]> git.saurik.com Git - apple/security.git/blob - cdsa/cdsa/cssmtype.h
projects / apple / security.git / blob
? search:


023fb93f50bbe1cc348ea0fe511baa785f43a990
[apple/security.git] / cdsa / cdsa / cssmtype.h
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 /*
20 File: cssmtype.h
21
22 Contains: Common Security Services Manager Common Data Types
23
24 Copyright: (c) 1999-2000 Apple Computer, Inc., all rights reserved.
25 */
26
27 #ifndef _CSSMTYPE_H_
28 #define _CSSMTYPE_H_ 1
29
30 #include <Security/cssmconfig.h>
31
32 #ifdef __cplusplus
33 extern "C" {
34 #endif
35
36 /* Handle types. */
37
38 typedef uint32 CSSM_HANDLE, *CSSM_HANDLE_PTR;
39
40 typedef uint64 CSSM_LONG_HANDLE, *CSSM_LONG_HANDLE_PTR;
41
42 typedef CSSM_HANDLE CSSM_MODULE_HANDLE, *CSSM_MODULE_HANDLE_PTR;
43
44 typedef CSSM_LONG_HANDLE CSSM_CC_HANDLE; /* Cryptographic Context Handle */
45
46 typedef CSSM_MODULE_HANDLE CSSM_CSP_HANDLE; /* Cryptographic Service Provider Handle */
47
48 typedef CSSM_MODULE_HANDLE CSSM_TP_HANDLE; /* Trust Policy Handle */
49
50 typedef CSSM_MODULE_HANDLE CSSM_AC_HANDLE; /* Authorization Computation Handle */
51
52 typedef CSSM_MODULE_HANDLE CSSM_CL_HANDLE; /* Certificate Library Handle */
53
54 typedef CSSM_MODULE_HANDLE CSSM_DL_HANDLE; /* Data Storage Library Handle */
55
56 typedef CSSM_MODULE_HANDLE CSSM_DB_HANDLE; /* Data Storage Database Handle */
57
58
59 /* invalid or NULL value for any CSSM_HANDLE type */
60 enum {
61 CSSM_INVALID_HANDLE = 0
62 };
63
64
65 /* Data Types for Core Services */
66
67 typedef sint32 CSSM_BOOL;
68 enum {
69 CSSM_FALSE = 0,
70 CSSM_TRUE = !CSSM_FALSE
71 };
72
73 /* The standard declares this as uint32 but we changed it to sint32 to match OSStatus. */
74 typedef sint32 CSSM_RETURN;
75 enum {
76 CSSM_OK = 0
77 };
78
79 enum {
80 CSSM_MODULE_STRING_SIZE = 64
81 };
82 typedef char CSSM_STRING [CSSM_MODULE_STRING_SIZE + 4];
83
84 typedef struct cssm_data {
85 uint32 Length; /* in bytes */
86 uint8 *Data;
87 } CSSM_DATA, *CSSM_DATA_PTR;
88
89 typedef struct cssm_guid {
90 uint32 Data1;
91 uint16 Data2;
92 uint16 Data3;
93 uint8 Data4[8];
94 } CSSM_GUID, *CSSM_GUID_PTR;
95
96 typedef uint32 CSSM_BITMASK;
97 typedef CSSM_BITMASK CSSM_KEY_HIERARCHY;
98 enum {
99 CSSM_KEY_HIERARCHY_NONE = 0,
100 CSSM_KEY_HIERARCHY_INTEG = 1,
101 CSSM_KEY_HIERARCHY_EXPORT = 2
102 };
103
104 typedef CSSM_BITMASK CSSM_PVC_MODE;
105 enum {
106 CSSM_PVC_NONE = 0,
107 CSSM_PVC_APP = 1,
108 CSSM_PVC_SP = 2
109 };
110
111 typedef uint32 CSSM_PRIVILEGE_SCOPE;
112 enum {
113 CSSM_PRIVILEGE_SCOPE_NONE = 0,
114 CSSM_PRIVILEGE_SCOPE_PROCESS = 1,
115 CSSM_PRIVILEGE_SCOPE_THREAD = 2
116 };
117
118 typedef struct cssm_version {
119 uint32 Major;
120 uint32 Minor;
121 } CSSM_VERSION, *CSSM_VERSION_PTR;
122
123 typedef uint32 CSSM_SERVICE_MASK;
124 enum {
125 CSSM_SERVICE_CSSM = 0x1,
126 CSSM_SERVICE_CSP = 0x2,
127 CSSM_SERVICE_DL = 0x4,
128 CSSM_SERVICE_CL = 0x8,
129 CSSM_SERVICE_TP = 0x10,
130 CSSM_SERVICE_AC = 0x20,
131 CSSM_SERVICE_KR = 0x40
132 };
133
134 typedef CSSM_SERVICE_MASK CSSM_SERVICE_TYPE;
135
136 typedef struct cssm_subservice_uid {
137 CSSM_GUID Guid;
138 CSSM_VERSION Version;
139 uint32 SubserviceId;
140 CSSM_SERVICE_TYPE SubserviceType;
141 } CSSM_SUBSERVICE_UID, *CSSM_SUBSERVICE_UID_PTR;
142
143 typedef uint32 CSSM_MODULE_EVENT, *CSSM_MODULE_EVENT_PTR;
144 enum {
145 CSSM_NOTIFY_INSERT = 1,
146 CSSM_NOTIFY_REMOVE = 2,
147 CSSM_NOTIFY_FAULT = 3
148 };
149
150 typedef CSSM_RETURN (CSSMAPI *CSSM_API_ModuleEventHandler)
151 (const CSSM_GUID *ModuleGuid,
152 void* AppNotifyCallbackCtx,
153 uint32 SubserviceId,
154 CSSM_SERVICE_TYPE ServiceType,
155 CSSM_MODULE_EVENT EventType);
156
157 typedef uint32 CSSM_ATTACH_FLAGS;
158 enum {
159 CSSM_ATTACH_READ_ONLY = 0x00000001
160 };
161
162 /* Non-export privilege range: (0x00000000 - 0x7FFFFFFF) */
163 /* Vendor specific range: (0x80000000 - 0xFFFFFFFF) */
164 typedef uint64 CSSM_PRIVILEGE;
165 typedef CSSM_PRIVILEGE CSSM_USEE_TAG;
166 enum {
167 CSSM_USEE_LAST = 0xFF,
168 CSSM_USEE_NONE = 0,
169 CSSM_USEE_DOMESTIC = 1,
170 CSSM_USEE_FINANCIAL = 2,
171 CSSM_USEE_KRLE = 3,
172 CSSM_USEE_KRENT = 4,
173 CSSM_USEE_SSL = 5,
174 CSSM_USEE_AUTHENTICATION = 6,
175 CSSM_USEE_KEYEXCH = 7,
176 CSSM_USEE_MEDICAL = 8,
177 CSSM_USEE_INSURANCE = 9,
178 CSSM_USEE_WEAK = 10
179 };
180
181 typedef uint32 CSSM_NET_ADDRESS_TYPE;
182 enum {
183 CSSM_ADDR_NONE = 0,
184 CSSM_ADDR_CUSTOM = 1,
185 CSSM_ADDR_URL = 2, /* char* */
186 CSSM_ADDR_SOCKADDR = 3,
187 CSSM_ADDR_NAME = 4 /* char* - qualified by access method */
188 };
189
190 typedef struct cssm_net_address {
191 CSSM_NET_ADDRESS_TYPE AddressType;
192 CSSM_DATA Address;
193 } CSSM_NET_ADDRESS, *CSSM_NET_ADDRESS_PTR;
194
195 typedef uint32 CSSM_NET_PROTOCOL;
196 enum {
197 CSSM_NET_PROTO_NONE = 0, /* local */
198 CSSM_NET_PROTO_CUSTOM = 1, /* proprietary implementation */
199 CSSM_NET_PROTO_UNSPECIFIED = 2, /* implementation default */
200 CSSM_NET_PROTO_LDAP = 3, /* light weight directory access protocol */
201 CSSM_NET_PROTO_LDAPS = 4, /* ldap/ssl where SSL initiates the connection */
202 CSSM_NET_PROTO_LDAPNS = 5, /* ldap where ldap negotiates an SSL session */
203 CSSM_NET_PROTO_X500DAP = 6, /* x.500 Directory access protocol */
204 CSSM_NET_PROTO_FTP = 7, /* ftp for cert/crl fetch */
205 CSSM_NET_PROTO_FTPS = 8, /* ftp/ssl/tls where SSL/TLS initiates the connection */
206 CSSM_NET_PROTO_OCSP = 9, /* online certificate status protocol */
207 CSSM_NET_PROTO_CMP = 10, /* the cert request protocol in PKIX3 */
208 CSSM_NET_PROTO_CMPS = 11 /* The ssl/tls derivative of CMP */
209 };
210
211 typedef CSSM_RETURN (CSSMAPI *CSSM_CALLBACK)
212 (CSSM_DATA_PTR OutData, void *CallerCtx);
213
214 typedef struct cssm_crypto_data {
215 CSSM_DATA Param;
216 CSSM_CALLBACK Callback;
217 void *CallerCtx;
218 } CSSM_CRYPTO_DATA, *CSSM_CRYPTO_DATA_PTR;
219
220 typedef sint32 CSSM_WORDID_TYPE;
221 enum {
222 CSSM_WORDID__UNK_ = -1, /* not in dictionary */
223 CSSM_WORDID__NLU_ = 0, /* not yet looked up */
224 CSSM_WORDID__STAR_ = 1,
225 CSSM_WORDID_A = 2,
226 CSSM_WORDID_ACL = 3,
227 CSSM_WORDID_ALPHA = 4,
228 CSSM_WORDID_B = 5,
229 CSSM_WORDID_BER = 6,
230 CSSM_WORDID_BINARY = 7,
231 CSSM_WORDID_BIOMETRIC = 8,
232 CSSM_WORDID_C = 9,
233 CSSM_WORDID_CANCELED = 10,
234 CSSM_WORDID_CERT = 11,
235 CSSM_WORDID_COMMENT = 12,
236 CSSM_WORDID_CRL = 13,
237 CSSM_WORDID_CUSTOM = 14,
238 CSSM_WORDID_D = 15,
239 CSSM_WORDID_DATE = 16,
240 CSSM_WORDID_DB_DELETE = 17,
241 CSSM_WORDID_DB_EXEC_STORED_QUERY = 18,
242 CSSM_WORDID_DB_INSERT = 19,
243 CSSM_WORDID_DB_MODIFY = 20,
244 CSSM_WORDID_DB_READ = 21,
245 CSSM_WORDID_DBS_CREATE = 22,
246 CSSM_WORDID_DBS_DELETE = 23,
247 CSSM_WORDID_DECRYPT = 24,
248 CSSM_WORDID_DELETE = 25,
249 CSSM_WORDID_DELTA_CRL = 26,
250 CSSM_WORDID_DER = 27,
251 CSSM_WORDID_DERIVE = 28,
252 CSSM_WORDID_DISPLAY = 29,
253 CSSM_WORDID_DO = 30,
254 CSSM_WORDID_DSA = 31,
255 CSSM_WORDID_DSA_SHA1 = 32,
256 CSSM_WORDID_E = 33,
257 CSSM_WORDID_ELGAMAL = 34,
258 CSSM_WORDID_ENCRYPT = 35,
259 CSSM_WORDID_ENTRY = 36,
260 CSSM_WORDID_EXPORT_CLEAR = 37,
261 CSSM_WORDID_EXPORT_WRAPPED = 38,
262 CSSM_WORDID_G = 39,
263 CSSM_WORDID_GE = 40,
264 CSSM_WORDID_GENKEY = 41,
265 CSSM_WORDID_HASH = 42,
266 CSSM_WORDID_HASHED_PASSWORD = 43,
267 CSSM_WORDID_HASHED_SUBJECT = 44,
268 CSSM_WORDID_HAVAL = 45,
269 CSSM_WORDID_IBCHASH = 46,
270 CSSM_WORDID_IMPORT_CLEAR = 47,
271 CSSM_WORDID_IMPORT_WRAPPED = 48,
272 CSSM_WORDID_INTEL = 49,
273 CSSM_WORDID_ISSUER = 50,
274 CSSM_WORDID_ISSUER_INFO = 51,
275 CSSM_WORDID_K_OF_N = 52,
276 CSSM_WORDID_KEA = 53,
277 CSSM_WORDID_KEYHOLDER = 54,
278 CSSM_WORDID_L = 55,
279 CSSM_WORDID_LE = 56,
280 CSSM_WORDID_LOGIN = 57,
281 CSSM_WORDID_LOGIN_NAME = 58,
282 CSSM_WORDID_MAC = 59,
283 CSSM_WORDID_MD2 = 60,
284 CSSM_WORDID_MD2WITHRSA = 61,
285 CSSM_WORDID_MD4 = 62,
286 CSSM_WORDID_MD5 = 63,
287 CSSM_WORDID_MD5WITHRSA = 64,
288 CSSM_WORDID_N = 65,
289 CSSM_WORDID_NAME = 66,
290 CSSM_WORDID_NDR = 67,
291 CSSM_WORDID_NHASH = 68,
292 CSSM_WORDID_NOT_AFTER = 69,
293 CSSM_WORDID_NOT_BEFORE = 70,
294 CSSM_WORDID_NULL = 71,
295 CSSM_WORDID_NUMERIC = 72,
296 CSSM_WORDID_OBJECT_HASH = 73,
297 CSSM_WORDID_ONE_TIME = 74,
298 CSSM_WORDID_ONLINE = 75,
299 CSSM_WORDID_OWNER = 76,
300 CSSM_WORDID_P = 77,
301 CSSM_WORDID_PAM_NAME = 78,
302 CSSM_WORDID_PASSWORD = 79,
303 CSSM_WORDID_PGP = 80,
304 CSSM_WORDID_PREFIX = 81,
305 CSSM_WORDID_PRIVATE_KEY = 82,
306 CSSM_WORDID_PROMPTED_BIOMETRIC = 83,
307 CSSM_WORDID_PROMPTED_PASSWORD = 84,
308 CSSM_WORDID_PROPAGATE = 85,
309 CSSM_WORDID_PROTECTED_BIOMETRIC = 86,
310 CSSM_WORDID_PROTECTED_PASSWORD = 87,
311 CSSM_WORDID_PROTECTED_PIN = 88,
312 CSSM_WORDID_PUBLIC_KEY = 89,
313 CSSM_WORDID_PUBLIC_KEY_FROM_CERT = 90,
314 CSSM_WORDID_Q = 91,
315 CSSM_WORDID_RANGE = 92,
316 CSSM_WORDID_REVAL = 93,
317 CSSM_WORDID_RIPEMAC = 94,
318 CSSM_WORDID_RIPEMD = 95,
319 CSSM_WORDID_RIPEMD160 = 96,
320 CSSM_WORDID_RSA = 97,
321 CSSM_WORDID_RSA_ISO9796 = 98,
322 CSSM_WORDID_RSA_PKCS = 99,
323 CSSM_WORDID_RSA_PKCS_MD5 = 100,
324 CSSM_WORDID_RSA_PKCS_SHA1 = 101,
325 CSSM_WORDID_RSA_PKCS1 = 102,
326 CSSM_WORDID_RSA_PKCS1_MD5 = 103,
327 CSSM_WORDID_RSA_PKCS1_SHA1 = 104,
328 CSSM_WORDID_RSA_PKCS1_SIG = 105,
329 CSSM_WORDID_RSA_RAW = 106,
330 CSSM_WORDID_SDSIV1 = 107,
331 CSSM_WORDID_SEQUENCE = 108,
332 CSSM_WORDID_SET = 109,
333 CSSM_WORDID_SEXPR = 110,
334 CSSM_WORDID_SHA1 = 111,
335 CSSM_WORDID_SHA1WITHDSA = 112,
336 CSSM_WORDID_SHA1WITHECDSA = 113,
