]> git.saurik.com Git - apple/security.git/blob - OSX/sec/Security/SecKeyPriv.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57740.20.22.tar.gz
[apple/security.git] / OSX / sec / Security / SecKeyPriv.h
1 /*
2 * Copyright (c) 2006-2010,2012-2015 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*!
25 @header SecKeyPriv
26 The functions provided in SecKeyPriv.h implement and manage a particular
27 type of keychain item that represents a key. A key can be stored in a
28 keychain, but a key can also be a transient object.
29
30 You can use a key as a keychain item in most functions.
31 */
32
33 #ifndef _SECURITY_SECKEYPRIV_H_
34 #define _SECURITY_SECKEYPRIV_H_
35
36 #include <Security/SecKey.h>
37 #include <Security/SecAsn1Types.h>
38 #include <CoreFoundation/CFRuntime.h>
39 #include <CoreFoundation/CoreFoundation.h>
40 #include <CoreFoundation/CFDictionary.h>
41
42 __BEGIN_DECLS
43
44 typedef struct __SecDERKey {
45 uint8_t *oid;
46 CFIndex oidLength;
47
48 uint8_t *parameters;
49 CFIndex parametersLength;
50
51 /* Contents of BIT STRING in DER Encoding */
52 uint8_t *key;
53 CFIndex keyLength;
54 } SecDERKey;
55
56
57 typedef uint32_t SecKeyEncoding;
58 enum {
59 /* Typically only used for symmetric keys. */
60 kSecKeyEncodingRaw = 0,
61
62 /* RSA keys are DER-encoded according to PKCS1. */
63 kSecKeyEncodingPkcs1 = 1,
64
65 /* RSA keys are DER-encoded according to PKCS1 with Apple Extensions. */
66 kSecKeyEncodingApplePkcs1 = 2,
67
68 /* RSA public key in SecRSAPublicKeyParams format. keyData is a pointer
69 to a SecRSAPublicKeyParams and keyDataLength is
70 sizeof(SecRSAPublicKeyParams). */
71 kSecKeyEncodingRSAPublicParams = 3,
72
73 /* RSA public key in SecRSAPublicKeyParams format. keyData is a pointer
74 to a SecRSAPublicKeyParams and keyDataLength is
75 sizeof(SecRSAPublicKeyParams). */
76 kSecDERKeyEncoding = 4,
77
78 /* Internal "encodings to send other data" */
79 kSecGenerateKey = 5,
80 kSecExtractPublicFromPrivate = 6,
81
82 /* Encoding came from SecKeyCopyPublicBytes for a public key,
83 or internally from a private key */
84 kSecKeyEncodingBytes = 7,
85
86 /* Handing in a private key from corecrypto directly. */
87 kSecKeyCoreCrypto = 8,
88
89 };
90
91 typedef uint32_t SecKeyWrapType;
92 enum {
93 /* wrap key in RFC3394 (AESWrap) */
94 kSecKeyWrapRFC3394 = 0,
95
96 /* wrap key in PGP style (support EC keys only right now) */
97 kSecKeyWrapPublicKeyPGP = 1,
98
99 };
100
101 typedef CF_ENUM(CFIndex, SecKeyOperationMode) {
102 kSecKeyOperationModePerform = 0,
103 kSecKeyOperationModeCheckIfSupported = 1,
104 };
105
106 typedef OSStatus (*SecKeyInitMethod)(SecKeyRef, const uint8_t *, CFIndex,
107 SecKeyEncoding);
108 typedef void (*SecKeyDestroyMethod)(SecKeyRef);
109 typedef OSStatus (*SecKeyRawSignMethod)(SecKeyRef key, SecPadding padding,
110 const uint8_t *dataToSign, size_t dataToSignLen,
111 uint8_t *sig, size_t *sigLen);
112 typedef OSStatus (*SecKeyRawVerifyMethod)(
113 SecKeyRef key, SecPadding padding, const uint8_t *signedData,
114 size_t signedDataLen, const uint8_t *sig, size_t sigLen);
115 typedef OSStatus (*SecKeyEncryptMethod)(SecKeyRef key, SecPadding padding,
116 const uint8_t *plainText, size_t plainTextLen,
117 uint8_t *cipherText, size_t *cipherTextLen);
118 typedef OSStatus (*SecKeyDecryptMethod)(SecKeyRef key, SecPadding padding,
119 const uint8_t *cipherText, size_t cipherTextLen,
