[apple/security.git] / Keychain / SecCertificate.cpp

/*
 * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */

#include <Security/SecCertificate.h>
#include <Security/SecCertificatePriv.h>
#include <Security/Certificate.h>
#include <Security/Item.h>
#include <Security/KCCursor.h>

#include "SecBridge.h"

CFTypeID
SecCertificateGetTypeID(void)
{
	BEGIN_SECAPI

	return gTypes().Certificate.typeID;

	END_SECAPI1(_kCFRuntimeNotATypeID)
}


OSStatus
SecCertificateCreateFromData(const CSSM_DATA *data, CSSM_CERT_TYPE type, CSSM_CERT_ENCODING encoding, SecCertificateRef *certificate)
{
	BEGIN_SECAPI

	SecPointer<Certificate> certificatePtr(new Certificate(Required(data), type, encoding));
	Required(certificate) = certificatePtr->handle();

	END_SECAPI
}


OSStatus
SecCertificateAddToKeychain(SecCertificateRef certificate, SecKeychainRef keychain)
{
	BEGIN_SECAPI

	Item item(Certificate::required(certificate));
	Keychain::optional(keychain)->add(item);

	END_SECAPI
}

OSStatus
SecCertificateGetData(SecCertificateRef certificate, CSSM_DATA_PTR data)
{
	BEGIN_SECAPI

	Required(data) = Certificate::required(certificate)->data();

	END_SECAPI
}


OSStatus
SecCertificateGetType(SecCertificateRef certificate, CSSM_CERT_TYPE *certificateType)
{
    BEGIN_SECAPI

	Required(certificateType) = Certificate::required(certificate)->type();

    END_SECAPI
}


OSStatus
SecCertificateGetSubject(SecCertificateRef certificate, CSSM_X509_NAME* subject)
{
    BEGIN_SECAPI

	Certificate::required(certificate)->getSubject(Required(subject));

    END_SECAPI
}


OSStatus
SecCertificateGetIssuer(SecCertificateRef certificate, CSSM_X509_NAME* issuer)
{
    BEGIN_SECAPI

	Certificate::required(certificate)->getIssuer(Required(issuer));

    END_SECAPI
}


OSStatus
SecCertificateGetCLHandle(SecCertificateRef certificate, CSSM_CL_HANDLE *clHandle)
{
    BEGIN_SECAPI

	Required(clHandle) = Certificate::required(certificate)->clHandle();

    END_SECAPI
}

/*
 * Private API to infer a display name for a SecCertificateRef which
 * may or may not be in a keychain.
 */
OSStatus
SecCertificateInferLabel(SecCertificateRef certificate, CFStringRef *label)
{
    BEGIN_SECAPI

	Certificate::required(certificate)->inferLabel(false,
		&Required(label));

    END_SECAPI
}

OSStatus
SecCertificateCopyPublicKey(SecCertificateRef certificate, SecKeyRef *key)
{
    BEGIN_SECAPI

	Required(key) = Certificate::required(certificate)->publicKey()->handle();

    END_SECAPI
}

OSStatus
SecCertificateGetAlgorithmID(SecCertificateRef certificate, const CSSM_X509_ALGORITHM_IDENTIFIER **algid)
{
    BEGIN_SECAPI

	Required(algid) = Certificate::required(certificate)->algorithmID();

    END_SECAPI
}

OSStatus
SecCertificateGetCommonName(SecCertificateRef certificate, CFStringRef *commonName)
{
    BEGIN_SECAPI

	Required(commonName) = Certificate::required(certificate)->commonName();

    END_SECAPI
}

OSStatus
SecCertificateGetEmailAddress(SecCertificateRef certificate, CFStringRef *emailAddress)
{
    BEGIN_SECAPI

	Required(emailAddress) = Certificate::required(certificate)->copyFirstEmailAddress();

    END_SECAPI
}

OSStatus
SecCertificateCopyEmailAddresses(SecCertificateRef certificate, CFArrayRef *emailAddresses)
{
    BEGIN_SECAPI

	Required(emailAddresses) = Certificate::required(certificate)->copyEmailAddresses();