337 CSSM_WORDID_SHA1WITHRSA = 114,
338 CSSM_WORDID_SIGN = 115,
339 CSSM_WORDID_SIGNATURE = 116,
340 CSSM_WORDID_SIGNED_NONCE = 117,
341 CSSM_WORDID_SIGNED_SECRET = 118,
342 CSSM_WORDID_SPKI = 119,
343 CSSM_WORDID_SUBJECT = 120,
344 CSSM_WORDID_SUBJECT_INFO = 121,
345 CSSM_WORDID_TAG = 122,
346 CSSM_WORDID_THRESHOLD = 123,
347 CSSM_WORDID_TIME = 124,
348 CSSM_WORDID_URI = 125,
349 CSSM_WORDID_VERSION = 126,
350 CSSM_WORDID_X509_ATTRIBUTE = 127,
351 CSSM_WORDID_X509V1 = 128,
352 CSSM_WORDID_X509V2 = 129,
353 CSSM_WORDID_X509V3 = 130,
354 CSSM_WORDID_X9_ATTRIBUTE = 131,
355 CSSM_WORDID_VENDOR_START = 0x00010000,
356 CSSM_WORDID_VENDOR_END = 0x7FFF0000
357 };
358
359 typedef uint32 CSSM_LIST_ELEMENT_TYPE, *CSSM_LIST_ELEMENT_TYPE_PTR;
360 enum {
361 CSSM_LIST_ELEMENT_DATUM = 0x00,
362 CSSM_LIST_ELEMENT_SUBLIST = 0x01,
363 CSSM_LIST_ELEMENT_WORDID = 0x02
364 };
365
366 typedef uint32 CSSM_LIST_TYPE, *CSSM_LIST_TYPE_PTR;
367 enum {
368 CSSM_LIST_TYPE_UNKNOWN = 0,
369 CSSM_LIST_TYPE_CUSTOM = 1,
370 CSSM_LIST_TYPE_SEXPR = 2
371 };
372
373 typedef struct cssm_list_element *CSSM_LIST_ELEMENT_PTR;
374
375 typedef struct cssm_list {
376 CSSM_LIST_TYPE ListType; /* type of this list */
377 CSSM_LIST_ELEMENT_PTR Head; /* head of the list */
378 CSSM_LIST_ELEMENT_PTR Tail; /* tail of the list */
379 } CSSM_LIST, *CSSM_LIST_PTR;
380
381 typedef struct cssm_list_element {
382 struct cssm_list_element *NextElement; /* next list element */
383 CSSM_WORDID_TYPE WordID; /* integer identifier associated */
384 /* with a Word value */
385 CSSM_LIST_ELEMENT_TYPE ElementType;
386 union {
387 CSSM_LIST Sublist; /* sublist */
388 CSSM_DATA Word; /* a byte-string */
389 } Element;
390 } CSSM_LIST_ELEMENT;
391
392 typedef struct { /* 5-tuple definition */
393 CSSM_LIST Issuer; /* issuer, or empty if ACL */
394 CSSM_LIST Subject; /* subject */
395 CSSM_BOOL Delegate; /* permission to delegate */
396 CSSM_LIST AuthorizationTag; /* authorization field */
397 CSSM_LIST ValidityPeriod; /* validity information (dates) */
398 } CSSM_TUPLE, *CSSM_TUPLE_PTR;
399
400 typedef struct cssm_tuplegroup {
401 uint32 NumberOfTuples;
402 CSSM_TUPLE_PTR Tuples;
403 } CSSM_TUPLEGROUP, *CSSM_TUPLEGROUP_PTR;
404
405 typedef CSSM_WORDID_TYPE CSSM_SAMPLE_TYPE;
406 enum {
407 CSSM_SAMPLE_TYPE_PASSWORD = CSSM_WORDID_PASSWORD,
408 CSSM_SAMPLE_TYPE_HASHED_PASSWORD = CSSM_WORDID_HASHED_PASSWORD,
409 CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD = CSSM_WORDID_PROTECTED_PASSWORD,
410 CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD = CSSM_WORDID_PROMPTED_PASSWORD,
411 CSSM_SAMPLE_TYPE_SIGNED_NONCE = CSSM_WORDID_SIGNED_NONCE,
412 CSSM_SAMPLE_TYPE_SIGNED_SECRET = CSSM_WORDID_SIGNED_SECRET,
413 CSSM_SAMPLE_TYPE_BIOMETRIC = CSSM_WORDID_BIOMETRIC,
414 CSSM_SAMPLE_TYPE_PROTECTED_BIOMETRIC = CSSM_WORDID_PROTECTED_BIOMETRIC,
415 CSSM_SAMPLE_TYPE_PROMPTED_BIOMETRIC = CSSM_WORDID_PROMPTED_BIOMETRIC,
416 CSSM_SAMPLE_TYPE_THRESHOLD = CSSM_WORDID_THRESHOLD
417 };
418
419 typedef struct cssm_sample {
420 CSSM_LIST TypedSample;
421 const CSSM_SUBSERVICE_UID *Verifier;
422 } CSSM_SAMPLE, *CSSM_SAMPLE_PTR;
423
424 typedef struct cssm_samplegroup {
425 uint32 NumberOfSamples;
426 const CSSM_SAMPLE *Samples;
427 } CSSM_SAMPLEGROUP, *CSSM_SAMPLEGROUP_PTR;
428
429 typedef void *(CSSMAPI *CSSM_MALLOC)
430 (uint32 size,
431 void *allocref);
432
433 typedef void (CSSMAPI *CSSM_FREE)
434 (void *memblock,
435 void *allocref);
436
437 typedef void *(CSSMAPI *CSSM_REALLOC)
438 (void *memblock,
439 uint32 size,
440 void *allocref);
441
442 typedef void *(CSSMAPI *CSSM_CALLOC)
443 (uint32 num,
444 uint32 size,
445 void *allocref);
446
447 typedef struct cssm_memory_funcs {
448 CSSM_MALLOC malloc_func;
449 CSSM_FREE free_func;
450 CSSM_REALLOC realloc_func;
451 CSSM_CALLOC calloc_func;
452 void *AllocRef;
453 } CSSM_MEMORY_FUNCS, *CSSM_MEMORY_FUNCS_PTR;
454
455 typedef CSSM_MEMORY_FUNCS CSSM_API_MEMORY_FUNCS;
456 typedef CSSM_API_MEMORY_FUNCS *CSSM_API_MEMORY_FUNCS_PTR;
457
458 typedef CSSM_RETURN (CSSMAPI * CSSM_CHALLENGE_CALLBACK)
459 (const CSSM_LIST *Challenge,
460 CSSM_SAMPLEGROUP_PTR Response,
461 void *CallerCtx,
462 const CSSM_MEMORY_FUNCS *MemFuncs);
463
464 typedef uint32 CSSM_CERT_TYPE, *CSSM_CERT_TYPE_PTR;
465 enum {
466 CSSM_CERT_UNKNOWN = 0x00,
467 CSSM_CERT_X_509v1 = 0x01,
468 CSSM_CERT_X_509v2 = 0x02,
469 CSSM_CERT_X_509v3 = 0x03,
470 CSSM_CERT_PGP = 0x04,
471 CSSM_CERT_SPKI = 0x05,
472 CSSM_CERT_SDSIv1 = 0x06,
473 CSSM_CERT_Intel = 0x08,
474 CSSM_CERT_X_509_ATTRIBUTE = 0x09, /* X.509 attribute cert */
475 CSSM_CERT_X9_ATTRIBUTE = 0x0A, /* X9 attribute cert */
476 CSSM_CERT_TUPLE = 0x0B,
477 CSSM_CERT_ACL_ENTRY = 0x0C,
478 CSSM_CERT_MULTIPLE = 0x7FFE,
479 CSSM_CERT_LAST = 0x7FFF,
480 /* Applications wishing to define their own custom certificate
481 type should define and publicly document a uint32 value greater
482 than the CSSM_CL_CUSTOM_CERT_TYPE */
483 CSSM_CL_CUSTOM_CERT_TYPE = 0x08000
484 };
485
486 typedef uint32 CSSM_CERT_ENCODING, *CSSM_CERT_ENCODING_PTR;
487 enum {
488 CSSM_CERT_ENCODING_UNKNOWN = 0x00,
489 CSSM_CERT_ENCODING_CUSTOM = 0x01,
490 CSSM_CERT_ENCODING_BER = 0x02,
491 CSSM_CERT_ENCODING_DER = 0x03,
492 CSSM_CERT_ENCODING_NDR = 0x04,
493 CSSM_CERT_ENCODING_SEXPR = 0x05,
494 CSSM_CERT_ENCODING_PGP = 0x06,
495 CSSM_CERT_ENCODING_MULTIPLE = 0x7FFE,
496 CSSM_CERT_ENCODING_LAST = 0x7FFF,
497 /* Applications wishing to define their own custom certificate
498 encoding should create a uint32 value greater than the
499 CSSM_CL_CUSTOM_CERT_ENCODING */
500 CSSM_CL_CUSTOM_CERT_ENCODING = 0x8000
501 };
502
503 typedef struct cssm_encoded_cert {
504 CSSM_CERT_TYPE CertType; /* type of certificate */
505 CSSM_CERT_ENCODING CertEncoding; /* encoding for this packed cert */
506 CSSM_DATA CertBlob; /* packed cert */
507 } CSSM_ENCODED_CERT, *CSSM_ENCODED_CERT_PTR;
508
509 typedef uint32 CSSM_CERT_PARSE_FORMAT, *CSSM_CERT_PARSE_FORMAT_PTR;
510 enum {
511 CSSM_CERT_PARSE_FORMAT_NONE = 0x00,
512 CSSM_CERT_PARSE_FORMAT_CUSTOM = 0x01, /* void* */
513 CSSM_CERT_PARSE_FORMAT_SEXPR = 0x02, /* CSSM_LIST */
514 CSSM_CERT_PARSE_FORMAT_COMPLEX = 0x03, /* void* */
515 CSSM_CERT_PARSE_FORMAT_OID_NAMED = 0x04, /* CSSM_FIELDGROUP */
516 CSSM_CERT_PARSE_FORMAT_TUPLE = 0x05, /* CSSM_TUPLE */
517 CSSM_CERT_PARSE_FORMAT_MULTIPLE = 0x7FFE,
518 /* multiple forms, each cert carries a
519 parse format indicator */
520 CSSM_CERT_PARSE_FORMAT_LAST = 0x7FFF,
521 /* Applications wishing to define their
522 own custom parse format should create
523 a * uint32 value greater than the
524 CSSM_CL_CUSTOM_CERT_PARSE_FORMAT */
525 CSSM_CL_CUSTOM_CERT_PARSE_FORMAT = 0x8000
526 };
527
528 typedef struct cssm_parsed_cert {
529 CSSM_CERT_TYPE CertType; /* certificate type */
530 CSSM_CERT_PARSE_FORMAT ParsedCertFormat;
531 /* struct of ParsedCert */
532 void *ParsedCert; /* parsed cert (to be typecast) */
533 } CSSM_PARSED_CERT, *CSSM_PARSED_CERT_PTR;
534
535 typedef struct cssm_cert_pair {
536 CSSM_ENCODED_CERT EncodedCert; /* an encoded certificate blob */
537 CSSM_PARSED_CERT ParsedCert; /* equivalent parsed certificate */
538 } CSSM_CERT_PAIR, *CSSM_CERT_PAIR_PTR;
539
540 typedef uint32 CSSM_CERTGROUP_TYPE, *CSSM_CERTGROUP_TYPE_PTR;
541 enum {
542 CSSM_CERTGROUP_DATA = 0x00,
543 CSSM_CERTGROUP_ENCODED_CERT = 0x01,
544 CSSM_CERTGROUP_PARSED_CERT = 0x02,
545 CSSM_CERTGROUP_CERT_PAIR = 0x03
546 };
547
548 typedef struct cssm_certgroup {
549 CSSM_CERT_TYPE CertType;
550 CSSM_CERT_ENCODING CertEncoding;
551 uint32 NumCerts; /* # of certificates in this list */
552 union {
553 CSSM_DATA_PTR CertList; /* legacy list of single type certificate blobs */
554 CSSM_ENCODED_CERT_PTR EncodedCertList;
555 /* list of multi-type certificate blobs */
556 CSSM_PARSED_CERT_PTR ParsedCertList;
557 /* list of multi-type parsed certs */
558 CSSM_CERT_PAIR_PTR PairCertList;
559 /*list of single or multi-type certs with two representations: blob and parsed */
560 } GroupList;
561 CSSM_CERTGROUP_TYPE CertGroupType;
562 /* type of structure in the GroupList */
563 void *Reserved; /* reserved for implementation dependent use */
564 } CSSM_CERTGROUP, *CSSM_CERTGROUP_PTR;
565
566 typedef struct cssm_base_certs {
567 CSSM_TP_HANDLE TPHandle;
568 CSSM_CL_HANDLE CLHandle;
569 CSSM_CERTGROUP Certs;
570 } CSSM_BASE_CERTS, *CSSM_BASE_CERTS_PTR;
571
572 typedef struct cssm_access_credentials {
573 CSSM_STRING EntryTag;
574 CSSM_BASE_CERTS BaseCerts;
575 CSSM_SAMPLEGROUP Samples;
576 CSSM_CHALLENGE_CALLBACK Callback;
577 void *CallerCtx;
578 } CSSM_ACCESS_CREDENTIALS, *CSSM_ACCESS_CREDENTIALS_PTR;
579
580 typedef sint32 CSSM_ACL_SUBJECT_TYPE;
581 enum {
582 CSSM_ACL_SUBJECT_TYPE_ANY = CSSM_WORDID__STAR_,
583 CSSM_ACL_SUBJECT_TYPE_THRESHOLD = CSSM_WORDID_THRESHOLD,
584 CSSM_ACL_SUBJECT_TYPE_PASSWORD = CSSM_WORDID_PASSWORD,
585 CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD = CSSM_WORDID_PROTECTED_PASSWORD,
586 CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD = CSSM_WORDID_PROMPTED_PASSWORD,
587 CSSM_ACL_SUBJECT_TYPE_PUBLIC_KEY = CSSM_WORDID_PUBLIC_KEY,
588 CSSM_ACL_SUBJECT_TYPE_HASHED_SUBJECT = CSSM_WORDID_HASHED_SUBJECT,
589 CSSM_ACL_SUBJECT_TYPE_BIOMETRIC = CSSM_WORDID_BIOMETRIC,
590 CSSM_ACL_SUBJECT_TYPE_PROTECTED_BIOMETRIC = CSSM_WORDID_PROTECTED_BIOMETRIC,
591 CSSM_ACL_SUBJECT_TYPE_PROMPTED_BIOMETRIC = CSSM_WORDID_PROMPTED_BIOMETRIC,
592 CSSM_ACL_SUBJECT_TYPE_LOGIN_NAME = CSSM_WORDID_LOGIN_NAME,
593 CSSM_ACL_SUBJECT_TYPE_EXT_PAM_NAME = CSSM_WORDID_PAM_NAME
594 };