120 uint8_t *plainText, size_t *plainTextLen);
121 typedef OSStatus (*SecKeyComputeMethod)(SecKeyRef key,
122 const uint8_t *pub_key, size_t pub_key_len,
123 uint8_t *computed_key, size_t *computed_key_len);
124 typedef size_t (*SecKeyBlockSizeMethod)(SecKeyRef key);
125 typedef CFDictionaryRef (*SecKeyCopyDictionaryMethod)(SecKeyRef key);
126 typedef CFIndex (*SecKeyGetAlgorithmIDMethod)(SecKeyRef key);
127 typedef OSStatus (*SecKeyCopyPublicBytesMethod)(SecKeyRef key, CFDataRef *serialization);
128 typedef CFDataRef (*SecKeyCopyWrapKeyMethod)(SecKeyRef key, SecKeyWrapType type, CFDataRef unwrappedKey, CFDictionaryRef parameters, CFDictionaryRef *outParam, CFErrorRef *error);
129 typedef CFDataRef (*SecKeyCopyUnwrapKeyMethod)(SecKeyRef key, SecKeyWrapType type, CFDataRef wrappedKey, CFDictionaryRef parameters, CFDictionaryRef *outParam, CFErrorRef *error);
130 typedef CFStringRef (*SecKeyDescribeMethod)(SecKeyRef key);
131
132 typedef CFDataRef (*SecKeyCopyExternalRepresentationMethod)(SecKeyRef key, CFErrorRef *error);
133 typedef SecKeyRef (*SecKeyCopyPublicKeyMethod)(SecKeyRef key);
134 typedef Boolean (*SecKeyIsEqualMethod)(SecKeyRef key1, SecKeyRef key2);
135 typedef SecKeyRef (*SecKeyCreateDuplicateMethod)(SecKeyRef key);
136
137 /*!
138 @abstract Performs cryptographic operation with the key.
139 @param key Key to perform the operation on.
140 @param operation Type of operation to be performed.
141 @param algorithm Algorithm identifier for the operation. Determines format of input and output data.
142 @param allAlgorithms Array of algorithms which were traversed until we got to this operation. The last member of this array is always the same as @c algorithm parameter.
143 @param mode Mode in which the operation is performed. Two available modes are checking only if the operation can be performed or actually performing the operation.
144 @param in1 First input parameter for the operation, meaningful only in ModePerform.
145 @param in2 Second input parameter for the operation, meaningful only in ModePerform.
146 @param error Error details when NULL is returned.
147 @return NULL if some failure occured. kCFNull if operation/algorithm/key combination is not supported, otherwise the result of the operation or kCFBooleanTrue in ModeCheckIfSupported.
148 */
149 typedef CFTypeRef(*SecKeyCopyOperationResultMethod)(SecKeyRef key, SecKeyOperationType operation, SecKeyAlgorithm algorithm, CFArrayRef allAlgorithms, SecKeyOperationMode mode, CFTypeRef in1, CFTypeRef in2, CFErrorRef *error);
150
151 #define kSecKeyDescriptorVersion (4)
152
153 typedef struct __SecKeyDescriptor {
154 /* Version of this SecKeyDescriptor. Must be kSecKeyDescriptorVersion. */
155 uint32_t version;
156
157 /* Name of this key class for use by SecKeyShow(). */
158 const char *name;
159
160 /* If nonzero, SecKeyCreate will allocate this many bytes for the key
161 field in the SecKeyRef it creates. If zero key is NULL and the
162 implementor can choose to dynamically allocate it in the init
163 function and free it in the destroy function. */
164 uint32_t extraBytes;
165
166 /* Called by SecKeyCreate(). */
167 SecKeyInitMethod init;
168 /* Called by destructor (final CFRelease() or gc if using). */
169 SecKeyDestroyMethod destroy;
170 /* Called by SecKeyRawSign(). */
171 SecKeyRawSignMethod rawSign;
172 /* Called by SecKeyRawVerify(). */
173 SecKeyRawVerifyMethod rawVerify;
