DECL (kSecAttrIsPermanent, "perm");
	80	//SEC_CONST_DECL (kSecAttrIsModifiable, "modi");
	81	//SEC_CONST_DECL (kSecAttrIsPrivate, "priv");
	82	//SEC_CONST_DECL (kSecAttrApplicationTag, "atag");
	83	//SEC_CONST_DECL (kSecAttrKeyCreator, "crtr");
	84	//SEC_CONST_DECL (kSecAttrKeyType, "type");
b1ab9ed8 A	85	SEC_CONST_DECL (kSecAttrPRF, "prf");
	86	SEC_CONST_DECL (kSecAttrSalt, "salt");
	87	SEC_CONST_DECL (kSecAttrRounds, "rounds");
79b9da22 A	88	//SEC_CONST_DECL (kSecAttrKeySizeInBits, "bsiz");
	89	//SEC_CONST_DECL (kSecAttrEffectiveKeySize, "esiz");
	90	//SEC_CONST_DECL (kSecAttrStartDate, "sdat");
	91	//SEC_CONST_DECL (kSecAttrEndDate, "edat");
	92	//SEC_CONST_DECL (kSecAttrIsSensitive, "sens");
	93	//SEC_CONST_DECL (kSecAttrWasAlwaysSensitive, "asen");
	94	//SEC_CONST_DECL (kSecAttrIsExtractable, "extr");
	95	//SEC_CONST_DECL (kSecAttrWasNeverExtractable, "next");
	96	//SEC_CONST_DECL (kSecAttrCanEncrypt, "encr");
	97	//SEC_CONST_DECL (kSecAttrCanDecrypt, "decr");
	98	//SEC_CONST_DECL (kSecAttrCanDerive, "drve");
	99	//SEC_CONST_DECL (kSecAttrCanSign, "sign");
	100	//SEC_CONST_DECL (kSecAttrCanVerify, "vrfy");
	101	//SEC_CONST_DECL (kSecAttrCanSignRecover, "snrc");
	102	//SEC_CONST_DECL (kSecAttrCanVerifyRecover, "vyrc");
	103	//SEC_CONST_DECL (kSecAttrCanWrap, "wrap");
	104	//SEC_CONST_DECL (kSecAttrCanUnwrap, "unwp");
	105	//SEC_CONST_DECL (kSecAttrSyncViewHint, "vwht");
	106	//SEC_CONST_DECL (kSecAttrTokenID, "tkid");
b1ab9ed8	107	/* Attribute Constants (Private) */
79b9da22 A	108	//SEC_CONST_DECL (kSecAttrScriptCode, "scrp");
	109	//SEC_CONST_DECL (kSecAttrHasCustomIcon, "cusi");
	110	//SEC_CONST_DECL (kSecAttrCRLType, "crlt");
	111	//SEC_CONST_DECL (kSecAttrCRLEncoding, "crle");
	112	//SEC_CONST_DECL (kSecAttrSynchronizable, "sync");
	113	//SEC_CONST_DECL (kSecAttrSynchronizableAny, "syna");
	114	//SEC_CONST_DECL (kSecAttrTombstone, "tomb");
	115	//SEC_CONST_DECL (kSecAttrNoLegacy, "nleg");
	116	//SEC_CONST_DECL (kSecAttrMultiUser, "musr");
	117	//SEC_CONST_DECL (kSecAttrTokenOID, "toid");
	118	//SEC_CONST_DECL (kSecAttrUUID, "UUID");
	119	//SEC_CONST_DECL (kSecAttrPersistantReference, "persistref");
	120	//SEC_CONST_DECL (kSecAttrPersistentReference, "persistref");
	121	//SEC_CONST_DECL (kSecAttrSysBound, "sysb");
	122	//SEC_CONST_DECL (kSecAttrSHA1, "sha1");
	123	//
	124	//SEC_CONST_DECL (kSecAttrDeriveSyncIDFromItemAttributes, "dspk");
	125	//SEC_CONST_DECL (kSecAttrPCSPlaintextServiceIdentifier, "pcss");
	126	//SEC_CONST_DECL (kSecAttrPCSPlaintextPublicKey, "pcsk");
	127	//SEC_CONST_DECL (kSecAttrPCSPlaintextPublicIdentity, "pcsi");
fa7225c8	128
d64be36e A	129	//SEC_CONST_DECL (kSecDataInetExtraNotes, "binn");