595
596 /* Authorization tag type */
597 typedef sint32 CSSM_ACL_AUTHORIZATION_TAG;
598 enum {
599 /* All vendor specific constants must be in the number range
600 starting at CSSM_ACL_AUTHORIZATION_TAG_VENDOR_DEFINED_START */
601 CSSM_ACL_AUTHORIZATION_TAG_VENDOR_DEFINED_START = 0x00010000,
602 /* No restrictions. Permission to perform all operations on
603 the resource or available to an ACL owner. */
604 CSSM_ACL_AUTHORIZATION_ANY = CSSM_WORDID__STAR_,
605 /* Defined authorization tag values for CSPs */
606 CSSM_ACL_AUTHORIZATION_LOGIN = CSSM_WORDID_LOGIN,
607 CSSM_ACL_AUTHORIZATION_GENKEY = CSSM_WORDID_GENKEY,
608 CSSM_ACL_AUTHORIZATION_DELETE = CSSM_WORDID_DELETE,
609 CSSM_ACL_AUTHORIZATION_EXPORT_WRAPPED = CSSM_WORDID_EXPORT_WRAPPED,
610 CSSM_ACL_AUTHORIZATION_EXPORT_CLEAR = CSSM_WORDID_EXPORT_CLEAR,
611 CSSM_ACL_AUTHORIZATION_IMPORT_WRAPPED = CSSM_WORDID_IMPORT_WRAPPED,
612 CSSM_ACL_AUTHORIZATION_IMPORT_CLEAR = CSSM_WORDID_IMPORT_CLEAR,
613 CSSM_ACL_AUTHORIZATION_SIGN = CSSM_WORDID_SIGN,
614 CSSM_ACL_AUTHORIZATION_ENCRYPT = CSSM_WORDID_ENCRYPT,
615 CSSM_ACL_AUTHORIZATION_DECRYPT = CSSM_WORDID_DECRYPT,
616 CSSM_ACL_AUTHORIZATION_MAC = CSSM_WORDID_MAC,
617 CSSM_ACL_AUTHORIZATION_DERIVE = CSSM_WORDID_DERIVE,
618 /* Defined authorization tag values for DLs */
619 CSSM_ACL_AUTHORIZATION_DBS_CREATE = CSSM_WORDID_DBS_CREATE,
620 CSSM_ACL_AUTHORIZATION_DBS_DELETE = CSSM_WORDID_DBS_DELETE,
621 CSSM_ACL_AUTHORIZATION_DB_READ = CSSM_WORDID_DB_READ,
622 CSSM_ACL_AUTHORIZATION_DB_INSERT = CSSM_WORDID_DB_INSERT,
623 CSSM_ACL_AUTHORIZATION_DB_MODIFY = CSSM_WORDID_DB_MODIFY,
624 CSSM_ACL_AUTHORIZATION_DB_DELETE = CSSM_WORDID_DB_DELETE
625 };
626
627 typedef struct cssm_authorizationgroup {
628 uint32 NumberOfAuthTags;
629 CSSM_ACL_AUTHORIZATION_TAG *AuthTags;
630 } CSSM_AUTHORIZATIONGROUP, *CSSM_AUTHORIZATIONGROUP_PTR;
631
632 typedef struct cssm_acl_validity_period {
633 CSSM_DATA StartDate;
634 CSSM_DATA EndDate;
635 } CSSM_ACL_VALIDITY_PERIOD, *CSSM_ACL_VALIDITY_PERIOD_PTR;
636
637 typedef struct cssm_acl_entry_prototype {
638 CSSM_LIST TypedSubject;
639 CSSM_BOOL Delegate;
640 CSSM_AUTHORIZATIONGROUP Authorization;
641 CSSM_ACL_VALIDITY_PERIOD TimeRange;
642 CSSM_STRING EntryTag;
643 } CSSM_ACL_ENTRY_PROTOTYPE, *CSSM_ACL_ENTRY_PROTOTYPE_PTR;
644
645 typedef struct cssm_acl_owner_prototype {
646 CSSM_LIST TypedSubject;
647 CSSM_BOOL Delegate;
648 } CSSM_ACL_OWNER_PROTOTYPE, *CSSM_ACL_OWNER_PROTOTYPE_PTR;
649
650 typedef CSSM_RETURN (CSSMAPI * CSSM_ACL_SUBJECT_CALLBACK)
651 (const CSSM_LIST *SubjectRequest,
652 CSSM_LIST_PTR SubjectResponse,
653 void *CallerContext,
654 const CSSM_MEMORY_FUNCS *MemFuncs);
655
656 typedef struct cssm_acl_entry_input {
657 CSSM_ACL_ENTRY_PROTOTYPE Prototype;
658 CSSM_ACL_SUBJECT_CALLBACK Callback;
659 void *CallerContext;
660 } CSSM_ACL_ENTRY_INPUT, *CSSM_ACL_ENTRY_INPUT_PTR;
661
662 typedef struct cssm_resource_control_context {
663 CSSM_ACCESS_CREDENTIALS_PTR AccessCred;
664 CSSM_ACL_ENTRY_INPUT InitialAclEntry;
665 } CSSM_RESOURCE_CONTROL_CONTEXT, *CSSM_RESOURCE_CONTROL_CONTEXT_PTR;
666
667 typedef CSSM_HANDLE CSSM_ACL_HANDLE;
668
669 typedef struct cssm_acl_entry_info {
670 CSSM_ACL_ENTRY_PROTOTYPE EntryPublicInfo;
671 CSSM_ACL_HANDLE EntryHandle;
672 } CSSM_ACL_ENTRY_INFO, *CSSM_ACL_ENTRY_INFO_PTR;
673
674 typedef uint32 CSSM_ACL_EDIT_MODE;
675 enum {
676 CSSM_ACL_EDIT_MODE_ADD = 1,
677 CSSM_ACL_EDIT_MODE_DELETE = 2,
678 CSSM_ACL_EDIT_MODE_REPLACE = 3
679 };
680
681 typedef struct cssm_acl_edit {
682 CSSM_ACL_EDIT_MODE EditMode;
683 CSSM_ACL_HANDLE OldEntryHandle;
684 const CSSM_ACL_ENTRY_INPUT *NewEntry;
685 } CSSM_ACL_EDIT, *CSSM_ACL_EDIT_PTR;
686
687 #if defined(WIN32)
688 typedef FARPROC CSSM_PROC_ADDR;
689 #else
690 typedef void (CSSMAPI *CSSM_PROC_ADDR) ();
691 #endif
692 typedef CSSM_PROC_ADDR *CSSM_PROC_ADDR_PTR;
693
694 typedef struct cssm_func_name_addr {
695 CSSM_STRING Name;
696 CSSM_PROC_ADDR Address;
697 } CSSM_FUNC_NAME_ADDR, *CSSM_FUNC_NAME_ADDR_PTR;
698
699
700 /* Data Types for Cryptographic Services */
701
702 typedef struct cssm_date {
703 uint8 Year[4];
704 uint8 Month[2];
705 uint8 Day[2];
706 } CSSM_DATE, *CSSM_DATE_PTR;
707
708 typedef struct cssm_range {
709 uint32 Min; /* inclusive minimum value */
710 uint32 Max; /* inclusive maximum value */
711 } CSSM_RANGE, *CSSM_RANGE_PTR;
712
713 typedef struct cssm_query_size_data {
714 uint32 SizeInputBlock; /* size of input data block */
715 uint32 SizeOutputBlock; /* size of resulting output data block */
716 } CSSM_QUERY_SIZE_DATA, *CSSM_QUERY_SIZE_DATA_PTR;
717
718 typedef uint32 CSSM_HEADERVERSION;
719 enum {
720 CSSM_KEYHEADER_VERSION = 2
721 };
722
723 typedef struct cssm_key_size {
724 uint32 LogicalKeySizeInBits; /* Logical key size in bits */
725 uint32 EffectiveKeySizeInBits; /* Effective key size in bits */
726 } CSSM_KEY_SIZE, *CSSM_KEY_SIZE_PTR;
727
728 typedef uint32 CSSM_KEYBLOB_TYPE;
729 enum {
730 CSSM_KEYBLOB_RAW = 0, /* The blob is a clear, raw key */
731 CSSM_KEYBLOB_REFERENCE = 2, /* The blob is a reference to a key */
732 CSSM_KEYBLOB_WRAPPED = 3, /* The blob is a wrapped RAW key */
733 CSSM_KEYBLOB_OTHER = 0xFFFFFFFF
734 };
735
736 typedef uint32 CSSM_KEYBLOB_FORMAT;
737 enum {
738 /* Raw Format */
739 CSSM_KEYBLOB_RAW_FORMAT_NONE = 0,
740 /* No further conversion need to be done */
741 CSSM_KEYBLOB_RAW_FORMAT_PKCS1 = 1, /* RSA PKCS1 V1.5 */
742 CSSM_KEYBLOB_RAW_FORMAT_PKCS3 = 2, /* RSA PKCS3 V1.5 */
743 CSSM_KEYBLOB_RAW_FORMAT_MSCAPI = 3, /* Microsoft CAPI V2.0 */
744 CSSM_KEYBLOB_RAW_FORMAT_PGP = 4, /* PGP V */
745 CSSM_KEYBLOB_RAW_FORMAT_FIPS186 = 5, /* US Gov. FIPS 186 - DSS V */
746 CSSM_KEYBLOB_RAW_FORMAT_BSAFE = 6, /* RSA Bsafe V3.0 */
747 CSSM_KEYBLOB_RAW_FORMAT_CCA = 9, /* CCA clear public key blob */
748 CSSM_KEYBLOB_RAW_FORMAT_PKCS8 = 10, /* RSA PKCS8 V1.2 */
749 CSSM_KEYBLOB_RAW_FORMAT_SPKI = 11, /* SPKI Specification */
750 CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING = 12,
751 CSSM_KEYBLOB_RAW_FORMAT_OTHER = 0xFFFFFFFF /* Other, CSP defined */
752 };
753 enum {
754 /* Wrapped Format */
755 CSSM_KEYBLOB_WRAPPED_FORMAT_NONE = 0,
756 /* No further conversion need to be done */
757 CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS8 = 1, /* RSA PKCS8 V1.2 */
758 CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS7 = 2,
759 CSSM_KEYBLOB_WRAPPED_FORMAT_MSCAPI = 3,
760 CSSM_KEYBLOB_WRAPPED_FORMAT_OTHER = 0xFFFFFFFF /* Other, CSP defined */
761 };
762 enum {
763 /* Reference Format */
764 CSSM_KEYBLOB_REF_FORMAT_INTEGER = 0, /* Reference is a number or handle */
765 CSSM_KEYBLOB_REF_FORMAT_STRING = 1, /* Reference is a string or label */
766 CSSM_KEYBLOB_REF_FORMAT_SPKI = 2, /* Reference is an SPKI S-expression */
767 /* to be evaluated to locate the key */
768 CSSM_KEYBLOB_REF_FORMAT_OTHER = 0xFFFFFFFF /* Other, CSP defined */
769 };
770
771 typedef uint32 CSSM_KEYCLASS;
772 enum {
773 CSSM_KEYCLASS_PUBLIC_KEY = 0, /* Key is public key */
774 CSSM_KEYCLASS_PRIVATE_KEY = 1, /* Key is private key */
775 CSSM_KEYCLASS_SESSION_KEY = 2, /* Key is session or symmetric key */
776 CSSM_KEYCLASS_SECRET_PART = 3, /* Key is part of secret key */
777 CSSM_KEYCLASS_OTHER = 0xFFFFFFFF /* Other */
778 };
779
780 typedef uint32 CSSM_KEYATTR_FLAGS;
781 enum {
782 /* Valid only during call to an API. Will never be valid when set in a key header */
783 CSSM_KEYATTR_RETURN_DEFAULT = 0x00000000,
784 CSSM_KEYATTR_RETURN_DATA = 0x10000000,
785 CSSM_KEYATTR_RETURN_REF = 0x20000000,
786 CSSM_KEYATTR_RETURN_NONE = 0x40000000,
787 /* Valid during an API call and in a key header */
788 CSSM_KEYATTR_PERMANENT = 0x00000001,
789 CSSM_KEYATTR_PRIVATE = 0x00000002,
790 CSSM_KEYATTR_MODIFIABLE = 0x00000004,
791 CSSM_KEYATTR_SENSITIVE = 0x00000008,
792 CSSM_KEYATTR_EXTRACTABLE = 0x00000020,
793 /* Valid only in a key header generated by a CSP, not valid during an API call */
794 CSSM_KEYATTR_ALWAYS_SENSITIVE = 0x00000010,
795 CSSM_KEYATTR_NEVER_EXTRACTABLE = 0x00000040
796 };
797
798 typedef uint32 CSSM_KEYUSE;
799 enum {
800 CSSM_KEYUSE_ANY = 0x80000000,
801 CSSM_KEYUSE_ENCRYPT = 0x00000001,
802 CSSM_KEYUSE_DECRYPT = 0x00000002,
803 CSSM_KEYUSE_SIGN = 0x00000004,
804 CSSM_KEYUSE_VERIFY = 0x00000008,
805 CSSM_KEYUSE_SIGN_RECOVER = 0x00000010,
806 CSSM_KEYUSE_VERIFY_RECOVER = 0x00000020,
807 CSSM_KEYUSE_WRAP = 0x00000040,
808 CSSM_KEYUSE_UNWRAP = 0x00000080,
809 CSSM_KEYUSE_DERIVE = 0x00000100
810 };
811
812 typedef uint32 CSSM_ALGORITHMS;
813 enum {
814 CSSM_ALGID_NONE = 0,
815 CSSM_ALGID_CUSTOM = CSSM_ALGID_NONE + 1,
816 CSSM_ALGID_DH = CSSM_ALGID_NONE + 2,
817 CSSM_ALGID_PH = CSSM_ALGID_NONE + 3,
818 CSSM_ALGID_KEA = CSSM_ALGID_NONE + 4,
819 CSSM_ALGID_MD2 = CSSM_ALGID_NONE + 5,
820 CSSM_ALGID_MD4 = CSSM_ALGID_NONE + 6,
821 CSSM_ALGID_MD5 = CSSM_ALGID_NONE + 7,
822 CSSM_ALGID_SHA1 = CSSM_ALGID_NONE + 8,
823 CSSM_ALGID_NHASH = CSSM_ALGID_NONE + 9,
824 CSSM_ALGID_HAVAL = CSSM_ALGID_NONE + 10,
825 CSSM_ALGID_RIPEMD = CSSM_ALGID_NONE + 11,
826 CSSM_ALGID_IBCHASH = CSSM_ALGID_NONE + 12,
827 CSSM_ALGID_RIPEMAC = CSSM_ALGID_NONE + 13,
828 CSSM_ALGID_DES = CSSM_ALGID_NONE + 14,
829 CSSM_ALGID_DESX = CSSM_ALGID_NONE + 15,
830 CSSM_ALGID_RDES = CSSM_ALGID_NONE + 16,
831 CSSM_ALGID_3DES_3KEY_EDE = CSSM_ALGID_NONE + 17,
832 CSSM_ALGID_3DES_2KEY_EDE = CSSM_ALGID_NONE + 18,
833 CSSM_ALGID_3DES_1KEY_EEE = CSSM_ALGID_NONE + 19,
834 CSSM_ALGID_3DES_3KEY = CSSM_ALGID_3DES_3KEY_EDE,
835 CSSM_ALGID_3DES_3KEY_EEE = CSSM_ALGID_NONE + 20,