174 /* Called by SecKeyEncrypt(). */
175 SecKeyEncryptMethod encrypt;
176 /* Called by SecKeyDecrypt(). */
177 SecKeyDecryptMethod decrypt;
178 /* Reserved for future use. */
179 SecKeyComputeMethod compute;
180 /* Called by SecKeyGetBlockSize(). */
181 SecKeyBlockSizeMethod blockSize;
182 /* Called by SecKeyCopyAttributeDictionary(), which is private. */
183 SecKeyCopyDictionaryMethod copyDictionary;
184 /* Called by SecKeyDescribeMethod(). */
185 SecKeyDescribeMethod describe;
186 #if kSecKeyDescriptorVersion > 0
187 /* Called by SecKeyCopyAttributeDictionary(), which is private. */
188 SecKeyGetAlgorithmIDMethod getAlgorithmID;
189 #endif
190 #if kSecKeyDescriptorVersion > 1
191 SecKeyCopyPublicBytesMethod copyPublic;
192 #endif
193 #if kSecKeyDescriptorVersion > 2
194 SecKeyCopyWrapKeyMethod copyWrapKey;
195 SecKeyCopyUnwrapKeyMethod copyUnwrapKey;
196 #endif
197 #if kSecKeyDescriptorVersion > 3
198 SecKeyCopyExternalRepresentationMethod copyExternalRepresentation;
199 SecKeyCopyPublicKeyMethod copyPublicKey;
200 SecKeyCopyOperationResultMethod copyOperationResult;
201 SecKeyIsEqualMethod isEqual;
202 SecKeyCreateDuplicateMethod createDuplicate;
203 #endif
204 } SecKeyDescriptor;
205
206 struct __SecKey {
207 CFRuntimeBase _base;
208
209 const SecKeyDescriptor *key_class;
210
211 #if !TARGET_OS_IPHONE
212 // On OSX, keep optional SecKeyRef which holds dynamically, on-demand created CSSM-based key with the same
213 // key material. It is used to implement SecKeyGetCSSMKey().
214 SecKeyRef cdsaKey;
215 #endif
216
217 /* The actual key handled by class. */
218 void *key;
219 };
220
221 /*!
222 @function SecKeyCreate
223 @abstract Given a private key and data to sign, generate a digital signature.
224 @param allocator allocator to use when allocating this key instance.
225 @param key_class pointer to a SecKeyDescriptor.
226 @param keyData The second argument to the init() function in the key_class.
227 @param keyDataLength The third argument to the init() function in the key_class.
228 @param encoding The fourth argument to the init() function in the key_class.
229 @result A newly allocated SecKeyRef.
230 */
231 SecKeyRef SecKeyCreate(CFAllocatorRef allocator,
232 const SecKeyDescriptor *key_class, const uint8_t *keyData,
233 CFIndex keyDataLength, SecKeyEncoding encoding);
234
235 /* Create a public key from an oid, params and keyData all in DER format. */
236 SecKeyRef SecKeyCreatePublicFromDER(CFAllocatorRef allocator,
237 const SecAsn1Oid *oid1, const SecAsn1Item *params,
238 const SecAsn1Item *keyData);
239
240 /* Create a public key from a CFData containing a SubjectPublicKeyInfo in DER format. */
241 SecKeyRef SecKeyCreateFromSubjectPublicKeyInfoData(CFAllocatorRef allocator,
242 CFDataRef subjectPublicKeyInfoData);
243
244 /* Create public key from private key */
245 SecKeyRef SecKeyCreatePublicFromPrivate(SecKeyRef privateKey);
246
247 /* Get Private Key (if present) by publicKey. */
248 SecKeyRef SecKeyCopyMatchingPrivateKey(SecKeyRef publicKey, CFErrorRef *error);
249 OSStatus SecKeyGetMatchingPrivateKeyStatus(SecKeyRef publicKey, CFErrorRef *error);
250
251 CFDataRef SecKeyCreatePersistentRefToMatchingPrivateKey(SecKeyRef publicKey, CFErrorRef *error);
252
253 /* Return an attribute dictionary used to find a private key by public key hash */
254 CFDictionaryRef CreatePrivateKeyMatchingQuery(SecKeyRef publicKey, bool returnPersistentRef);