    END_SECAPI
}

OSStatus
SecCertificateFindByIssuerAndSN(CFTypeRef keychainOrArray,const CSSM_DATA *issuer,
	const CSSM_DATA *serialNumber, SecCertificateRef *certificate)
{
	BEGIN_SECAPI

	StorageManager::KeychainList keychains;
	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	Required(certificate) = Certificate::findByIssuerAndSN(keychains, CssmData::required(issuer), CssmData::required(serialNumber))->handle();

	END_SECAPI
}

OSStatus
SecCertificateFindBySubjectKeyID(CFTypeRef keychainOrArray, const CSSM_DATA *subjectKeyID,
	SecCertificateRef *certificate)
{
	BEGIN_SECAPI

	StorageManager::KeychainList keychains;
	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	Required(certificate) = Certificate::findBySubjectKeyID(keychains, CssmData::required(subjectKeyID))->handle();

	END_SECAPI
}

OSStatus
SecCertificateFindByEmail(CFTypeRef keychainOrArray, const char *emailAddress, SecCertificateRef *certificate)
{
	BEGIN_SECAPI

	StorageManager::KeychainList keychains;
	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	Required(certificate) = Certificate::findByEmail(keychains, emailAddress)->handle();

	END_SECAPI
}

OSStatus
SecKeychainSearchCreateForCertificateByIssuerAndSN(CFTypeRef keychainOrArray, const CSSM_DATA *issuer,
	const CSSM_DATA *serialNumber, SecKeychainSearchRef *searchRef)
{
    BEGIN_SECAPI

	secdebug("kcsearch", "SecKeychainSearchCreateForCertificateByIssuerAndSN(%p)",
		keychainOrArray);
	Required(searchRef);

	StorageManager::KeychainList keychains;
	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	KCCursor cursor(Certificate::cursorForIssuerAndSN(keychains, CssmData::required(issuer), CssmData::required(serialNumber)));
	*searchRef = cursor->handle();

	END_SECAPI
}

OSStatus
SecKeychainSearchCreateForCertificateBySubjectKeyID(CFTypeRef keychainOrArray, const CSSM_DATA *subjectKeyID,
	SecKeychainSearchRef *searchRef)
{
    BEGIN_SECAPI

	secdebug("kcsearch", "SecKeychainSearchCreateForCertificateBySubjectKeyID(%p)",
		keychainOrArray);
	Required(searchRef);

	StorageManager::KeychainList keychains;
	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	KCCursor cursor(Certificate::cursorForSubjectKeyID(keychains, CssmData::required(subjectKeyID)));
	*searchRef = cursor->handle();

	END_SECAPI
}

OSStatus
SecKeychainSearchCreateForCertificateByEmail(CFTypeRef keychainOrArray, const char *emailAddress,
	SecKeychainSearchRef *searchRef)
{
    BEGIN_SECAPI

	secdebug("kcsearch", "SecKeychainSearchCreateForCertificateByEmail(%p, %s)",
		keychainOrArray, emailAddress);
	Required(searchRef);

	StorageManager::KeychainList keychains;
	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	KCCursor cursor(Certificate::cursorForEmail(keychains, emailAddress));
	*searchRef = cursor->handle();

