OSX/macos_tapi_hacks.h

   1 /*
   2  * Copyright (c) 2017 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23 #ifndef macos_tapi_hack_h
  24 #define macos_tapi_hack_h
  25
  26 // This file is to work around TAPI's insistence that every exported symbol is in a header file.
  27 // The Security project just simply rejects such ideas, so this is the pressure valve:
  28 //
  29 // One-offs in header files that shouldn't be exported in the real-live macOS Security framework
  30 // can be added here, and TAPI will accept them.
  31 //
  32 // Please don't add anything here.
  33
  34 #ifndef SECURITY_PROJECT_TAPI_HACKS
  35 #error This header is not for inclusion; it's a nasty hack to get the macOS Security framework to build with TAPI.
  36 #endif
  37
  38 #include <sqlite3.h>
  39 #include <xpc/xpc.h>
  40
  41 #pragma clang diagnostic push
  42 #pragma clang diagnostic ignored "-Wvisibility"
  43
  44 CFDataRef SecDistinguishedNameCopyNormalizedContent(CFDataRef distinguished_name);
  45 SecKeyRef SecCertificateCopyPublicKey_ios(SecCertificateRef certificate);
  46 CFDataRef _SecItemCreatePersistentRef(CFTypeRef iclass, sqlite_int64 rowid, CFDictionaryRef attributes);
  47 CFDictionaryRef SecTokenItemValueCopy(CFDataRef db_value, CFErrorRef *error);
  48 CFArrayRef SecTrustCopyProperties_ios(SecTrustRef trust);
  49 CFArrayRef SecItemCopyParentCertificates_ios(CFDataRef normalizedIssuer, CFArrayRef accessGroups, CFErrorRef *error);
  50 bool SecItemCertificateExists(CFDataRef normalizedIssuer, CFDataRef serialNumber, CFArrayRef accessGroups, CFErrorRef *error);
  51 bool _SecItemParsePersistentRef(CFDataRef persistent_ref, CFStringRef *return_class,
  52                                 sqlite_int64 *return_rowid, CFDictionaryRef *return_token_attrs);
  53
  54 // iOS-only SecKey functions
  55 size_t SecKeyGetSize(SecKeyRef key, int whichSize);
  56 CFDataRef SecKeyCopyPublicKeyHash(SecKeyRef key);
  57
  58 // SecItemPriv.h
  59 extern const CFStringRef kSecUseSystemKeychain;
  60
  61 // securityd_client.h
  62
  63 typedef struct SecurityClient {
  64 } SecurityClient;
  65
  66 extern struct securityd *gSecurityd;
  67 extern struct trustd *gTrustd;
  68 extern SecurityClient * SecSecurityClientGet(void);
  69 bool securityd_send_sync_and_do(enum SecXPCOperation op, CFErrorRef *error,
  70                                 bool (^add_to_message)(xpc_object_t message, CFErrorRef* error),
  71                                 bool (^handle_response)(xpc_object_t response, CFErrorRef* error));
  72 typedef void (^securityd_handler_t)(xpc_object_t reply, CFErrorRef error);
  73 void securityd_send_async_and_do(enum SecXPCOperation op, dispatch_queue_t replyq,
  74                                                                  bool (^add_to_message)(xpc_object_t message, CFErrorRef* error),
  75                                                                  securityd_handler_t handler);
  76 XPC_RETURNS_RETAINED xpc_object_t securityd_message_with_reply_sync(xpc_object_t message, CFErrorRef *error);
  77 XPC_RETURNS_RETAINED xpc_object_t securityd_create_message(enum SecXPCOperation op, CFErrorRef *error);
  78 bool securityd_message_no_error(xpc_object_t message, CFErrorRef *error);
  79
  80 @interface SecuritydXPCClient : NSObject
  81 @end
  82
  83 void SecAccessGroupsSetCurrent(CFArrayRef accessGroups);
  84 CFArrayRef SecAccessGroupsGetCurrent(void);
  85
  86 // checkpw.c
  87 int checkpw_internal( const struct passwd* pw, const char* password );
  88
  89 // SecFramework.h
  90 CFDataRef SecDigestCreate(CFAllocatorRef allocator,
  91                           const SecAsn1Oid *algorithm, const SecAsn1Item *params,
  92                           const UInt8 *data, CFIndex length);
  93 CFDataRef SecSHA256DigestCreateFromData(CFAllocatorRef allocator, CFDataRef data);
  94 CFStringRef SecFrameworkCopyLocalizedString(CFStringRef key,
  95                                             CFStringRef tableName);
  96
  97 #pragma clang diagnostic pop
  98
  99 #endif /* macos_tapi_hack_h */