255
256 /* Return an attribute dictionary used to store this item in a keychain. */
257 CFDictionaryRef SecKeyCopyAttributeDictionary(SecKeyRef key);
258
259 /* Return a key from an attribute dictionary that was used to store this item
260 in a keychain. */
261 SecKeyRef SecKeyCreateFromAttributeDictionary(CFDictionaryRef refAttributes);
262
263 OSStatus SecKeyDigestAndVerify(
264 SecKeyRef key, /* Public key */
265 const SecAsn1AlgId *algId, /* algorithm oid/params */
266 const uint8_t *dataToDigest, /* signature over this data */
267 size_t dataToDigestLen,/* length of dataToDigest */
268 const uint8_t *sig, /* signature to verify */
269 size_t sigLen); /* length of sig */
270
271 OSStatus SecKeyDigestAndSign(
272 SecKeyRef key, /* Private key */
273 const SecAsn1AlgId *algId, /* algorithm oid/params */
274 const uint8_t *dataToDigest, /* signature over this data */
275 size_t dataToDigestLen,/* length of dataToDigest */
276 uint8_t *sig, /* signature, RETURNED */
277 size_t *sigLen); /* IN/OUT */
278
279 OSStatus SecKeyVerifyDigest(
280 SecKeyRef key, /* Private key */
281 const SecAsn1AlgId *algId, /* algorithm oid/params */
282 const uint8_t *digestData, /* signature over this digest */
283 size_t digestDataLen,/* length of dataToDigest */
284 const uint8_t *sig, /* signature to verify */
285 size_t sigLen); /* length of sig */
286
287 OSStatus SecKeySignDigest(
288 SecKeyRef key, /* Private key */
289 const SecAsn1AlgId *algId, /* algorithm oid/params */
290 const uint8_t *digestData, /* signature over this digest */
291 size_t digestDataLen,/* length of digestData */
292 uint8_t *sig, /* signature, RETURNED */
293 size_t *sigLen); /* IN/OUT */
294
295 OSStatus SecKeyCopyPublicBytes(SecKeyRef key, CFDataRef* serializedPublic);
296 SecKeyRef SecKeyCreateFromPublicBytes(CFAllocatorRef allocator, CFIndex algorithmID, const uint8_t *keyData, CFIndex keyDataLength);
297 SecKeyRef SecKeyCreateFromPublicData(CFAllocatorRef allocator, CFIndex algorithmID, CFDataRef serialized);
298 CFDataRef SecKeyCopyPublicKeyHash(SecKeyRef key);
299
300 /* This function directly creates an iOS-format SecKeyRef from public key bytes. */
301 SecKeyRef SecKeyCreateRSAPublicKey_ios(CFAllocatorRef allocator,
302 const uint8_t *keyData, CFIndex keyDataLength,
303 SecKeyEncoding encoding);
304
305
306 CF_RETURNS_RETAINED
307 CFDictionaryRef SecKeyGeneratePrivateAttributeDictionary(SecKeyRef key,
308 CFTypeRef keyType,
309 CFDataRef privateBlob);
310 CF_RETURNS_RETAINED
311 CFDictionaryRef SecKeyGeneratePublicAttributeDictionary(SecKeyRef key, CFTypeRef keyType);
312
313 enum {
314 kSecNullAlgorithmID = 0,
315 kSecRSAAlgorithmID = 1,
316 kSecDSAAlgorithmID = 2, /* unsupported, just here for reference. */
317 kSecECDSAAlgorithmID = 3,
318 };
319
320 /*!
321 @function SecKeyGetAlgorithmID
322 @abstract Returns an enumerated constant value which identifies the algorithm for the given key.
323 @param key A key reference.
324 @result An algorithm identifier.
325 @discussion Deprecated in iOS 9.0. Note that SecKeyGetAlgorithmID also exists on OS X
326 with different arguments for CDSA-based SecKeyRefs, and returns different values.
327 For compatibility, your code should migrate to use SecKeyGetAlgorithmId instead.
328 */
329 CFIndex SecKeyGetAlgorithmID(SecKeyRef key)
330 __OSX_AVAILABLE_BUT_DEPRECATED(__MAC_10_2, __MAC_10_8, __IPHONE_5_0, __IPHONE_9_0);
331
332 /*!