836 CSSM_ALGID_3DES_2KEY = CSSM_ALGID_3DES_2KEY_EDE,
837 CSSM_ALGID_3DES_2KEY_EEE = CSSM_ALGID_NONE + 21,
838 CSSM_ALGID_3DES_1KEY = CSSM_ALGID_3DES_3KEY_EEE,
839 CSSM_ALGID_IDEA = CSSM_ALGID_NONE + 22,
840 CSSM_ALGID_RC2 = CSSM_ALGID_NONE + 23,
841 CSSM_ALGID_RC5 = CSSM_ALGID_NONE + 24,
842 CSSM_ALGID_RC4 = CSSM_ALGID_NONE + 25,
843 CSSM_ALGID_SEAL = CSSM_ALGID_NONE + 26,
844 CSSM_ALGID_CAST = CSSM_ALGID_NONE + 27,
845 CSSM_ALGID_BLOWFISH = CSSM_ALGID_NONE + 28,
846 CSSM_ALGID_SKIPJACK = CSSM_ALGID_NONE + 29,
847 CSSM_ALGID_LUCIFER = CSSM_ALGID_NONE + 30,
848 CSSM_ALGID_MADRYGA = CSSM_ALGID_NONE + 31,
849 CSSM_ALGID_FEAL = CSSM_ALGID_NONE + 32,
850 CSSM_ALGID_REDOC = CSSM_ALGID_NONE + 33,
851 CSSM_ALGID_REDOC3 = CSSM_ALGID_NONE + 34,
852 CSSM_ALGID_LOKI = CSSM_ALGID_NONE + 35,
853 CSSM_ALGID_KHUFU = CSSM_ALGID_NONE + 36,
854 CSSM_ALGID_KHAFRE = CSSM_ALGID_NONE + 37,
855 CSSM_ALGID_MMB = CSSM_ALGID_NONE + 38,
856 CSSM_ALGID_GOST = CSSM_ALGID_NONE + 39,
857 CSSM_ALGID_SAFER = CSSM_ALGID_NONE + 40,
858 CSSM_ALGID_CRAB = CSSM_ALGID_NONE + 41,
859 CSSM_ALGID_RSA = CSSM_ALGID_NONE + 42,
860 CSSM_ALGID_DSA = CSSM_ALGID_NONE + 43,
861 CSSM_ALGID_MD5WithRSA = CSSM_ALGID_NONE + 44,
862 CSSM_ALGID_MD2WithRSA = CSSM_ALGID_NONE + 45,
863 CSSM_ALGID_ElGamal = CSSM_ALGID_NONE + 46,
864 CSSM_ALGID_MD2Random = CSSM_ALGID_NONE + 47,
865 CSSM_ALGID_MD5Random = CSSM_ALGID_NONE + 48,
866 CSSM_ALGID_SHARandom = CSSM_ALGID_NONE + 49,
867 CSSM_ALGID_DESRandom = CSSM_ALGID_NONE + 50,
868 CSSM_ALGID_SHA1WithRSA = CSSM_ALGID_NONE + 51,
869 CSSM_ALGID_CDMF = CSSM_ALGID_NONE + 52,
870 CSSM_ALGID_CAST3 = CSSM_ALGID_NONE + 53,
871 CSSM_ALGID_CAST5 = CSSM_ALGID_NONE + 54,
872 CSSM_ALGID_GenericSecret = CSSM_ALGID_NONE + 55,
873 CSSM_ALGID_ConcatBaseAndKey = CSSM_ALGID_NONE + 56,
874 CSSM_ALGID_ConcatKeyAndBase = CSSM_ALGID_NONE + 57,
875 CSSM_ALGID_ConcatBaseAndData = CSSM_ALGID_NONE + 58,
876 CSSM_ALGID_ConcatDataAndBase = CSSM_ALGID_NONE + 59,
877 CSSM_ALGID_XORBaseAndData = CSSM_ALGID_NONE + 60,
878 CSSM_ALGID_ExtractFromKey = CSSM_ALGID_NONE + 61,
879 CSSM_ALGID_SSL3PreMasterGen = CSSM_ALGID_NONE + 62,
880 CSSM_ALGID_SSL3MasterDerive = CSSM_ALGID_NONE + 63,
881 CSSM_ALGID_SSL3KeyAndMacDerive = CSSM_ALGID_NONE + 64,
882 CSSM_ALGID_SSL3MD5_MAC = CSSM_ALGID_NONE + 65,
883 CSSM_ALGID_SSL3SHA1_MAC = CSSM_ALGID_NONE + 66,
884 CSSM_ALGID_PKCS5_PBKDF1_MD5 = CSSM_ALGID_NONE + 67,
885 CSSM_ALGID_PKCS5_PBKDF1_MD2 = CSSM_ALGID_NONE + 68,
886 CSSM_ALGID_PKCS5_PBKDF1_SHA1 = CSSM_ALGID_NONE + 69,
887 CSSM_ALGID_WrapLynks = CSSM_ALGID_NONE + 70,
888 CSSM_ALGID_WrapSET_OAEP = CSSM_ALGID_NONE + 71,
889 CSSM_ALGID_BATON = CSSM_ALGID_NONE + 72,
890 CSSM_ALGID_ECDSA = CSSM_ALGID_NONE + 73,
891 CSSM_ALGID_MAYFLY = CSSM_ALGID_NONE + 74,
892 CSSM_ALGID_JUNIPER = CSSM_ALGID_NONE + 75,
893 CSSM_ALGID_FASTHASH = CSSM_ALGID_NONE + 76,
894 CSSM_ALGID_3DES = CSSM_ALGID_NONE + 77,
895 CSSM_ALGID_SSL3MD5 = CSSM_ALGID_NONE + 78,
896 CSSM_ALGID_SSL3SHA1 = CSSM_ALGID_NONE + 79,
897 CSSM_ALGID_FortezzaTimestamp = CSSM_ALGID_NONE + 80,
898 CSSM_ALGID_SHA1WithDSA = CSSM_ALGID_NONE + 81,
899 CSSM_ALGID_SHA1WithECDSA = CSSM_ALGID_NONE + 82,
900 CSSM_ALGID_DSA_BSAFE = CSSM_ALGID_NONE + 83,
901 CSSM_ALGID_ECDH = CSSM_ALGID_NONE + 84,
902 CSSM_ALGID_ECMQV = CSSM_ALGID_NONE + 85,
903 CSSM_ALGID_PKCS12_SHA1_PBE = CSSM_ALGID_NONE + 86,
904 CSSM_ALGID_ECNRA = CSSM_ALGID_NONE + 87,
905 CSSM_ALGID_SHA1WithECNRA = CSSM_ALGID_NONE + 88,
906 CSSM_ALGID_ECES = CSSM_ALGID_NONE + 89,
907 CSSM_ALGID_ECAES = CSSM_ALGID_NONE + 90,
908 CSSM_ALGID_SHA1HMAC = CSSM_ALGID_NONE + 91,
909 CSSM_ALGID_FIPS186Random = CSSM_ALGID_NONE + 92,
910 CSSM_ALGID_ECC = CSSM_ALGID_NONE + 93,
911 CSSM_ALGID_MQV = CSSM_ALGID_NONE + 94,
912 CSSM_ALGID_NRA = CSSM_ALGID_NONE + 95,
913 CSSM_ALGID_IntelPlatformRandom = CSSM_ALGID_NONE + 96,
914 CSSM_ALGID_UTC = CSSM_ALGID_NONE + 97,
915 CSSM_ALGID_HAVAL3 = CSSM_ALGID_NONE + 98,
916 CSSM_ALGID_HAVAL4 = CSSM_ALGID_NONE + 99,
917 CSSM_ALGID_HAVAL5 = CSSM_ALGID_NONE + 100,
918 CSSM_ALGID_TIGER = CSSM_ALGID_NONE + 101,
919 CSSM_ALGID_MD5HMAC = CSSM_ALGID_NONE + 102,
920 CSSM_ALGID_PKCS5_PBKDF2 = CSSM_ALGID_NONE + 103,
921 CSSM_ALGID_RUNNING_COUNTER = CSSM_ALGID_NONE + 104,
922 CSSM_ALGID_LAST = CSSM_ALGID_NONE + 0x7FFFFFFF,
923 /* All algorithms IDs that are vendor specific, and not
924 part of the CSSM specification should be defined relative
925 to CSSM_ALGID_VENDOR_DEFINED. */
926 CSSM_ALGID_VENDOR_DEFINED = CSSM_ALGID_NONE + 0x80000000
927 };
928
929 typedef uint32 CSSM_ENCRYPT_MODE;
930 enum {
931 CSSM_ALGMODE_NONE = 0,
932 CSSM_ALGMODE_CUSTOM = CSSM_ALGMODE_NONE + 1,
933 CSSM_ALGMODE_ECB = CSSM_ALGMODE_NONE + 2,
934 CSSM_ALGMODE_ECBPad = CSSM_ALGMODE_NONE + 3,
935 CSSM_ALGMODE_CBC = CSSM_ALGMODE_NONE + 4,
936 CSSM_ALGMODE_CBC_IV8 = CSSM_ALGMODE_NONE + 5,
937 CSSM_ALGMODE_CBCPadIV8 = CSSM_ALGMODE_NONE + 6,
938 CSSM_ALGMODE_CFB = CSSM_ALGMODE_NONE + 7,
939 CSSM_ALGMODE_CFB_IV8 = CSSM_ALGMODE_NONE + 8,
940 CSSM_ALGMODE_CFBPadIV8 = CSSM_ALGMODE_NONE + 9,
941 CSSM_ALGMODE_OFB = CSSM_ALGMODE_NONE + 10,
942 CSSM_ALGMODE_OFB_IV8 = CSSM_ALGMODE_NONE + 11,
943 CSSM_ALGMODE_OFBPadIV8 = CSSM_ALGMODE_NONE + 12,
944 CSSM_ALGMODE_COUNTER = CSSM_ALGMODE_NONE + 13,
945 CSSM_ALGMODE_BC = CSSM_ALGMODE_NONE + 14,
946 CSSM_ALGMODE_PCBC = CSSM_ALGMODE_NONE + 15,
947 CSSM_ALGMODE_CBCC = CSSM_ALGMODE_NONE + 16,
948 CSSM_ALGMODE_OFBNLF = CSSM_ALGMODE_NONE + 17,
949 CSSM_ALGMODE_PBC = CSSM_ALGMODE_NONE + 18,
950 CSSM_ALGMODE_PFB = CSSM_ALGMODE_NONE + 19,
951 CSSM_ALGMODE_CBCPD = CSSM_ALGMODE_NONE + 20,
952 CSSM_ALGMODE_PUBLIC_KEY = CSSM_ALGMODE_NONE + 21,
953 CSSM_ALGMODE_PRIVATE_KEY = CSSM_ALGMODE_NONE + 22,
954 CSSM_ALGMODE_SHUFFLE = CSSM_ALGMODE_NONE + 23,
955 CSSM_ALGMODE_ECB64 = CSSM_ALGMODE_NONE + 24,
956 CSSM_ALGMODE_CBC64 = CSSM_ALGMODE_NONE + 25,
957 CSSM_ALGMODE_OFB64 = CSSM_ALGMODE_NONE + 26,
958 CSSM_ALGMODE_CFB32 = CSSM_ALGMODE_NONE + 28,
959 CSSM_ALGMODE_CFB16 = CSSM_ALGMODE_NONE + 29,
960 CSSM_ALGMODE_CFB8 = CSSM_ALGMODE_NONE + 30,
961 CSSM_ALGMODE_WRAP = CSSM_ALGMODE_NONE + 31,
962 CSSM_ALGMODE_PRIVATE_WRAP = CSSM_ALGMODE_NONE + 32,
963 CSSM_ALGMODE_RELAYX = CSSM_ALGMODE_NONE + 33,
964 CSSM_ALGMODE_ECB128 = CSSM_ALGMODE_NONE + 34,
965 CSSM_ALGMODE_ECB96 = CSSM_ALGMODE_NONE + 35,
966 CSSM_ALGMODE_CBC128 = CSSM_ALGMODE_NONE + 36,
967 CSSM_ALGMODE_OAEP_HASH = CSSM_ALGMODE_NONE + 37,
968 CSSM_ALGMODE_PKCS1_EME_V15 = CSSM_ALGMODE_NONE + 38,
969 CSSM_ALGMODE_PKCS1_EME_OAEP = CSSM_ALGMODE_NONE + 39,
970 CSSM_ALGMODE_PKCS1_EMSA_V15 = CSSM_ALGMODE_NONE + 40,
971 CSSM_ALGMODE_ISO_9796 = CSSM_ALGMODE_NONE + 41,
972 CSSM_ALGMODE_X9_31 = CSSM_ALGMODE_NONE + 42,
973 CSSM_ALGMODE_LAST = CSSM_ALGMODE_NONE + 0x7FFFFFFF,
974 /* All algorithms modes that are vendor specific, and
975 not part of the CSSM specification should be defined
976 relative to CSSM_ALGMODE_VENDOR_DEFINED. */
977 CSSM_ALGMODE_VENDOR_DEFINED = CSSM_ALGMODE_NONE + 0x80000000
978 };
979
980 typedef struct cssm_keyheader {
981 CSSM_HEADERVERSION HeaderVersion; /* Key header version */
982 CSSM_GUID CspId; /* GUID of CSP generating the key */
983 CSSM_KEYBLOB_TYPE BlobType; /* See BlobType enum */
984 CSSM_KEYBLOB_FORMAT Format; /* Raw or Reference format */
985 CSSM_ALGORITHMS AlgorithmId; /* Algorithm ID of key */
986 CSSM_KEYCLASS KeyClass; /* Public/Private/Secret, etc. */
987 uint32 LogicalKeySizeInBits; /* Logical key size in bits */
988 CSSM_KEYATTR_FLAGS KeyAttr; /* Attribute flags */
989 CSSM_KEYUSE KeyUsage; /* Key use flags */
990 CSSM_DATE StartDate; /* Effective date of key */
991 CSSM_DATE EndDate; /* Expiration date of key */
992 CSSM_ALGORITHMS WrapAlgorithmId; /* == CSSM_ALGID_NONE if clear key */
993 CSSM_ENCRYPT_MODE WrapMode; /* if alg supports multiple wrapping modes */
994 uint32 Reserved;
995 } CSSM_KEYHEADER, *CSSM_KEYHEADER_PTR;
996
997 typedef struct cssm_key {
998 CSSM_KEYHEADER KeyHeader; /* Fixed length key header */
999 CSSM_DATA KeyData; /* Variable length key data */
1000 } CSSM_KEY, *CSSM_KEY_PTR;
1001
1002 typedef CSSM_KEY CSSM_WRAP_KEY, *CSSM_WRAP_KEY_PTR;
1003
1004 typedef uint32 CSSM_CSPTYPE;
1005 enum {
1006 CSSM_CSP_SOFTWARE = 1,
1007 CSSM_CSP_HARDWARE = CSSM_CSP_SOFTWARE + 1,
1008 CSSM_CSP_HYBRID = CSSM_CSP_SOFTWARE + 2
1009 };
1010
1011 /* From DL. */
1012 typedef struct cssm_dl_db_handle {
1013 CSSM_DL_HANDLE DLHandle;
1014 CSSM_DB_HANDLE DBHandle;
1015 } CSSM_DL_DB_HANDLE, *CSSM_DL_DB_HANDLE_PTR;
1016
1017 typedef uint32 CSSM_CONTEXT_TYPE;
1018 enum {
1019 CSSM_ALGCLASS_NONE = 0,
1020 CSSM_ALGCLASS_CUSTOM = CSSM_ALGCLASS_NONE + 1,
1021 CSSM_ALGCLASS_SIGNATURE = CSSM_ALGCLASS_NONE + 2,
1022 CSSM_ALGCLASS_SYMMETRIC = CSSM_ALGCLASS_NONE + 3,
1023 CSSM_ALGCLASS_DIGEST = CSSM_ALGCLASS_NONE + 4,
1024 CSSM_ALGCLASS_RANDOMGEN = CSSM_ALGCLASS_NONE + 5,
1025 CSSM_ALGCLASS_UNIQUEGEN = CSSM_ALGCLASS_NONE + 6,
1026 CSSM_ALGCLASS_MAC = CSSM_ALGCLASS_NONE + 7,
1027 CSSM_ALGCLASS_ASYMMETRIC = CSSM_ALGCLASS_NONE + 8,
1028 CSSM_ALGCLASS_KEYGEN = CSSM_ALGCLASS_NONE + 9,
1029 CSSM_ALGCLASS_DERIVEKEY = CSSM_ALGCLASS_NONE + 10
1030 };
1031
1032 /* Attribute data type tags */
1033 enum {
1034 CSSM_ATTRIBUTE_DATA_NONE = 0x00000000,
1035 CSSM_ATTRIBUTE_DATA_UINT32 = 0x10000000,
1036 CSSM_ATTRIBUTE_DATA_CSSM_DATA = 0x20000000,
1037 CSSM_ATTRIBUTE_DATA_CRYPTO_DATA = 0x30000000,
1038 CSSM_ATTRIBUTE_DATA_KEY = 0x40000000,
1039 CSSM_ATTRIBUTE_DATA_STRING = 0x50000000,
1040 CSSM_ATTRIBUTE_DATA_DATE = 0x60000000,
1041 CSSM_ATTRIBUTE_DATA_RANGE = 0x70000000,