	END_SECAPI
}
Commit	Line	Data
29654253 A	1	/*
	2	* Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18	#include <Security/SecCertificate.h>
df0e469f A	19	#include <Security/SecCertificatePriv.h>
	20	#include <Security/Certificate.h>
	21	#include <Security/Item.h>
	22	#include <Security/KCCursor.h>
29654253 A	23
	24	#include "SecBridge.h"
	25
29654253 A	26	CFTypeID
	27	SecCertificateGetTypeID(void)
	28	{
	29	BEGIN_SECAPI
	30
df0e469f	31	return gTypes().Certificate.typeID;
29654253 A	32
	33	END_SECAPI1(_kCFRuntimeNotATypeID)
	34	}
	35
	36
	37	OSStatus
	38	SecCertificateCreateFromData(const CSSM_DATA data, CSSM_CERT_TYPE type, CSSM_CERT_ENCODING encoding, SecCertificateRef certificate)
	39	{
	40	BEGIN_SECAPI
	41
df0e469f A	42	SecPointer<Certificate> certificatePtr(new Certificate(Required(data), type, encoding));
df0e469f A	43	Required(certificate) = certificatePtr->handle();
29654253 A	44
	45	END_SECAPI
	46	}
	47
	48
	49	OSStatus
	50	SecCertificateAddToKeychain(SecCertificateRef certificate, SecKeychainRef keychain)
	51	{
	52	BEGIN_SECAPI
	53
df0e469f	54	Item item(Certificate::required(certificate));
29654253 A	55	Keychain::optional(keychain)->add(item);
	56
	57	END_SECAPI
	58	}
	59
	60	OSStatus
	61	SecCertificateGetData(SecCertificateRef certificate, CSSM_DATA_PTR data)
	62	{
	63	BEGIN_SECAPI
	64
df0e469f	65	Required(data) = Certificate::required(certificate)->data();
29654253 A	66
	67	END_SECAPI
	68	}
	69
	70
	71	OSStatus
	72	SecCertificateGetType(SecCertificateRef certificate, CSSM_CERT_TYPE *certificateType)
	73	{
	74	BEGIN_SECAPI
	75
df0e469f	76	Required(certificateType) = Certificate::required(certificate)->type();
29654253 A	77
	78	END_SECAPI
	79	}
	80
	81
	82	OSStatus
	83	SecCertificateGetSubject(SecCertificateRef certificate, CSSM_X509_NAME* subject)
	84	{
	85	BEGIN_SECAPI
	86
df0e469f	87	Certificate::required(certificate)->getSubject(Required(subject));
29654253 A	88
	89	END_SECAPI
	90	}
	91
	92
	93	OSStatus
	94	SecCertificateGetIssuer(SecCertificateRef certificate, CSSM_X509_NAME* issuer)
	95	{
	96	BEGIN_SECAPI
	97
df0e469f	98	Certificate::required(certificate)->getIssuer(Required(issuer));
29654253 A	99
	100	END_SECAPI
	101	}
	102
	103
	104	OSStatus
	105	SecCertificateGetCLHandle(SecCertificateRef certificate, CSSM_CL_HANDLE *clHandle)
	106	{
	107	BEGIN_SECAPI
	108
df0e469f A	109	Required(clHandle) = Certificate::required(certificate)->clHandle();
	110
	111	END_SECAPI
	112	}
	113
	114	/*
	115	* Private API to infer a display name for a SecCertificateRef which
	116	* may or may not be in a keychain.
	117	*/
	118	OSStatus
	119	SecCertificateInferLabel(SecCertificateRef certificate, CFStringRef *label)
	120	{
	121	BEGIN_SECAPI
	122
	123	Certificate::required(certificate)->inferLabel(false,
	124	&Required(label));
	125
	126	END_SECAPI
	127	}
	128
	129	OSStatus
	130	SecCertificateCopyPublicKey(SecCertificateRef certificate, SecKeyRef *key)
	131	{
	132	BEGIN_SECAPI
	133
	134	Required(key) = Certificate::required(certificate)->publicKey()->handle();
	135
	136	END_SECAPI
	137	}
	138
	139	OSStatus
	140	SecCertificateGetAlgorithmID(SecCertificateRef certificate, const CSSM_X509_ALGORITHM_IDENTIFIER **algid)
	141	{
	142	BEGIN_SECAPI
	143
	144	Required(algid) = Certificate::required(certificate)->algorithmID();
	145
	146	END_SECAPI
	147	}
	148
	149	OSStatus
	150	SecCertificateGetCommonName(SecCertificateRef certificate, CFStringRef *commonName)
	151	{
	152	BEGIN_SECAPI
	153
	154	Required(commonName) = Certificate::required(certificate)->commonName();
	155
	156	END_SECAPI
	157	}
	158
	159	OSStatus
	160	SecCertificateGetEmailAddress(SecCertificateRef certificate, CFStringRef *emailAddress)