333 @function SecKeyGetAlgorithmId
334 @abstract Returns an enumerated constant value which identifies the algorithm for the given key.
335 @param key A key reference.
336 @result An algorithm identifier.
337 */
338 CFIndex SecKeyGetAlgorithmId(SecKeyRef key)
339 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_9_0);
340
341
342 typedef enum {
343 kSecKeyKeySizeInBits = 0,
344 kSecKeySignatureSize = 1,
345 kSecKeyEncryptedDataSize = 2,
346 // More might belong here, but we aren't settled on how
347 // to take into account padding and/or digest types.
348 } SecKeySize;
349
350 /*!
351 @function SecKeyGetSize
352 @abstract Returns a size in bytes.
353 @param key The key for which the block length is requested.
354 @param whichSize The size that you want evaluated.
355 @result The block length of the key in bytes.
356 @discussion If for example key is an RSA key the value returned by
357 this function is the size of the modulus.
358 */
359 size_t SecKeyGetSize(SecKeyRef key, SecKeySize whichSize)
360 __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
361
362
363 /*!
364 @function SecKeyLookupPersistentRef
365 @abstract Looks up a SecKeyRef via persistent ref.
366 @param persistentRef The persistent ref data for looking up.
367 @param lookedUpData retained SecKeyRef for the found object.
368 @result Errors when using SecItemFind for the persistent ref.
369 */
370 OSStatus SecKeyFindWithPersistentRef(CFDataRef persistentRef, SecKeyRef* lookedUpData)
371 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
372
373 /*!
374 @function SecKeyCopyPersistentRef
375 @abstract Gets a persistent reference for a key.
376 @param key Key to make a persistent ref for.
377 @param persistentRef Allocated data representing the persistent ref.
378 @result Errors when using SecItemFind for the persistent ref.
379 */
380 OSStatus SecKeyCopyPersistentRef(SecKeyRef key, CFDataRef* persistentRef)
381 __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
382
383
384 /*
385 *
386 */
387
388 extern const CFStringRef _kSecKeyWrapPGPSymAlg; /* CFNumber */
389 extern const CFStringRef _kSecKeyWrapPGPFingerprint; /* CFDataRef, at least 20 bytes */
390 extern const CFStringRef _kSecKeyWrapPGPWrapAlg; /* kSecKeyWrapRFC6637WrapNNN, or any of the other PGP wrap algs */
391 extern const CFStringRef _kSecKeyWrapRFC6637Flags;
392 extern const CFStringRef _kSecKeyWrapRFC6637WrapDigestSHA256KekAES128;
393 extern const CFStringRef _kSecKeyWrapRFC6637WrapDigestSHA512KekAES256;
394
395 enum { kSecKeyWrapPGPFingerprintMinSize = 20 };
396 /*!
397 @function _SecKeyCopyWrapKey
398 @abstract Wrap a key
399 */
400
401 CFDataRef
402 _SecKeyCopyWrapKey(SecKeyRef key, SecKeyWrapType type, CFDataRef unwrappedKey, CFDictionaryRef parameters, CFDictionaryRef *outParam, CFErrorRef *error)
403 __OSX_AVAILABLE_STARTING(__MAC_10_10, __IPHONE_8_0);
404
405 /*!
406 @function _SecKeyWrapKey
407 @abstract Unwrap a key
408 */
409
410 CFDataRef
411 _SecKeyCopyUnwrapKey(SecKeyRef key, SecKeyWrapType type, CFDataRef wrappedKey, CFDictionaryRef parameters, CFDictionaryRef *outParam, CFErrorRef *error)
412 __OSX_AVAILABLE_STARTING(__MAC_10_10, __IPHONE_8_0);
413
414 /*!
415 @enum SecKeyAttestationKeyType
416 @abstract Defines types of builtin attestation keys.
417 */
418 typedef CF_ENUM(uint32_t, SecKeyAttestationKeyType)
419 {
420 kSecKeyAttestationKeyTypeSIK = 0,
421 kSecKeyAttestationKeyTypeGID
422 } __OSX_AVAILABLE(10.12) __IOS_AVAILABLE(10.0) __TVOS_AVAILABLE(10.0) __WATCHOS_AVAILABLE(3.0);
423
424 /*!