1042 CSSM_ATTRIBUTE_DATA_ACCESS_CREDENTIALS = 0x80000000,
1043 CSSM_ATTRIBUTE_DATA_VERSION = 0x01000000,
1044 CSSM_ATTRIBUTE_DATA_DL_DB_HANDLE = 0x02000000,
1045 CSSM_ATTRIBUTE_DATA_KR_PROFILE = 0x03000000,
1046 CSSM_ATTRIBUTE_TYPE_MASK = 0xFF000000
1047 };
1048
1049 typedef uint32 CSSM_ATTRIBUTE_TYPE;
1050 enum {
1051 CSSM_ATTRIBUTE_NONE = 0,
1052 CSSM_ATTRIBUTE_CUSTOM = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 1,
1053 CSSM_ATTRIBUTE_DESCRIPTION = CSSM_ATTRIBUTE_DATA_STRING | 2,
1054 CSSM_ATTRIBUTE_KEY = CSSM_ATTRIBUTE_DATA_KEY | 3,
1055 CSSM_ATTRIBUTE_INIT_VECTOR = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 4,
1056 CSSM_ATTRIBUTE_SALT = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 5,
1057 CSSM_ATTRIBUTE_PADDING = CSSM_ATTRIBUTE_DATA_UINT32 | 6,
1058 CSSM_ATTRIBUTE_RANDOM = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 7,
1059 CSSM_ATTRIBUTE_SEED = CSSM_ATTRIBUTE_DATA_CRYPTO_DATA | 8,
1060 CSSM_ATTRIBUTE_PASSPHRASE = CSSM_ATTRIBUTE_DATA_CRYPTO_DATA | 9,
1061 CSSM_ATTRIBUTE_KEY_LENGTH = CSSM_ATTRIBUTE_DATA_UINT32 | 10,
1062 CSSM_ATTRIBUTE_KEY_LENGTH_RANGE = CSSM_ATTRIBUTE_DATA_RANGE | 11,
1063 CSSM_ATTRIBUTE_BLOCK_SIZE = CSSM_ATTRIBUTE_DATA_UINT32 | 12,
1064 CSSM_ATTRIBUTE_OUTPUT_SIZE = CSSM_ATTRIBUTE_DATA_UINT32 | 13,
1065 CSSM_ATTRIBUTE_ROUNDS = CSSM_ATTRIBUTE_DATA_UINT32 | 14,
1066 CSSM_ATTRIBUTE_IV_SIZE = CSSM_ATTRIBUTE_DATA_UINT32 | 15,
1067 CSSM_ATTRIBUTE_ALG_PARAMS = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 16,
1068 CSSM_ATTRIBUTE_LABEL = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 17,
1069 CSSM_ATTRIBUTE_KEY_TYPE = CSSM_ATTRIBUTE_DATA_UINT32 | 18,
1070 CSSM_ATTRIBUTE_MODE = CSSM_ATTRIBUTE_DATA_UINT32 | 19,
1071 CSSM_ATTRIBUTE_EFFECTIVE_BITS = CSSM_ATTRIBUTE_DATA_UINT32 | 20,
1072 CSSM_ATTRIBUTE_START_DATE = CSSM_ATTRIBUTE_DATA_DATE | 21,
1073 CSSM_ATTRIBUTE_END_DATE = CSSM_ATTRIBUTE_DATA_DATE | 22,
1074 CSSM_ATTRIBUTE_KEYUSAGE = CSSM_ATTRIBUTE_DATA_UINT32 | 23,
1075 CSSM_ATTRIBUTE_KEYATTR = CSSM_ATTRIBUTE_DATA_UINT32 | 24,
1076 CSSM_ATTRIBUTE_VERSION = CSSM_ATTRIBUTE_DATA_VERSION | 25,
1077 CSSM_ATTRIBUTE_PRIME = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 26,
1078 CSSM_ATTRIBUTE_BASE = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 27,
1079 CSSM_ATTRIBUTE_SUBPRIME = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 28,
1080 CSSM_ATTRIBUTE_ALG_ID = CSSM_ATTRIBUTE_DATA_UINT32 | 29,
1081 CSSM_ATTRIBUTE_ITERATION_COUNT = CSSM_ATTRIBUTE_DATA_UINT32 | 30,
1082 CSSM_ATTRIBUTE_ROUNDS_RANGE = CSSM_ATTRIBUTE_DATA_RANGE | 31,
1083 CSSM_ATTRIBUTE_KRPROFILE_LOCAL = CSSM_ATTRIBUTE_DATA_KR_PROFILE | 32,
1084 CSSM_ATTRIBUTE_KRPROFILE_REMOTE = CSSM_ATTRIBUTE_DATA_KR_PROFILE | 33,
1085 CSSM_ATTRIBUTE_CSP_HANDLE = CSSM_ATTRIBUTE_DATA_UINT32 | 34,
1086 CSSM_ATTRIBUTE_DL_DB_HANDLE = CSSM_ATTRIBUTE_DATA_DL_DB_HANDLE | 35,
1087 CSSM_ATTRIBUTE_ACCESS_CREDENTIALS = CSSM_ATTRIBUTE_DATA_ACCESS_CREDENTIALS | 36,
1088 CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT = CSSM_ATTRIBUTE_DATA_UINT32 | 37,
1089 CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT = CSSM_ATTRIBUTE_DATA_UINT32 | 38,
1090 CSSM_ATTRIBUTE_SYMMETRIC_KEY_FORMAT=CSSM_ATTRIBUTE_DATA_UINT32 | 39,
1091 CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT = CSSM_ATTRIBUTE_DATA_UINT32 | 40
1092 };
1093
1094 typedef uint32 CSSM_PADDING;
1095 enum {
1096 CSSM_PADDING_NONE = 0,
1097 CSSM_PADDING_CUSTOM = CSSM_PADDING_NONE + 1,
1098 CSSM_PADDING_ZERO = CSSM_PADDING_NONE + 2,
1099 CSSM_PADDING_ONE = CSSM_PADDING_NONE + 3,
1100 CSSM_PADDING_ALTERNATE = CSSM_PADDING_NONE + 4,
1101 CSSM_PADDING_FF = CSSM_PADDING_NONE + 5,
1102 CSSM_PADDING_PKCS5 = CSSM_PADDING_NONE + 6,
1103 CSSM_PADDING_PKCS7 = CSSM_PADDING_NONE + 7,
1104 CSSM_PADDING_CIPHERSTEALING = CSSM_PADDING_NONE + 8,
1105 CSSM_PADDING_RANDOM = CSSM_PADDING_NONE + 9,
1106 CSSM_PADDING_PKCS1 = CSSM_PADDING_NONE + 10,
1107 /* All padding types that are vendor specific, and not
1108 part of the CSSM specification should be defined
1109 relative to CSSM_PADDING_VENDOR_DEFINED. */
1110 CSSM_PADDING_VENDOR_DEFINED = CSSM_PADDING_NONE + 0x80000000
1111 };
1112
1113 typedef CSSM_ALGORITHMS CSSM_KEY_TYPE;
1114
1115 typedef struct cssm_context_attribute {
1116 CSSM_ATTRIBUTE_TYPE AttributeType;
1117 uint32 AttributeLength;
1118 union cssm_context_attribute_value {
1119 char *String;
1120 uint32 Uint32;
1121 CSSM_ACCESS_CREDENTIALS_PTR AccessCredentials;
1122 CSSM_KEY_PTR Key;
1123 CSSM_DATA_PTR Data;
1124 CSSM_PADDING Padding;
1125 CSSM_DATE_PTR Date;
1126 CSSM_RANGE_PTR Range;
1127 CSSM_CRYPTO_DATA_PTR CryptoData;
1128 CSSM_VERSION_PTR Version;
1129 CSSM_DL_DB_HANDLE_PTR DLDbHandle;
1130 struct cssm_kr_profile *KRProfile;
1131 } Attribute;
1132 } CSSM_CONTEXT_ATTRIBUTE, *CSSM_CONTEXT_ATTRIBUTE_PTR;
1133
1134 typedef struct cssm_context {
1135 CSSM_CONTEXT_TYPE ContextType;
1136 CSSM_ALGORITHMS AlgorithmType;
1137 uint32 NumberOfAttributes;
1138 CSSM_CONTEXT_ATTRIBUTE_PTR ContextAttributes;
1139 CSSM_CSP_HANDLE CSPHandle;
1140 CSSM_BOOL Privileged;
1141 uint32 /*CSSM_KR_POLICY_FLAGS*/ EncryptionProhibited;
1142 uint32 WorkFactor;
1143 uint32 Reserved; /* reserved for future use */
1144 } CSSM_CONTEXT, *CSSM_CONTEXT_PTR;
1145
1146 typedef uint32 CSSM_SC_FLAGS;
1147 enum {
1148 CSSM_CSP_TOK_RNG = 0x00000001,
1149 CSSM_CSP_TOK_CLOCK_EXISTS = 0x00000040
1150 };
1151
1152 typedef uint32 CSSM_CSP_READER_FLAGS;
1153 enum {
1154 CSSM_CSP_RDR_TOKENPRESENT = 0x00000001,
1155 /* Token is present in reader/slot */
1156 CSSM_CSP_RDR_EXISTS = 0x00000002,
1157 /* Device is a reader with a
1158 removable token */
1159 CSSM_CSP_RDR_HW = 0x00000004
1160 /* Slot is a hardware slot */
1161 };
1162
1163 typedef uint32 CSSM_CSP_FLAGS;
1164 enum {
1165 CSSM_CSP_TOK_WRITE_PROTECTED = 0x00000002,
1166 CSSM_CSP_TOK_LOGIN_REQUIRED = 0x00000004,
1167 CSSM_CSP_TOK_USER_PIN_INITIALIZED = 0x00000008,
1168 CSSM_CSP_TOK_PROT_AUTHENTICATION = 0x00000100,
1169 CSSM_CSP_TOK_USER_PIN_EXPIRED = 0x00100000,
1170 CSSM_CSP_TOK_SESSION_KEY_PASSWORD = 0x00200000,
1171 CSSM_CSP_TOK_PRIVATE_KEY_PASSWORD = 0x00400000,
1172 CSSM_CSP_STORES_PRIVATE_KEYS = 0x01000000,
1173 CSSM_CSP_STORES_PUBLIC_KEYS = 0x02000000,
1174 CSSM_CSP_STORES_SESSION_KEYS = 0x04000000,
1175 CSSM_CSP_STORES_CERTIFICATES = 0x08000000,
1176 CSSM_CSP_STORES_GENERIC = 0x10000000
1177 };
1178
1179 typedef uint32 CSSM_PKCS_OAEP_MGF;
1180 enum {
1181 CSSM_PKCS_OAEP_MGF_NONE = 0,
1182 CSSM_PKCS_OAEP_MGF1_SHA1 = CSSM_PKCS_OAEP_MGF_NONE + 1,
1183 CSSM_PKCS_OAEP_MGF1_MD5 = CSSM_PKCS_OAEP_MGF_NONE + 2
1184 };
1185
1186 typedef uint32 CSSM_PKCS_OAEP_PSOURCE;
1187 enum {
1188 CSSM_PKCS_OAEP_PSOURCE_NONE = 0,
1189 CSSM_PKCS_OAEP_PSOURCE_Pspecified = CSSM_PKCS_OAEP_PSOURCE_NONE + 1
1190 };
1191
1192 typedef struct cssm_pkcs1_oaep_params {
1193 uint32 HashAlgorithm;
1194 CSSM_DATA HashParams;
1195 CSSM_PKCS_OAEP_MGF MGF;
1196 CSSM_DATA MGFParams;
1197 CSSM_PKCS_OAEP_PSOURCE PSource;
1198 CSSM_DATA PSourceParams;
1199 } CSSM_PKCS1_OAEP_PARAMS, *CSSM_PKCS1_OAEP_PARAMS_PTR;
1200
1201 typedef struct cssm_csp_operational_statistics {
1202 CSSM_BOOL UserAuthenticated;
1203 /* CSSM_TRUE if the user is logged in to the token, CSSM_FALSE otherwise. */
1204 CSSM_CSP_FLAGS DeviceFlags;
1205 uint32 TokenMaxSessionCount; /* Exported by Cryptoki modules. */
1206 uint32 TokenOpenedSessionCount;
1207 uint32 TokenMaxRWSessionCount;
1208 uint32 TokenOpenedRWSessionCount;
1209 uint32 TokenTotalPublicMem; /* Storage space statistics. */
1210 uint32 TokenFreePublicMem;
1211 uint32 TokenTotalPrivateMem;
1212 uint32 TokenFreePrivateMem;
1213 } CSSM_CSP_OPERATIONAL_STATISTICS, *CSSM_CSP_OPERATIONAL_STATISTICS_PTR;
1214
1215 /* Indicates that the statistical value can not be revealed or is not
1216 relevant for a CSP */
1217 enum {
1218 CSSM_VALUE_NOT_AVAILABLE = (uint32)(~0)
1219 };
1220
1221 typedef struct cssm_pkcs5_pbkdf1_params {
1222 CSSM_DATA Passphrase;
1223 CSSM_DATA InitVector;
1224 } CSSM_PKCS5_PBKDF1_PARAMS, *CSSM_PKCS5_PBKDF1_PARAMS_PTR;
1225
1226 typedef uint32 CSSM_PKCS5_PBKDF2_PRF;
1227 enum {
1228 CSSM_PKCS5_PBKDF2_PRF_HMAC_SHA1 = 0
1229 };
1230
1231 typedef struct cssm_pkcs5_pbkdf2_params {
1232 CSSM_DATA Passphrase;
1233 CSSM_PKCS5_PBKDF2_PRF PseudoRandomFunction;
1234 } CSSM_PKCS5_PBKDF2_PARAMS, *CSSM_PKCS5_PBKDF2_PARAMS_PTR;
1235
1236 typedef struct cssm_kea_derive_params {
1237 CSSM_DATA Rb;
1238 CSSM_DATA Yb;
1239 } CSSM_KEA_DERIVE_PARAMS, *CSSM_KEA_DERIVE_PARAMS_PTR;
1240
1241
1242 /* Data Types for Trust Policy Services */
1243
1244 typedef struct cssm_tp_authority_id {
1245 CSSM_DATA *AuthorityCert;
1246 CSSM_NET_ADDRESS_PTR AuthorityLocation;
1247 } CSSM_TP_AUTHORITY_ID, *CSSM_TP_AUTHORITY_ID_PTR;
1248
1249 typedef uint32 CSSM_TP_AUTHORITY_REQUEST_TYPE, *CSSM_TP_AUTHORITY_REQUEST_TYPE_PTR;
1250 enum {
1251 CSSM_TP_AUTHORITY_REQUEST_CERTISSUE = 0x01,
1252 CSSM_TP_AUTHORITY_REQUEST_CERTREVOKE = 0x02,
1253 CSSM_TP_AUTHORITY_REQUEST_CERTSUSPEND = 0x03,
1254 CSSM_TP_AUTHORITY_REQUEST_CERTRESUME = 0x04,
1255 CSSM_TP_AUTHORITY_REQUEST_CERTVERIFY = 0x05,
1256 CSSM_TP_AUTHORITY_REQUEST_CERTNOTARIZE = 0x06,
1257 CSSM_TP_AUTHORITY_REQUEST_CERTUSERECOVER = 0x07,
1258 CSSM_TP_AUTHORITY_REQUEST_CRLISSUE = 0x100
1259 };
1260
1261 typedef CSSM_RETURN (CSSMAPI * CSSM_TP_VERIFICATION_RESULTS_CALLBACK)
1262 (CSSM_MODULE_HANDLE ModuleHandle,
1263 void *CallerCtx,
1264 CSSM_DATA_PTR VerifiedCert);
1265
1266 /* From CL */
1267 typedef CSSM_DATA CSSM_OID, *CSSM_OID_PTR;
1268