	161	{
	162	BEGIN_SECAPI
	163
	164	Required(emailAddress) = Certificate::required(certificate)->copyFirstEmailAddress();
	165
	166	END_SECAPI
	167	}
	168
	169	OSStatus
	170	SecCertificateCopyEmailAddresses(SecCertificateRef certificate, CFArrayRef *emailAddresses)
	171	{
	172	BEGIN_SECAPI
173
174	Required(emailAddresses) = Certificate::required(certificate)->copyEmailAddresses();
29654253 A	175
	176	END_SECAPI
	177	}
df0e469f A	178
	179	OSStatus
	180	SecCertificateFindByIssuerAndSN(CFTypeRef keychainOrArray,const CSSM_DATA *issuer,
	181	const CSSM_DATA serialNumber, SecCertificateRef certificate)
	182	{
	183	BEGIN_SECAPI
	184
	185	StorageManager::KeychainList keychains;
	186	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	187	Required(certificate) = Certificate::findByIssuerAndSN(keychains, CssmData::required(issuer), CssmData::required(serialNumber))->handle();
	188
	189	END_SECAPI
	190	}
	191
	192	OSStatus
	193	SecCertificateFindBySubjectKeyID(CFTypeRef keychainOrArray, const CSSM_DATA *subjectKeyID,
	194	SecCertificateRef *certificate)
	195	{
	196	BEGIN_SECAPI
	197
	198	StorageManager::KeychainList keychains;
	199	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	200	Required(certificate) = Certificate::findBySubjectKeyID(keychains, CssmData::required(subjectKeyID))->handle();
	201
	202	END_SECAPI
	203	}
	204
	205	OSStatus
	206	SecCertificateFindByEmail(CFTypeRef keychainOrArray, const char emailAddress, SecCertificateRef certificate)
	207	{
	208	BEGIN_SECAPI
	209
	210	StorageManager::KeychainList keychains;
	211	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	212	Required(certificate) = Certificate::findByEmail(keychains, emailAddress)->handle();
	213
	214	END_SECAPI
	215	}
	216
	217	OSStatus
	218	SecKeychainSearchCreateForCertificateByIssuerAndSN(CFTypeRef keychainOrArray, const CSSM_DATA *issuer,
	219	const CSSM_DATA serialNumber, SecKeychainSearchRef searchRef)
	220	{
	221	BEGIN_SECAPI
	222
	223	secdebug("kcsearch", "SecKeychainSearchCreateForCertificateByIssuerAndSN(%p)",
	224	keychainOrArray);
	225	Required(searchRef);
	226
	227	StorageManager::KeychainList keychains;
	228	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
	229	KCCursor cursor(Certificate::cursorForIssuerAndSN(keychains, CssmData::required(issuer), CssmData::required(serialNumber)));
	230	*searchRef = cursor->handle();
	231
	232	END_SECAPI
	233	}
	234
	235	OSStatus
	236	SecKeychainSearchCreateForCertificateBySubjectKeyID(CFTypeRef keychainOrArray, const CSSM_DATA *subjectKeyID,
	237	SecKeychainSearchRef *searchRef)
	238	{
	239	BEGIN_SECAPI
	240
	241	secdebug("kcsearch", "SecKeychainSearchCreateForCertificateBySubjectKeyID(%p)",
242	keychainOrArray);
243	Required(searchRef);
244
245	StorageManager::KeychainList keychains;
246	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
247	KCCursor cursor(Certificate::cursorForSubjectKeyID(keychains, CssmData::required(subjectKeyID)));
248	*searchRef = cursor->handle();
249
250	END_SECAPI
251	}
252
253	OSStatus
254	SecKeychainSearchCreateForCertificateByEmail(CFTypeRef keychainOrArray, const char *emailAddress,
255	SecKeychainSearchRef *searchRef)
256	{
257	BEGIN_SECAPI
258
259	secdebug("kcsearch", "SecKeychainSearchCreateForCertificateByEmail(%p, %s)",
260	keychainOrArray, emailAddress);
261	Required(searchRef);
262
263	StorageManager::KeychainList keychains;
264	globals().storageManager.optionalSearchList(keychainOrArray, keychains);
265	KCCursor cursor(Certificate::cursorForEmail(keychains, emailAddress));
266	*searchRef = cursor->handle();
267
268	END_SECAPI
269	}