	130	//SEC_CONST_DECL (kSecDataInetExtraHistory, "bini");
	131	//SEC_CONST_DECL (kSecDataInetExtraClientDefined0, "bin0");
	132	//SEC_CONST_DECL (kSecDataInetExtraClientDefined1, "bin1");
	133	//SEC_CONST_DECL (kSecDataInetExtraClientDefined2, "bin2");
	134	//SEC_CONST_DECL (kSecDataInetExtraClientDefined3, "bin3");
	135
fa7225c8	136	/* Predefined access groups constants */
79b9da22	137	//SEC_CONST_DECL (kSecAttrAccessGroupToken, "com.apple.token");
b1ab9ed8 A	138
b1ab9ed8 A	139	/* Search Constants */
79b9da22 A	140	//SEC_CONST_DECL (kSecMatchPolicy, "m_Policy");
	141	//SEC_CONST_DECL (kSecMatchItemList, "m_ItemList");
	142	//SEC_CONST_DECL (kSecMatchSearchList, "m_SearchList");
	143	//SEC_CONST_DECL (kSecMatchIssuers, "m_Issuers");
	144	//SEC_CONST_DECL (kSecMatchEmailAddressIfPresent, "m_EmailAddressIfPresent");
	145	//SEC_CONST_DECL (kSecMatchSubjectContains, "m_SubjectContains");
b1ab9ed8 A	146	SEC_CONST_DECL (kSecMatchSubjectStartsWith, "m_SubjectStartsWith");
	147	SEC_CONST_DECL (kSecMatchSubjectEndsWith, "m_SubjectEndsWith");
	148	SEC_CONST_DECL (kSecMatchSubjectWholeString, "m_SubjectWholeString");
79b9da22	149	//SEC_CONST_DECL (kSecMatchCaseInsensitive, "m_CaseInsensitive");
b1ab9ed8 A	150	SEC_CONST_DECL (kSecMatchDiacriticInsensitive, "m_DiacriticInsensitive");
b1ab9ed8 A	151	SEC_CONST_DECL (kSecMatchWidthInsensitive, "m_WidthInsensitive");
79b9da22 A	152	//SEC_CONST_DECL (kSecMatchTrustedOnly, "m_TrustedOnly");
	153	//SEC_CONST_DECL (kSecMatchValidOnDate, "m_ValidOnDate");
	154	//SEC_CONST_DECL (kSecMatchLimit, "m_Limit");
b1ab9ed8	155	/* Could just use kCFBooleanTrue and kCFBooleanFalse for these 2. */
79b9da22 A	156	//SEC_CONST_DECL (kSecMatchLimitOne, "m_LimitOne");
79b9da22 A	157	//SEC_CONST_DECL (kSecMatchLimitAll, "m_LimitAll");
b1ab9ed8 A	158
b1ab9ed8 A	159	/* Return Type Key Constants */
79b9da22 A	160	//SEC_CONST_DECL (kSecReturnData, "r_Data");
	161	//SEC_CONST_DECL (kSecReturnAttributes, "r_Attributes");
	162	//SEC_CONST_DECL (kSecReturnRef, "r_Ref");
	163	//SEC_CONST_DECL (kSecReturnPersistentRef, "r_PersistentRef");
b1ab9ed8 A	164
b1ab9ed8 A	165	/* Value Type Key Constants */
79b9da22 A	166	//SEC_CONST_DECL (kSecValueData, "v_Data");
	167	//SEC_CONST_DECL (kSecValueRef, "v_Ref");
	168	//SEC_CONST_DECL (kSecValuePersistentRef, "v_PersistentRef");
b1ab9ed8 A	169
b1ab9ed8 A	170	/* Other Constants */
79b9da22	171	//SEC_CONST_DECL (kSecUseItemList, "u_ItemList");
b1ab9ed8	172	SEC_CONST_DECL (kSecUseKeychain, "u_Keychain");
79b9da22 A	173	//SEC_CONST_DECL (kSecUseSystemKeychain, "u_SystemKeychain");
79b9da22 A	174	//SEC_CONST_DECL (kSecUseSyncBubbleKeychain, "u_SyncBubbleKeychain");
b1ab9ed8	175