1269 typedef struct cssm_field {
1270 CSSM_OID FieldOid;
1271 CSSM_DATA FieldValue;
1272 } CSSM_FIELD, *CSSM_FIELD_PTR;
1273
1274 /* TP Again. */
1275 typedef struct cssm_tp_policyinfo {
1276 uint32 NumberOfPolicyIds;
1277 CSSM_FIELD_PTR PolicyIds;
1278 void *PolicyControl;
1279 } CSSM_TP_POLICYINFO, *CSSM_TP_POLICYINFO_PTR;
1280
1281 typedef uint32 CSSM_TP_SERVICES;
1282 enum {
1283 /* bit masks for additional Authority services available through TP */
1284 CSSM_TP_KEY_ARCHIVE = 0x0001, /* archive cert & keys */
1285 CSSM_TP_CERT_PUBLISH = 0x0002, /* register cert in directory */
1286 CSSM_TP_CERT_NOTIFY_RENEW = 0x0004, /* notify at renewal time */
1287 CSSM_TP_CERT_DIR_UPDATE = 0x0008, /* update cert registry entry */
1288 CSSM_TP_CRL_DISTRIBUTE = 0x0010 /* push CRL to everyone */
1289 };
1290
1291 typedef uint32 CSSM_TP_ACTION;
1292 enum {
1293 CSSM_TP_ACTION_DEFAULT = 0
1294 };
1295
1296 typedef uint32 CSSM_TP_STOP_ON;
1297 enum {
1298 CSSM_TP_STOP_ON_POLICY = 0, /* use the pre-defined stopping criteria */
1299 CSSM_TP_STOP_ON_NONE = 1, /* evaluate all condition whether TRUE or FALSE */
1300 CSSM_TP_STOP_ON_FIRST_PASS = 2, /* stop evaluation at first TRUE */
1301 CSSM_TP_STOP_ON_FIRST_FAIL = 3 /* stop evaluation at first FALSE */
1302 };
1303
1304 typedef char *CSSM_TIMESTRING;
1305
1306 /* From DL. */
1307 typedef struct cssm_dl_db_list {
1308 uint32 NumHandles;
1309 CSSM_DL_DB_HANDLE_PTR DLDBHandle;
1310 } CSSM_DL_DB_LIST, *CSSM_DL_DB_LIST_PTR;
1311
1312 /* TP Again. */
1313 typedef struct cssm_tp_callerauth_context {
1314 CSSM_TP_POLICYINFO Policy;
1315 CSSM_TIMESTRING VerifyTime;
1316 CSSM_TP_STOP_ON VerificationAbortOn;
1317 CSSM_TP_VERIFICATION_RESULTS_CALLBACK CallbackWithVerifiedCert;
1318 uint32 NumberOfAnchorCerts;
1319 CSSM_DATA_PTR AnchorCerts;
1320 CSSM_DL_DB_LIST_PTR DBList;
1321 CSSM_ACCESS_CREDENTIALS_PTR CallerCredentials;
1322 } CSSM_TP_CALLERAUTH_CONTEXT, *CSSM_TP_CALLERAUTH_CONTEXT_PTR;
1323
1324 typedef uint32 CSSM_CRL_PARSE_FORMAT, * CSSM_CRL_PARSE_FORMAT_PTR;
1325 enum {
1326 CSSM_CRL_PARSE_FORMAT_NONE = 0x00,
1327 CSSM_CRL_PARSE_FORMAT_CUSTOM = 0x01,
1328 CSSM_CRL_PARSE_FORMAT_SEXPR = 0x02,
1329 CSSM_CRL_PARSE_FORMAT_COMPLEX = 0x03,
1330 CSSM_CRL_PARSE_FORMAT_OID_NAMED = 0x04,
1331 CSSM_CRL_PARSE_FORMAT_TUPLE = 0x05,
1332 CSSM_CRL_PARSE_FORMAT_MULTIPLE = 0x7FFE,
1333 CSSM_CRL_PARSE_FORMAT_LAST = 0x7FFF,
1334 /* Applications wishing to define their own custom parse
1335 format should create a uint32 value greater than the
1336 CSSM_CL_CUSTOM_CRL_PARSE_FORMAT */
1337 CSSM_CL_CUSTOM_CRL_PARSE_FORMAT = 0x8000
1338 };
1339
1340 /* From CL. */
1341 typedef uint32 CSSM_CRL_TYPE, *CSSM_CRL_TYPE_PTR;
1342 enum {
1343 CSSM_CRL_TYPE_UNKNOWN = 0x00,
1344 CSSM_CRL_TYPE_X_509v1 = 0x01,
1345 CSSM_CRL_TYPE_X_509v2 = 0x02,
1346 CSSM_CRL_TYPE_SPKI = 0x03,
1347 CSSM_CRL_TYPE_MULTIPLE = 0x7FFE
1348 };
1349
1350 typedef uint32 CSSM_CRL_ENCODING, *CSSM_CRL_ENCODING_PTR;
1351 enum {
1352 CSSM_CRL_ENCODING_UNKNOWN = 0x00,
1353 CSSM_CRL_ENCODING_CUSTOM = 0x01,
1354 CSSM_CRL_ENCODING_BER = 0x02,
1355 CSSM_CRL_ENCODING_DER = 0x03,
1356 CSSM_CRL_ENCODING_BLOOM = 0x04,
1357 CSSM_CRL_ENCODING_SEXPR = 0x05,
1358 CSSM_CRL_ENCODING_MULTIPLE = 0x7FFE
1359 };
1360
1361 typedef struct cssm_encoded_crl {
1362 CSSM_CRL_TYPE CrlType; /* type of CRL */
1363 CSSM_CRL_ENCODING CrlEncoding; /* encoding for this packed CRL */
1364 CSSM_DATA CrlBlob; /* packed CRL */
1365 } CSSM_ENCODED_CRL, *CSSM_ENCODED_CRL_PTR;
1366
1367 /* TP Again. */
1368 typedef struct cssm_parsed_crl {
1369 CSSM_CRL_TYPE CrlType; /* CRL type */
1370 CSSM_CRL_PARSE_FORMAT ParsedCrlFormat;
1371 /* struct of ParsedCrl */
1372 void *ParsedCrl; /* parsed CRL (to be typecast) */
1373 } CSSM_PARSED_CRL, *CSSM_PARSED_CRL_PTR;
1374
1375 typedef struct cssm_crl_pair {
1376 CSSM_ENCODED_CRL EncodedCrl; /* an encoded CRL blob */
1377 CSSM_PARSED_CRL ParsedCrl; /* equivalent parsed CRL */
1378 } CSSM_CRL_PAIR, *CSSM_CRL_PAIR_PTR;
1379
1380 typedef uint32 CSSM_CRLGROUP_TYPE, * CSSM_CRLGROUP_TYPE_PTR;
1381 enum {
1382 CSSM_CRLGROUP_DATA = 0x00,
1383 CSSM_CRLGROUP_ENCODED_CRL = 0x01,
1384 CSSM_CRLGROUP_PARSED_CRL = 0x02,
1385 CSSM_CRLGROUP_CRL_PAIR = 0x03
1386 };
1387
1388 typedef struct cssm_crlgroup {
1389 CSSM_CRL_TYPE CrlType;
1390 CSSM_CRL_ENCODING CrlEncoding;
1391 uint32 NumberOfCrls;
1392 union {
1393 CSSM_DATA_PTR CrlList; /* CRL blob */
1394 CSSM_ENCODED_CRL_PTR EncodedCrlList; /* CRL blob w/ separate type */
1395 CSSM_PARSED_CRL_PTR ParsedCrlList; /* bushy, parsed CRL */
1396 CSSM_CRL_PAIR_PTR PairCrlList;
1397 } GroupCrlList;
1398 CSSM_CRLGROUP_TYPE CrlGroupType;
1399 } CSSM_CRLGROUP, *CSSM_CRLGROUP_PTR;
1400
1401 typedef struct cssm_fieldgroup {
1402 int NumberOfFields; /* number of fields in the array */
1403 CSSM_FIELD_PTR Fields; /* array of fields */
1404 } CSSM_FIELDGROUP, *CSSM_FIELDGROUP_PTR;
1405
1406 typedef uint32 CSSM_EVIDENCE_FORM;
1407 enum {
1408 CSSM_EVIDENCE_FORM_UNSPECIFIC = 0x0,
1409 CSSM_EVIDENCE_FORM_CERT = 0x1,
1410 CSSM_EVIDENCE_FORM_CRL = 0x2,
1411 CSSM_EVIDENCE_FORM_CERT_ID = 0x3,
1412 CSSM_EVIDENCE_FORM_CRL_ID = 0x4,
1413 CSSM_EVIDENCE_FORM_VERIFIER_TIME = 0x5,
1414 CSSM_EVIDENCE_FORM_CRL_THISTIME = 0x6,
1415 CSSM_EVIDENCE_FORM_CRL_NEXTTIME = 0x7,
1416 CSSM_EVIDENCE_FORM_POLICYINFO = 0x8,
1417 CSSM_EVIDENCE_FORM_TUPLEGROUP = 0x9
1418 };
1419
1420 typedef struct cssm_evidence {
1421 CSSM_EVIDENCE_FORM EvidenceForm;
1422 void *Evidence; /* Evidence content */
1423 } CSSM_EVIDENCE, *CSSM_EVIDENCE_PTR;
1424
1425 typedef struct cssm_tp_verify_context {
1426 CSSM_TP_ACTION Action;
1427 CSSM_DATA ActionData;
1428 CSSM_CRLGROUP Crls;
1429 CSSM_TP_CALLERAUTH_CONTEXT_PTR Cred;
1430 } CSSM_TP_VERIFY_CONTEXT, *CSSM_TP_VERIFY_CONTEXT_PTR;
1431
1432 typedef struct cssm_tp_verify_context_result {
1433 uint32 NumberOfEvidences;
1434 CSSM_EVIDENCE_PTR Evidence;
1435 } CSSM_TP_VERIFY_CONTEXT_RESULT, *CSSM_TP_VERIFY_CONTEXT_RESULT_PTR;
1436
1437 typedef struct cssm_tp_request_set {
1438 uint32 NumberOfRequests;
1439 void *Requests;
1440 } CSSM_TP_REQUEST_SET, *CSSM_TP_REQUEST_SET_PTR;
1441
1442 typedef struct cssm_tp_result_set {
1443 uint32 NumberOfResults;
1444 void *Results;
1445 } CSSM_TP_RESULT_SET, *CSSM_TP_RESULT_SET_PTR;
1446
1447 typedef uint32 CSSM_TP_CONFIRM_STATUS, *CSSM_TP_CONFIRM_STATUS_PTR;
1448 enum {
1449 CSSM_TP_CONFIRM_STATUS_UNKNOWN = 0x0,
1450 /* indeterminate */
1451 CSSM_TP_CONFIRM_ACCEPT = 0x1,
1452 /* accept results of executing a
1453 submit-retrieve function pair */
1454 CSSM_TP_CONFIRM_REJECT = 0x2
1455 /* reject results of executing a
1456 submit-retrieve function pair */
1457 };
1458
1459 typedef struct cssm_tp_confirm_response {
1460 uint32 NumberOfResponses;
1461 CSSM_TP_CONFIRM_STATUS_PTR Responses;
1462 } CSSM_TP_CONFIRM_RESPONSE, *CSSM_TP_CONFIRM_RESPONSE_PTR;
1463
1464 enum {
1465 CSSM_ESTIMATED_TIME_UNKNOWN = -1
1466 };
1467
1468 enum {
1469 CSSM_ELAPSED_TIME_UNKNOWN = -1,
1470 CSSM_ELAPSED_TIME_COMPLETE = -2
1471 };
1472
1473 typedef struct cssm_tp_certissue_input {
1474 CSSM_SUBSERVICE_UID CSPSubserviceUid;
1475 CSSM_CL_HANDLE CLHandle;
1476 uint32 NumberOfTemplateFields;
1477 CSSM_FIELD_PTR SubjectCertFields;
1478 CSSM_TP_SERVICES MoreServiceRequests;
1479 uint32 NumberOfServiceControls;
1480 CSSM_FIELD_PTR ServiceControls;
1481 CSSM_ACCESS_CREDENTIALS_PTR UserCredentials;
1482 } CSSM_TP_CERTISSUE_INPUT, *CSSM_TP_CERTISSUE_INPUT_PTR;
1483
1484 typedef uint32 CSSM_TP_CERTISSUE_STATUS;
1485 enum {
1486 CSSM_TP_CERTISSUE_STATUS_UNKNOWN = 0x0,
1487 /* indeterminate */
1488 CSSM_TP_CERTISSUE_OK = 0x1,
1489 /* cert issued as requested */
1490 CSSM_TP_CERTISSUE_OKWITHCERTMODS = 0x2,
1491 /* cert issued but cert contents were
1492 updated by the issuing authority */
1493 CSSM_TP_CERTISSUE_OKWITHSERVICEMODS = 0x3,
1494 /* cert issued but some requested backend
1495 services were not performed by the
1496 issuing authority */
1497 CSSM_TP_CERTISSUE_REJECTED = 0x4,
1498 /* cert was not issued due to some error
1499 condition */
1500 CSSM_TP_CERTISSUE_NOT_AUTHORIZED = 0x5,
1501 /* cert was not issued, the request was
1502 not authorized */
1503 CSSM_TP_CERTISSUE_WILL_BE_REVOKED = 0x6
1504 /* cert was issued, but TP has initiated
1505 a revocation of the certificate */
1506 };
1507
1508 typedef struct cssm_tp_certissue_output {
1509 CSSM_TP_CERTISSUE_STATUS IssueStatus;
1510 CSSM_CERTGROUP_PTR CertGroup;
1511 CSSM_TP_SERVICES PerformedServiceRequests;
1512 } CSSM_TP_CERTISSUE_OUTPUT, *CSSM_TP_CERTISSUE_OUTPUT_PTR;
1513
1514 typedef uint32 CSSM_TP_CERTCHANGE_ACTION;
1515 enum {
1516 CSSM_TP_CERTCHANGE_NONE = 0x0, /* no change */
1517 CSSM_TP_CERTCHANGE_REVOKE = 0x1, /* Revoke the certificate */
1518 /* This action type indicates a request to revoke a single
1519 certificate. Notice of the revocation operation remains
1520 in affect until the certificate itself expires. Revocation
1521 should be used to permanently remove a certificate from use. */
1522 CSSM_TP_CERTCHANGE_HOLD = 0x2, /* Hold/suspend the certificate */
1523 /* This action type indicates a request to suspend a
1524 single certificate. A suspension operation implies
1525 that the requester intends, at some time in the future,
1526 to request that the certificate be released from hold,
1527 making it available for use again. Placing a hold on
1528 a certificate does not obligate the requester to
1529 request a release. In practice, a certificate may
1530 remain on hold until the certificate itself expires.