425 @function SecKeyCopyAttestationKey
426 @abstract Returns a copy of a builtin attestation key.
427
428 @param keyType Type of the requested builtin key.
429 @param error An optional pointer to a CFErrorRef. This value is set if an error occurred.
430
431 @result On success a SecKeyRef containing the requested key is returned, on failure it returns NULL.
432 */
433 SecKeyRef SecKeyCopyAttestationKey(SecKeyAttestationKeyType keyType, CFErrorRef *error)
434 __OSX_AVAILABLE(10.12) __IOS_AVAILABLE(10.0) __TVOS_AVAILABLE(10.0) __WATCHOS_AVAILABLE(3.0);
435
436 /*!
437 @function SecKeyCreateAttestation
438 @abstract Attests a key with another key.
439
440 @param key The attesting key.
441 @param keyToAttest The key which is to be attested.
442 @param error An optional pointer to a CFErrorRef. This value is set if an error occurred.
443
444 @result On success a CFDataRef containing the attestation data is returned, on failure it returns NULL.
445
446 @discussion Key attestation only works for CTK SEP keys, i.e. keys created with kSecAttrTokenID=kSecAttrTokenIDSecureEnclave.
447 */
448 CFDataRef SecKeyCreateAttestation(SecKeyRef key, SecKeyRef keyToAttest, CFErrorRef *error)
449 __OSX_AVAILABLE(10.12) __IOS_AVAILABLE(10.0) __TVOS_AVAILABLE(10.0) __WATCHOS_AVAILABLE(3.0);
450
451 /*!
452 @function SecKeySetParameter
453 @abstract Sets unspecified key parameter for the backend.
454
455 @param key Key to set the parameter to.
456 @param name Identifies parameter to be set.
457 @param value New value for the parameter.
458 @param error Error which gathers more information when something went wrong.
459
460 @discussion Serves as channel between SecKey client and backend for passing additional sideband data send from SecKey caller
461 to SecKey implementation backend (currently only CTK-based token backend is supported). Parameter names and types are
462 a contract between SecKey user (application) and backend and are not interpreted by SecKey layer in any way.
463 */
464 Boolean SecKeySetParameter(SecKeyRef key, CFStringRef name, CFPropertyListRef value, CFErrorRef *error)
465 __OSX_AVAILABLE(10.12) __IOS_AVAILABLE(10.0) __TVOS_AVAILABLE(10.0) __WATCHOS_AVAILABLE(3.0);
466
467 /*!
468 @function SecKeyCreateDuplicate
469 @abstract Creates duplicate fo the key.
470
471 @param key Source key to be duplicated
472
473 @discussion Only memory representation of the key is duplicated, so if the key is backed by keychain, only one instance
474 stays in the keychain. Duplicating key is useful for setting 'temporary' key parameters using SecKeySetParameter.
475 If the key is immutable (i.e. does not support SecKeySetParameter), calling this method is identical to calling CFRetain().
476 */
477 SecKeyRef SecKeyCreateDuplicate(SecKeyRef key)
478 __OSX_AVAILABLE(10.12) __IOS_AVAILABLE(10.0) __TVOS_AVAILABLE(10.0) __WATCHOS_AVAILABLE(3.0);
479
480 /*!
481 Algorithms for converting between bigendian and core-crypto ccunit data representation.
482 */
483 extern const SecKeyAlgorithm kSecKeyAlgorithmRSASignatureRawCCUnit;
484 extern const SecKeyAlgorithm kSecKeyAlgorithmRSAEncryptionRawCCUnit;
485
486 /*!
487 Internal algorithm for RSA-MD5. We do not want to export MD5 in new API, but we need it
488 for implementing legacy interfaces.
489 */
490 extern const SecKeyAlgorithm kSecKeyAlgorithmRSASignatureDigestPKCS1v15MD5;
491 extern const SecKeyAlgorithm kSecKeyAlgorithmRSASignatureMessagePKCS1v15MD5;
492
493 /*!
494 Algorithms for interoperability with libaks smartcard support.
495 */
496 extern const SecKeyAlgorithm kSecKeyAlgorithmECIESEncryptionAKSSmartCard;
497
498 __END_DECLS
499
500 #endif /* !_SECURITY_SECKEYPRIV_H_ */
mirror of Security