427c49bc	176	/* kSecAttrAccessible Value Constants. */
79b9da22 A	177	//SEC_CONST_DECL (kSecAttrAccessibleWhenUnlocked, "ak");
	178	//SEC_CONST_DECL (kSecAttrAccessibleAfterFirstUnlock, "ck");
	179	//SEC_CONST_DECL (kSecAttrAccessibleAlways, "dk");
	180	//SEC_CONST_DECL (kSecAttrAccessibleWhenUnlockedThisDeviceOnly, "aku");
	181	//SEC_CONST_DECL (kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly, "cku");
	182	//SEC_CONST_DECL (kSecAttrAccessibleAlwaysThisDeviceOnly, "dku");
	183	//SEC_CONST_DECL (kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly, "akpu");
fa7225c8	184	/* kSecAttrAccessible Value Constants (Private). */
79b9da22 A	185	//SEC_CONST_DECL (kSecAttrAccessibleAlwaysPrivate, "dk");
79b9da22 A	186	//SEC_CONST_DECL (kSecAttrAccessibleAlwaysThisDeviceOnlyPrivate, "dku");
427c49bc	187
b1ab9ed8	188	/* kSecAttrProtocol Value Constants. */
79b9da22 A	189	//SEC_CONST_DECL (kSecAttrProtocolFTP, "ftp ");
	190	//SEC_CONST_DECL (kSecAttrProtocolFTPAccount, "ftpa");
	191	//SEC_CONST_DECL (kSecAttrProtocolHTTP, "http");
	192	//SEC_CONST_DECL (kSecAttrProtocolIRC, "irc ");
	193	//SEC_CONST_DECL (kSecAttrProtocolNNTP, "nntp");
	194	//SEC_CONST_DECL (kSecAttrProtocolPOP3, "pop3");
	195	//SEC_CONST_DECL (kSecAttrProtocolSMTP, "smtp");
	196	//SEC_CONST_DECL (kSecAttrProtocolSOCKS, "sox ");
	197	//SEC_CONST_DECL (kSecAttrProtocolIMAP, "imap");
	198	//SEC_CONST_DECL (kSecAttrProtocolLDAP, "ldap");
	199	//SEC_CONST_DECL (kSecAttrProtocolAppleTalk, "atlk");
	200	//SEC_CONST_DECL (kSecAttrProtocolAFP, "afp ");
	201	//SEC_CONST_DECL (kSecAttrProtocolTelnet, "teln");
	202	//SEC_CONST_DECL (kSecAttrProtocolSSH, "ssh ");
	203	//SEC_CONST_DECL (kSecAttrProtocolFTPS, "ftps");
	204	//SEC_CONST_DECL (kSecAttrProtocolHTTPS, "htps");
	205	//SEC_CONST_DECL (kSecAttrProtocolHTTPProxy, "htpx");
	206	//SEC_CONST_DECL (kSecAttrProtocolHTTPSProxy, "htsx");
	207	//SEC_CONST_DECL (kSecAttrProtocolFTPProxy, "ftpx");
	208	//SEC_CONST_DECL (kSecAttrProtocolSMB, "smb ");
	209	//SEC_CONST_DECL (kSecAttrProtocolRTSP, "rtsp");
	210	//SEC_CONST_DECL (kSecAttrProtocolRTSPProxy, "rtsx");
	211	//SEC_CONST_DECL (kSecAttrProtocolDAAP, "daap");
	212	//SEC_CONST_DECL (kSecAttrProtocolEPPC, "eppc");
	213	//SEC_CONST_DECL (kSecAttrProtocolIPP, "ipp ");
	214	//SEC_CONST_DECL (kSecAttrProtocolNNTPS, "ntps");
	215	//SEC_CONST_DECL (kSecAttrProtocolLDAPS, "ldps");
	216	//SEC_CONST_DECL (kSecAttrProtocolTelnetS, "tels");
	217	//SEC_CONST_DECL (kSecAttrProtocolIMAPS, "imps");
	218	//SEC_CONST_DECL (kSecAttrProtocolIRCS, "ircs");
	219	//SEC_CONST_DECL (kSecAttrProtocolPOP3S, "pops");
b1ab9ed8 A	220
b1ab9ed8 A	221	/* kSecAttrAuthenticationType Value Constants. */