1531 Revocation should be used to permanently remove a
1532 certificate from use. */
1533 CSSM_TP_CERTCHANGE_RELEASE = 0x3 /* Release the held certificate */
1534 /* This action type indicates a request to release a
1535 single certificate currently on hold. A release
1536 operation makes a certificate available for use again.
1537 Revocation should be used to permanently remove a
1538 certificate from use. */
1539 };
1540
1541 typedef uint32 CSSM_TP_CERTCHANGE_REASON;
1542 enum {
1543 CSSM_TP_CERTCHANGE_REASON_UNKNOWN = 0x0,
1544 /* unspecified */
1545 CSSM_TP_CERTCHANGE_REASON_KEYCOMPROMISE = 0x1,
1546 /* Subject key believed to be compromised */
1547 CSSM_TP_CERTCHANGE_REASON_CACOMPROMISE = 0x2,
1548 /* CA\92s key believed to be compromised */
1549 CSSM_TP_CERTCHANGE_REASON_CEASEOPERATION = 0x3,
1550 /* certificate holder ceases operation under
1551 the jurisdiction of this certificate */
1552 CSSM_TP_CERTCHANGE_REASON_AFFILIATIONCHANGE = 0x4,
1553 /* certificate holder has moved from this
1554 jurisdiction */
1555 CSSM_TP_CERTCHANGE_REASON_SUPERCEDED = 0x5,
1556 /* certificate holder as issued a new, superceding
1557 certificate */
1558 CSSM_TP_CERTCHANGE_REASON_SUSPECTEDCOMPROMISE = 0x6,
1559 /* certificate could be compromised */
1560 CSSM_TP_CERTCHANGE_REASON_HOLDRELEASE = 0x7
1561 /* certificate holder resumes operation under the
1562 jurisdiction of this certificate */
1563 };
1564
1565 typedef struct cssm_tp_certchange_input {
1566 CSSM_TP_CERTCHANGE_ACTION Action;
1567 CSSM_TP_CERTCHANGE_REASON Reason;
1568 CSSM_CL_HANDLE CLHandle;
1569 CSSM_DATA_PTR Cert;
1570 CSSM_FIELD_PTR ChangeInfo;
1571 CSSM_TIMESTRING StartTime;
1572 CSSM_ACCESS_CREDENTIALS_PTR CallerCredentials;
1573 } CSSM_TP_CERTCHANGE_INPUT, *CSSM_TP_CERTCHANGE_INPUT_PTR;
1574
1575 typedef uint32 CSSM_TP_CERTCHANGE_STATUS;
1576 enum {
1577 CSSM_TP_CERTCHANGE_STATUS_UNKNOWN = 0x0,
1578 /* indeterminate */
1579 CSSM_TP_CERTCHANGE_OK = 0x1,
1580 /* cert state was successfully changed
1581 beginning at the specified time */
1582 CSSM_TP_CERTCHANGE_OKWITHNEWTIME = 0x2,
1583 /* cert state was successfully changed,
1584 at a modified effective time */
1585 CSSM_TP_CERTCHANGE_WRONGCA = 0x3,
1586 /* cert state was not changed, the
1587 selected CA is not authorized to
1588 change the cert state */
1589 CSSM_TP_CERTCHANGE_REJECTED = 0x4,
1590 /* cert state was not changed due to some
1591 error condition */
1592 CSSM_TP_CERTCHANGE_NOT_AUTHORIZED = 0x5
1593 /* cert state was not changed, the
1594 requester is not authorized to change
1595 the cert state */
1596 };
1597
1598 typedef struct cssm_tp_certchange_output {
1599 CSSM_TP_CERTCHANGE_STATUS ActionStatus;
1600 CSSM_FIELD RevokeInfo;
1601 } CSSM_TP_CERTCHANGE_OUTPUT, *CSSM_TP_CERTCHANGE_OUTPUT_PTR;
1602
1603 typedef struct cssm_tp_certverify_input {
1604 CSSM_CL_HANDLE CLHandle;
1605 CSSM_DATA_PTR Cert;
1606 CSSM_TP_VERIFY_CONTEXT_PTR VerifyContext;
1607 } CSSM_TP_CERTVERIFY_INPUT, *CSSM_TP_CERTVERIFY_INPUT_PTR;
1608
1609 typedef uint32 CSSM_TP_CERTVERIFY_STATUS;
1610 enum {
1611 CSSM_TP_CERTVERIFY_UNKNOWN = 0x0,
1612 CSSM_TP_CERTVERIFY_VALID = 0x1,
1613 CSSM_TP_CERTVERIFY_INVALID = 0x2,
1614 CSSM_TP_CERTVERIFY_REVOKED = 0x3,
1615 CSSM_TP_CERTVERIFY_SUSPENDED = 0x4,
1616 CSSM_TP_CERTVERIFY_EXPIRED = 0x5,
1617 CSSM_TP_CERTVERIFY_NOT_VALID_YET = 0x6,
1618 CSSM_TP_CERTVERIFY_INVALID_AUTHORITY = 0x7,
1619 CSSM_TP_CERTVERIFY_INVALID_SIGNATURE = 0x8,
1620 CSSM_TP_CERTVERIFY_INVALID_CERT_VALUE = 0x9,
1621 CSSM_TP_CERTVERIFY_INVALID_CERTGROUP = 0xA,
1622 CSSM_TP_CERTVERIFY_INVALID_POLICY = 0xB,
1623 CSSM_TP_CERTVERIFY_INVALID_POLICY_IDS = 0xC,
1624 CSSM_TP_CERTVERIFY_INVALID_BASIC_CONSTRAINTS = 0xD,
1625 CSSM_TP_CERTVERIFY_INVALID_CRL_DIST_PT = 0xE,
1626 CSSM_TP_CERTVERIFY_INVALID_NAME_TREE = 0xF,
1627 CSSM_TP_CERTVERIFY_UNKNOWN_CRITICAL_EXT = 0x10
1628 };
1629
1630 typedef struct cssm_tp_certverify_output {
1631 CSSM_TP_CERTVERIFY_STATUS VerifyStatus;
1632 uint32 NumberOfEvidence;
1633 CSSM_EVIDENCE_PTR Evidence;
1634 } CSSM_TP_CERTVERIFY_OUTPUT, *CSSM_TP_CERTVERIFY_OUTPUT_PTR;
1635
1636 typedef struct cssm_tp_certnotarize_input {
1637 CSSM_CL_HANDLE CLHandle;
1638 uint32 NumberOfFields;
1639 CSSM_FIELD_PTR MoreFields;
1640 CSSM_FIELD_PTR SignScope;
1641 uint32 ScopeSize;
1642 CSSM_TP_SERVICES MoreServiceRequests;
1643 uint32 NumberOfServiceControls;
1644 CSSM_FIELD_PTR ServiceControls;
1645 CSSM_ACCESS_CREDENTIALS_PTR UserCredentials;
1646 } CSSM_TP_CERTNOTARIZE_INPUT, *CSSM_TP_CERTNOTARIZE_INPUT_PTR;
1647
1648 typedef uint32 CSSM_TP_CERTNOTARIZE_STATUS;
1649 enum {
1650 CSSM_TP_CERTNOTARIZE_STATUS_UNKNOWN = 0x0,
1651 /* indeterminate */
1652 CSSM_TP_CERTNOTARIZE_OK = 0x1,
1653 /* cert fields were added and the result was
1654 notarized as requested */
1655 CSSM_TP_CERTNOTARIZE_OKWITHOUTFIELDS = 0x2,
1656 /* non-conflicting cert fields were added,
1657 conflicting cert fields were ignored,
1658 and the result was notarized as requested */
1659 CSSM_TP_CERTNOTARIZE_OKWITHSERVICEMODS = 0x3,
1660 /* cert fields were added and the result was
1661 notarized as requested, but some requested
1662 backend services were not performed by the
1663 notary */
1664 CSSM_TP_CERTNOTARIZE_REJECTED = 0x4,
1665 /* cert was not notarized due to some error
1666 condition */
1667 CSSM_TP_CERTNOTARIZE_NOT_AUTHORIZED = 0x5
1668 /* cert was not notarized, the request was
1669 not authorized */
1670 };
1671
1672 typedef struct cssm_tp_certnotarize_output {
1673 CSSM_TP_CERTNOTARIZE_STATUS NotarizeStatus;
1674 CSSM_CERTGROUP_PTR NotarizedCertGroup;
1675 CSSM_TP_SERVICES PerformedServiceRequests;
1676 } CSSM_TP_CERTNOTARIZE_OUTPUT, *CSSM_TP_CERTNOTARIZE_OUTPUT_PTR;
1677
1678 typedef struct cssm_tp_certreclaim_input {
1679 CSSM_CL_HANDLE CLHandle;
1680 uint32 NumberOfSelectionFields;
1681 CSSM_FIELD_PTR SelectionFields;
1682 CSSM_ACCESS_CREDENTIALS_PTR UserCredentials;
1683 } CSSM_TP_CERTRECLAIM_INPUT, *CSSM_TP_CERTRECLAIM_INPUT_PTR;
1684
1685 typedef uint32 CSSM_TP_CERTRECLAIM_STATUS;
1686 enum {
1687 CSSM_TP_CERTRECLAIM_STATUS_UNKNOWN = 0x0,
1688 /* indeterminate */
1689 CSSM_TP_CERTRECLAIM_OK = 0x1,
1690 /* a set of one or more certificates were
1691 returned by the CA for local recovery
1692 of the associated private key */
1693 CSSM_TP_CERTRECLAIM_NOMATCH = 0x2,
1694 /* no certificates owned by the requester
1695 were found matching the specified
1696 selection fields */
1697 CSSM_TP_CERTRECLAIM_REJECTED = 0x3,
1698 /* certificate reclamation failed due
1699 to some error condition */
1700 CSSM_TP_CERTRECLAIM_NOT_AUTHORIZED = 0x4
1701 /* certificate reclamation was not
1702 performed, the request was not
1703 authorized */
1704 };
1705
1706 typedef struct cssm_tp_certreclaim_output {
1707 CSSM_TP_CERTRECLAIM_STATUS ReclaimStatus;
1708 CSSM_CERTGROUP_PTR ReclaimedCertGroup;
1709 CSSM_LONG_HANDLE KeyCacheHandle;
1710 } CSSM_TP_CERTRECLAIM_OUTPUT, *CSSM_TP_CERTRECLAIM_OUTPUT_PTR;
1711
1712 typedef struct cssm_tp_crlissue_input {
1713 CSSM_CL_HANDLE CLHandle;
1714 uint32 CrlIdentifier;
1715 CSSM_TIMESTRING CrlThisTime;
1716 CSSM_FIELD_PTR PolicyIdentifier;
1717 CSSM_ACCESS_CREDENTIALS_PTR CallerCredentials;
1718 } CSSM_TP_CRLISSUE_INPUT, *CSSM_TP_CRLISSUE_INPUT_PTR;
1719
1720 typedef uint32 CSSM_TP_CRLISSUE_STATUS;
1721 enum {
1722 CSSM_TP_CRLISSUE_STATUS_UNKNOWN = 0x0,
1723 /* indeterminate */
1724 CSSM_TP_CRLISSUE_OK = 0x1,
1725 /* a copy of the most current CRL was
1726 issued as requested and the time for
1727 issuing the next CRL is also returned */
1728 CSSM_TP_CRLISSUE_NOT_CURRENT = 0x2,
1729 /* either no CRL has been issued since
1730 the CRL identified in the request, or
1731 it is not time to issue an updated CRL.
1732 no CRL has been returned, but the time
1733 for issuing the next CRL is included
1734 in the results */
1735 CSSM_TP_CRLISSUE_INVALID_DOMAIN = 0x3,
1736 /* CRL domain was not recognized or was
1737 outside the CA jurisdiction, no CRL or
1738 time for the next CRL has been
1739 returned. */
1740 CSSM_TP_CRLISSUE_UNKNOWN_IDENTIFIER = 0x4,
1741 /* unrecognized CRL identifier, no CRL or
1742 time for the next CRL has been
1743 returned. */
1744 CSSM_TP_CRLISSUE_REJECTED = 0x5,
1745 /* CRL was not issued due to some error
1746 condition, no CRL or time for the next
1747 CRL has been returned. */
1748 CSSM_TP_CRLISSUE_NOT_AUTHORIZED = 0x6
1749 /* CRL was not issued, the request was
1750 not authorized, no CRL or time for the
1751 next CRL has been returned. */
1752 };
1753
1754 typedef struct cssm_tp_crlissue_output {
1755 CSSM_TP_CRLISSUE_STATUS IssueStatus;
1756 CSSM_ENCODED_CRL_PTR Crl;
1757 CSSM_TIMESTRING CrlNextTime;
1758 } CSSM_TP_CRLISSUE_OUTPUT, *CSSM_TP_CRLISSUE_OUTPUT_PTR;
1759
1760 typedef uint32 CSSM_TP_FORM_TYPE;
1761 enum {
1762 CSSM_TP_FORM_TYPE_GENERIC = 0x0,
1763 CSSM_TP_FORM_TYPE_REGISTRATION = 0x1
1764 };
1765
1766 /* Data Types for Certificate Library Services */
1767
1768 typedef uint32 CSSM_CL_TEMPLATE_TYPE;
1769 enum {
1770 CSSM_CL_TEMPLATE_INTERMEDIATE_CERT = 1,
1771 /* for X509 certificates, a fully-formed
1772 encoded certificate with empty signature field */
1773 CSSM_CL_TEMPLATE_PKIX_CERTTEMPLATE = 2
1774 /* as defined in RFC2511, section 5 CertTemplate */
1775 };
1776
1777 typedef uint32 CSSM_CERT_BUNDLE_TYPE;
1778 enum {
1779 CSSM_CERT_BUNDLE_UNKNOWN = 0x00,
1780 CSSM_CERT_BUNDLE_CUSTOM = 0x01,
1781 CSSM_CERT_BUNDLE_PKCS7_SIGNED_DATA = 0x02,
1782 CSSM_CERT_BUNDLE_PKCS7_SIGNED_ENVELOPED_DATA = 0x03,
1783 CSSM_CERT_BUNDLE_PKCS12 = 0x04,
1784 CSSM_CERT_BUNDLE_PFX = 0x05,
1785 CSSM_CERT_BUNDLE_SPKI_SEQUENCE = 0x06,
1786 CSSM_CERT_BUNDLE_PGP_KEYRING = 0x07,
1787 CSSM_CERT_BUNDLE_LAST = 0x7FFF,
1788 /* Applications wishing to define their own custom certificate
1789 bundle type should define and publicly document a uint32
1790 value greater than CSSM_CL_CUSTOM_CERT_BUNDLE_TYPE */
1791 CSSM_CL_CUSTOM_CERT_BUNDLE_TYPE = 0x8000
1792 };
1793
1794 typedef uint32 CSSM_CERT_BUNDLE_ENCODING;
1795 enum {
1796 CSSM_CERT_BUNDLE_ENCODING_UNKNOWN = 0x00,
1797 CSSM_CERT_BUNDLE_ENCODING_CUSTOM = 0x01,
1798 CSSM_CERT_BUNDLE_ENCODING_BER = 0x02,
1799 CSSM_CERT_BUNDLE_ENCODING_DER = 0x03,
1800 CSSM_CERT_BUNDLE_ENCODING_SEXPR = 0x04,
1801 CSSM_CERT_BUNDLE_ENCODING_PGP = 0x05
1802 };
1803
1804 typedef struct cssm_cert_bundle_header {
1805 CSSM_CERT_BUNDLE_TYPE BundleType;
1806 CSSM_CERT_BUNDLE_ENCODING BundleEncoding;
1807 } CSSM_CERT_BUNDLE_HEADER, *CSSM_CERT_BUNDLE_HEADER_PTR;
1808
1809 typedef struct cssm_cert_bundle {
1810 CSSM_CERT_BUNDLE_HEADER BundleHeader;
1811 CSSM_DATA Bundle;
1812 } CSSM_CERT_BUNDLE, *CSSM_CERT_BUNDLE_PTR;
1813
1814 enum {
1815 CSSM_FIELDVALUE_COMPLEX_DATA_TYPE = 0xFFFFFFFF
1816 };
1817
1818 /* Data Types for Data Storage Library Services */
1819
1820 typedef uint32 CSSM_DB_ATTRIBUTE_NAME_FORMAT, *CSSM_DB_ATTRIBUTE_NAME_FORMAT_PTR;
1821 enum {
1822 CSSM_DB_ATTRIBUTE_NAME_AS_STRING = 0,
1823 CSSM_DB_ATTRIBUTE_NAME_AS_OID = 1,
1824 CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER = 2
1825 };
1826
1827 typedef uint32 CSSM_DB_ATTRIBUTE_FORMAT, *CSSM_DB_ATTRIBUTE_FORMAT_PTR;
1828 enum {
1829 CSSM_DB_ATTRIBUTE_FORMAT_STRING = 0,
1830 CSSM_DB_ATTRIBUTE_FORMAT_SINT32 = 1,
1831 CSSM_DB_ATTRIBUTE_FORMAT_UINT32 = 2,
1832 CSSM_DB_ATTRIBUTE_FORMAT_BIG_NUM = 3,
1833 CSSM_DB_ATTRIBUTE_FORMAT_REAL = 4,
1834 CSSM_DB_ATTRIBUTE_FORMAT_TIME_DATE = 5,
1835 CSSM_DB_ATTRIBUTE_FORMAT_BLOB = 6,
1836 CSSM_DB_ATTRIBUTE_FORMAT_MULTI_UINT32 = 7,
1837 CSSM_DB_ATTRIBUTE_FORMAT_COMPLEX = 8
1838 };
1839
1840 typedef struct cssm_db_attribute_info {
1841 CSSM_DB_ATTRIBUTE_NAME_FORMAT AttributeNameFormat;
1842 union cssm_db_attribute_label {
1843 char *AttributeName; /* e.g., "record label" */
1844 CSSM_OID AttributeOID; /* e.g., CSSMOID_RECORDLABEL */
1845 uint32 AttributeID; /* e.g., FOUR_CHAR_CODE('recl') */
1846 } Label;
1847 CSSM_DB_ATTRIBUTE_FORMAT AttributeFormat;
1848 } CSSM_DB_ATTRIBUTE_INFO, *CSSM_DB_ATTRIBUTE_INFO_PTR;
1849
1850 typedef struct cssm_db_attribute_data {
1851 CSSM_DB_ATTRIBUTE_INFO Info;
1852 uint32 NumberOfValues;
1853 CSSM_DATA_PTR Value;
1854 } CSSM_DB_ATTRIBUTE_DATA, *CSSM_DB_ATTRIBUTE_DATA_PTR;
1855
1856 typedef uint32 CSSM_DB_RECORDTYPE;
1857 enum {
1858 /* Schema Management Name Space Range Definition*/
1859 CSSM_DB_RECORDTYPE_SCHEMA_START = 0x00000000,
1860 CSSM_DB_RECORDTYPE_SCHEMA_END = CSSM_DB_RECORDTYPE_SCHEMA_START + 4,
1861 /* Open Group Application Name Space Range Definition*/
1862 CSSM_DB_RECORDTYPE_OPEN_GROUP_START = 0x0000000A,
1863 CSSM_DB_RECORDTYPE_OPEN_GROUP_END = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 8,
1864 /* Industry At Large Application Name Space Range Definition */
1865 CSSM_DB_RECORDTYPE_APP_DEFINED_START = 0x80000000,
1866 CSSM_DB_RECORDTYPE_APP_DEFINED_END = 0xffffffff,
1867 /* Record Types defined in the Schema Management Name Space */
1868 CSSM_DL_DB_SCHEMA_INFO = CSSM_DB_RECORDTYPE_SCHEMA_START + 0,
1869 CSSM_DL_DB_SCHEMA_INDEXES = CSSM_DB_RECORDTYPE_SCHEMA_START + 1,
1870 CSSM_DL_DB_SCHEMA_ATTRIBUTES = CSSM_DB_RECORDTYPE_SCHEMA_START + 2,
1871 CSSM_DL_DB_SCHEMA_PARSING_MODULE = CSSM_DB_RECORDTYPE_SCHEMA_START + 3,
1872 /* Record Types defined in the Open Group Application Name Space */
1873 CSSM_DL_DB_RECORD_ANY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 0,
1874 CSSM_DL_DB_RECORD_CERT = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 1,
1875 CSSM_DL_DB_RECORD_CRL = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 2,
1876 CSSM_DL_DB_RECORD_POLICY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 3,
1877 CSSM_DL_DB_RECORD_GENERIC = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 4,
1878 CSSM_DL_DB_RECORD_PUBLIC_KEY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 5,
1879 CSSM_DL_DB_RECORD_PRIVATE_KEY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 6,
1880 CSSM_DL_DB_RECORD_SYMMETRIC_KEY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 7,
1881 CSSM_DL_DB_RECORD_ALL_KEYS = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 8
1882 };
1883
1884 enum {
1885 CSSM_DB_CERT_USE_TRUSTED = 0x00000001, /* application-defined as trusted */
1886 CSSM_DB_CERT_USE_SYSTEM = 0x00000002, /* the CSSM system cert */
1887 CSSM_DB_CERT_USE_OWNER = 0x00000004, /* private key owned by system user*/
1888 CSSM_DB_CERT_USE_REVOKED = 0x00000008, /* revoked cert -15913 used w CRL APIs */
1889 CSSM_DB_CERT_USE_SIGNING = 0x00000010, /* use cert for signing only */
1890 CSSM_DB_CERT_USE_PRIVACY = 0x00000020 /* use cert for confidentiality only */
1891 };
1892
1893 typedef struct cssm_db_record_attribute_info {
1894 CSSM_DB_RECORDTYPE DataRecordType;
1895 uint32 NumberOfAttributes;
1896 CSSM_DB_ATTRIBUTE_INFO_PTR AttributeInfo;
1897 } CSSM_DB_RECORD_ATTRIBUTE_INFO, *CSSM_DB_RECORD_ATTRIBUTE_INFO_PTR;
1898
1899 typedef struct cssm_db_record_attribute_data {
1900 CSSM_DB_RECORDTYPE DataRecordType;
1901 uint32 SemanticInformation;
1902 uint32 NumberOfAttributes;
1903 CSSM_DB_ATTRIBUTE_DATA_PTR AttributeData;
1904 } CSSM_DB_RECORD_ATTRIBUTE_DATA, *CSSM_DB_RECORD_ATTRIBUTE_DATA_PTR;
1905
1906 typedef struct cssm_db_parsing_module_info {
1907 CSSM_DB_RECORDTYPE RecordType;
1908 CSSM_SUBSERVICE_UID ModuleSubserviceUid;
1909 } CSSM_DB_PARSING_MODULE_INFO, *CSSM_DB_PARSING_MODULE_INFO_PTR;
1910
1911 typedef uint32 CSSM_DB_INDEX_TYPE;
1912 enum {
1913 CSSM_DB_INDEX_UNIQUE = 0,
1914 CSSM_DB_INDEX_NONUNIQUE = 1
1915 };
1916
1917 typedef uint32 CSSM_DB_INDEXED_DATA_LOCATION;
1918 enum {
1919 CSSM_DB_INDEX_ON_UNKNOWN = 0,
1920 CSSM_DB_INDEX_ON_ATTRIBUTE = 1,
1921 CSSM_DB_INDEX_ON_RECORD = 2
1922 };
1923
1924 typedef struct cssm_db_index_info {
1925 CSSM_DB_INDEX_TYPE IndexType;
1926 CSSM_DB_INDEXED_DATA_LOCATION IndexedDataLocation;
1927 CSSM_DB_ATTRIBUTE_INFO Info;
1928 } CSSM_DB_INDEX_INFO, *CSSM_DB_INDEX_INFO_PTR;
1929
1930 typedef struct cssm_db_unique_record {
1931 CSSM_DB_INDEX_INFO RecordLocator;
1932 CSSM_DATA RecordIdentifier;
1933 } CSSM_DB_UNIQUE_RECORD, *CSSM_DB_UNIQUE_RECORD_PTR;
1934
1935 typedef struct cssm_db_record_index_info {
1936 CSSM_DB_RECORDTYPE DataRecordType;
1937 uint32 NumberOfIndexes;
1938 CSSM_DB_INDEX_INFO_PTR IndexInfo;
1939 } CSSM_DB_RECORD_INDEX_INFO, *CSSM_DB_RECORD_INDEX_INFO_PTR;
1940
1941 typedef uint32 CSSM_DB_ACCESS_TYPE, *CSSM_DB_ACCESS_TYPE_PTR;
1942 enum {
1943 CSSM_DB_ACCESS_READ = 0x00001,
1944 CSSM_DB_ACCESS_WRITE = 0x00002,
1945 CSSM_DB_ACCESS_PRIVILEGED = 0x00004 /* versus user mode */
1946 };
1947
1948 typedef uint32 CSSM_DB_MODIFY_MODE;
1949 enum {
1950 CSSM_DB_MODIFY_ATTRIBUTE_NONE = 0,
1951 CSSM_DB_MODIFY_ATTRIBUTE_ADD = CSSM_DB_MODIFY_ATTRIBUTE_NONE + 1,
1952 CSSM_DB_MODIFY_ATTRIBUTE_DELETE = CSSM_DB_MODIFY_ATTRIBUTE_NONE + 2,
1953 CSSM_DB_MODIFY_ATTRIBUTE_REPLACE = CSSM_DB_MODIFY_ATTRIBUTE_NONE + 3
1954 };
1955
1956 typedef struct cssm_dbinfo {
1957 /* meta information about each record type stored in this
1958 data store including meta information about record
1959 attributes and indexes */
1960 uint32 NumberOfRecordTypes;
1961 CSSM_DB_PARSING_MODULE_INFO_PTR DefaultParsingModules;
1962 CSSM_DB_RECORD_ATTRIBUTE_INFO_PTR RecordAttributeNames;
1963 CSSM_DB_RECORD_INDEX_INFO_PTR RecordIndexes;
1964 /* access restrictions for opening this data store */
1965 CSSM_BOOL IsLocal;
1966 char *AccessPath; /* URL, dir path, etc. */
1967 void *Reserved;
1968 } CSSM_DBINFO, *CSSM_DBINFO_PTR;
1969
1970 typedef uint32 CSSM_DB_OPERATOR, *CSSM_DB_OPERATOR_PTR;
1971 enum {
1972 CSSM_DB_EQUAL = 0,
1973 CSSM_DB_NOT_EQUAL = 1,
1974 CSSM_DB_LESS_THAN = 2,
1975 CSSM_DB_GREATER_THAN = 3,
1976 CSSM_DB_CONTAINS = 4,
1977 CSSM_DB_CONTAINS_INITIAL_SUBSTRING = 5,
1978 CSSM_DB_CONTAINS_FINAL_SUBSTRING = 6
1979 };
1980
1981 typedef uint32 CSSM_DB_CONJUNCTIVE, *CSSM_DB_CONJUNCTIVE_PTR;
1982 enum {
1983 CSSM_DB_NONE = 0,
1984 CSSM_DB_AND = 1,
1985 CSSM_DB_OR = 2
1986 };
1987
1988 typedef struct cssm_selection_predicate {
1989 CSSM_DB_OPERATOR DbOperator;
1990 CSSM_DB_ATTRIBUTE_DATA Attribute;
1991 } CSSM_SELECTION_PREDICATE, *CSSM_SELECTION_PREDICATE_PTR;
1992
1993 enum {
1994 CSSM_QUERY_TIMELIMIT_NONE = 0
1995 };
1996
1997 enum {
1998 CSSM_QUERY_SIZELIMIT_NONE = 0
1999 };
2000
2001 typedef struct cssm_query_limits {
2002 uint32 TimeLimit; /* in seconds */
2003 uint32 SizeLimit; /* max. number of records to return */
2004 } CSSM_QUERY_LIMITS, *CSSM_QUERY_LIMITS_PTR;
2005
2006 typedef uint32 CSSM_QUERY_FLAGS;
2007 enum {
2008 CSSM_QUERY_RETURN_DATA = 0x01
2009 };
2010
2011 typedef struct cssm_query {
2012 CSSM_DB_RECORDTYPE RecordType;
2013 CSSM_DB_CONJUNCTIVE Conjunctive;
2014 uint32 NumSelectionPredicates;
2015 CSSM_SELECTION_PREDICATE_PTR SelectionPredicate;
2016 CSSM_QUERY_LIMITS QueryLimits;
2017 CSSM_QUERY_FLAGS QueryFlags;
2018 } CSSM_QUERY, *CSSM_QUERY_PTR;
2019
2020 typedef uint32 CSSM_DLTYPE, *CSSM_DLTYPE_PTR;
2021 enum {
2022 CSSM_DL_UNKNOWN = 0,
2023 CSSM_DL_CUSTOM = 1,
2024 CSSM_DL_LDAP = 2,
2025 CSSM_DL_ODBC = 3,
2026 CSSM_DL_PKCS11 = 4,
2027 CSSM_DL_FFS = 5, /* flat file system */
2028 CSSM_DL_MEMORY = 6,
2029 CSSM_DL_REMOTEDIR = 7
2030 };
2031
2032 typedef void *CSSM_DL_CUSTOM_ATTRIBUTES;
2033 typedef void *CSSM_DL_LDAP_ATTRIBUTES;
2034 typedef void *CSSM_DL_ODBC_ATTRIBUTES;
2035 typedef void *CSSM_DL_FFS_ATTRIBUTES;
2036
2037 typedef struct cssm_dl_pkcs11_attributes {
2038 uint32 DeviceAccessFlags;
2039 } *CSSM_DL_PKCS11_ATTRIBUTE, *CSSM_DL_PKCS11_ATTRIBUTE_PTR;
2040
2041 enum {
2042 CSSM_DB_DATASTORES_UNKNOWN = 0xFFFFFFFF
2043 };
2044
2045 typedef struct cssm_name_list {
2046 uint32 NumStrings;
2047 char **String;
2048 } CSSM_NAME_LIST, *CSSM_NAME_LIST_PTR;
2049
2050 typedef uint32 CSSM_DB_RETRIEVAL_MODES;
2051 enum {
2052 CSSM_DB_TRANSACTIONAL_MODE = 0,
2053 CSSM_DB_FILESYSTEMSCAN_MODE = 1
2054 };
2055
2056 typedef struct cssm_db_schema_attribute_info {
2057 uint32 AttributeId;
2058 char *AttributeName;
2059 CSSM_OID AttributeNameID;
2060 CSSM_DB_ATTRIBUTE_FORMAT DataType;
2061 } CSSM_DB_SCHEMA_ATTRIBUTE_INFO, *CSSM_DB_SCHEMA_ATTRIBUTE_INFO_PTR;
2062
2063 typedef struct cssm_db_schema_index_info {
2064 uint32 AttributeId;
2065 uint32 IndexId;
2066 CSSM_DB_INDEX_TYPE IndexType;
2067 CSSM_DB_INDEXED_DATA_LOCATION IndexedDataLocation;
2068 } CSSM_DB_SCHEMA_INDEX_INFO, *CSSM_DB_SCHEMA_INDEX_INFO_PTR;
2069
2070 #ifdef __cplusplus
2071 }
2072 #endif
2073
2074 #endif /* _CSSMTYPE_H_ */
mirror of Security