79b9da22 A	222	//SEC_CONST_DECL (kSecAttrAuthenticationTypeNTLM, "ntlm");
	223	//SEC_CONST_DECL (kSecAttrAuthenticationTypeMSN, "msna");
	224	//SEC_CONST_DECL (kSecAttrAuthenticationTypeDPA, "dpaa");
	225	//SEC_CONST_DECL (kSecAttrAuthenticationTypeRPA, "rpaa");
	226	//SEC_CONST_DECL (kSecAttrAuthenticationTypeHTTPBasic, "http");
	227	//SEC_CONST_DECL (kSecAttrAuthenticationTypeHTTPDigest, "httd");
	228	//SEC_CONST_DECL (kSecAttrAuthenticationTypeHTMLForm, "form");
	229	//SEC_CONST_DECL (kSecAttrAuthenticationTypeDefault, "dflt");
b1ab9ed8 A	230
	231	/* kSecAttrKeyClass Value Constants. Based on <Security/cssmtype.h>
	232	CSSM_KEYCLASS_PUBLIC_KEY = 0,
	233	CSSM_KEYCLASS_PRIVATE_KEY = 1,
	234	CSSM_KEYCLASS_SESSION_KEY = 2,
	235	*/
79b9da22 A	236	//SEC_CONST_DECL (kSecAttrKeyClassPublic, "0");
	237	//SEC_CONST_DECL (kSecAttrKeyClassPrivate, "1");
	238	//SEC_CONST_DECL (kSecAttrKeyClassSymmetric, "2");
b1ab9ed8 A	239
	240	/* kSecAttrKeyType Value Constants. Based on CSSM_ALGORITHMS. */
	241	SEC_CONST_DECL (kSecAttrKeyTypeDES, "14");
	242	SEC_CONST_DECL (kSecAttrKeyType3DES, "17");
	243	SEC_CONST_DECL (kSecAttrKeyTypeRC2, "23");
	244	SEC_CONST_DECL (kSecAttrKeyTypeRC4, "25");
79b9da22 A	245
79b9da22 A	246	//SEC_CONST_DECL (kSecAttrKeyTypeRSA, "42");
b1ab9ed8 A	247	SEC_CONST_DECL (kSecAttrKeyTypeDSA, "43");
b1ab9ed8 A	248	SEC_CONST_DECL (kSecAttrKeyTypeCAST, "56");
79b9da22 A	249	SEC_CONST_DECL (kSecAttrKeyTypeECDSA, "73"); /**/
	250	//SEC_CONST_DECL (kSecAttrKeyTypeEC, "73"); /* rdar://13326326 */
	251	//SEC_CONST_DECL (kSecAttrKeyTypeECSECPrimeRandom, "73");
b1ab9ed8	252	SEC_CONST_DECL (kSecAttrKeyTypeAES, "2147483649"); /* <Security/cssmapple.h> */
79b9da22 A	253	//SEC_CONST_DECL (kSecAttrKeyTypeECSECPrimeRandomPKA, "2147483678"); /* <Security/cssmapple.h> CSSM_ALGID__FIRST_UNUSED */
79b9da22 A	254	//SEC_CONST_DECL (kSecAttrKeyTypeSecureEnclaveAttestation, "2147483679"); /* <Security/cssmapple.h> CSSM_ALGID__FIRST_UNUSED + 1 */
b1ab9ed8 A	255
	256	SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA1, "hsha1");
	257	SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA224, "hsha224");
	258	SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA256, "hsha256");
	259	SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA384, "hsha384");
	260	SEC_CONST_DECL (kSecAttrPRFHmacAlgSHA512, "hsha512");
	261
	262
	263	/* Constants used by SecKeyGeneratePair() - in SecKey.h. Never used in
	264	any SecItem apis directly. */
79b9da22 A	265	//SEC_CONST_DECL (kSecPrivateKeyAttrs, "private");
79b9da22 A	266	//SEC_CONST_DECL (kSecPublicKeyAttrs, "public");
b1ab9ed8 A	267	/* Used for SecKeyGenerateSymmetric */
b1ab9ed8 A	268	SEC_CONST_DECL (kSecSymmetricKeyAttrs, "symmetric");