]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_cssm/lib/cssmtype.h
projects / apple / security.git / blob
? search:


57481d1ceb098bf671cb7da30fdac8c6767a514d
[apple/security.git] / OSX / libsecurity_cssm / lib / cssmtype.h
1 /*
2 * Copyright (c) 1999-2002,2004,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 *
23 * cssmtype.h -- Common Security Services Manager Common Data Types
24 */
25
26 #ifndef _CSSMTYPE_H_
27 #define _CSSMTYPE_H_ 1
28
29 #include <Security/cssmconfig.h>
30
31 /* ==========================================================================
32 W A R N I N G : CDSA has been deprecated starting with 10.7. While the
33 APIs will continue to work, developers should update their code to use
34 the APIs that are suggested and NOT use the CDSA APIs
35 ========================================================================== */
36
37 #ifdef __cplusplus
38 extern "C" {
39 #endif
40
41 #pragma clang diagnostic push
42 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
43
44 /* Handle types. */
45
46 typedef CSSM_INTPTR CSSM_HANDLE, *CSSM_HANDLE_PTR;
47
48 typedef uint64 CSSM_LONG_HANDLE, *CSSM_LONG_HANDLE_PTR;
49
50 typedef CSSM_HANDLE CSSM_MODULE_HANDLE, *CSSM_MODULE_HANDLE_PTR;
51
52 typedef CSSM_LONG_HANDLE CSSM_CC_HANDLE; /* Cryptographic Context Handle */
53
54 typedef CSSM_MODULE_HANDLE CSSM_CSP_HANDLE; /* Cryptographic Service Provider Handle */
55
56 typedef CSSM_MODULE_HANDLE CSSM_TP_HANDLE; /* Trust Policy Handle */
57
58 typedef CSSM_MODULE_HANDLE CSSM_AC_HANDLE; /* Authorization Computation Handle */
59
60 typedef CSSM_MODULE_HANDLE CSSM_CL_HANDLE; /* Certificate Library Handle */
61
62 typedef CSSM_MODULE_HANDLE CSSM_DL_HANDLE; /* Data Storage Library Handle */
63
64 typedef CSSM_MODULE_HANDLE CSSM_DB_HANDLE; /* Data Storage Database Handle */
65
66
67 /* invalid or NULL value for any CSSM_HANDLE type */
68 enum {
69 CSSM_INVALID_HANDLE = 0
70 };
71
72
73 /* Data Types for Core Services */
74
75 typedef sint32 CSSM_BOOL;
76 enum {
77 CSSM_FALSE = 0,
78 CSSM_TRUE = !CSSM_FALSE
79 };
80
81 /* The standard declares this as uint32 but we changed it to sint32 to match OSStatus. */
82 typedef sint32 CSSM_RETURN;
83 enum {
84 CSSM_OK = 0
85 };
86
87 enum {
88 CSSM_MODULE_STRING_SIZE = 64
89 };
90 typedef char CSSM_STRING [CSSM_MODULE_STRING_SIZE + 4];
91
92 typedef struct cssm_data {
93 CSSM_SIZE Length; /* in bytes */
94 uint8 *Data;
95 } CSSM_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
96
97 typedef struct cssm_guid {
98 uint32 Data1;
99 uint16 Data2;
100 uint16 Data3;
101 uint8 Data4[8];
102 } CSSM_GUID DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_GUID_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
103
104 typedef uint32 CSSM_BITMASK;
105 typedef CSSM_BITMASK CSSM_KEY_HIERARCHY;
106 enum {
107 CSSM_KEY_HIERARCHY_NONE = 0,
108 CSSM_KEY_HIERARCHY_INTEG = 1,
109 CSSM_KEY_HIERARCHY_EXPORT = 2
110 };
111
112 typedef CSSM_BITMASK CSSM_PVC_MODE;
113 enum {
114 CSSM_PVC_NONE = 0,
115 CSSM_PVC_APP = 1,
116 CSSM_PVC_SP = 2
117 };
118
119 typedef uint32 CSSM_PRIVILEGE_SCOPE;
120 enum {
121 CSSM_PRIVILEGE_SCOPE_NONE = 0,
122 CSSM_PRIVILEGE_SCOPE_PROCESS = 1,
123 CSSM_PRIVILEGE_SCOPE_THREAD = 2
124 };
125
126 typedef struct cssm_version {
127 uint32 Major;
128 uint32 Minor;
129 } CSSM_VERSION DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_VERSION_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
130
131 typedef uint32 CSSM_SERVICE_MASK;
132 enum {
133 CSSM_SERVICE_CSSM = 0x1,
134 CSSM_SERVICE_CSP = 0x2,
135 CSSM_SERVICE_DL = 0x4,
136 CSSM_SERVICE_CL = 0x8,
137 CSSM_SERVICE_TP = 0x10,
138 CSSM_SERVICE_AC = 0x20,
139 CSSM_SERVICE_KR = 0x40
140 };
141
142 typedef CSSM_SERVICE_MASK CSSM_SERVICE_TYPE;
143
144 typedef struct cssm_subservice_uid {
145 CSSM_GUID Guid;
146 CSSM_VERSION Version;
147 uint32 SubserviceId;
148 CSSM_SERVICE_TYPE SubserviceType;
149 } CSSM_SUBSERVICE_UID DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_SUBSERVICE_UID_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
150
151 typedef uint32 CSSM_MODULE_EVENT, *CSSM_MODULE_EVENT_PTR;
152 enum {
153 CSSM_NOTIFY_INSERT = 1,
154 CSSM_NOTIFY_REMOVE = 2,
155 CSSM_NOTIFY_FAULT = 3
156 };
157
158 typedef CSSM_RETURN (CSSMAPI *CSSM_API_ModuleEventHandler)
159 (const CSSM_GUID *ModuleGuid,
160 void* AppNotifyCallbackCtx,
161 uint32 SubserviceId,
162 CSSM_SERVICE_TYPE ServiceType,
163 CSSM_MODULE_EVENT EventType);
164
165 typedef uint32 CSSM_ATTACH_FLAGS;
166 enum {
167 CSSM_ATTACH_READ_ONLY = 0x00000001
168 };
169
170 /* Non-export privilege range: (0x00000000 - 0x7FFFFFFF) */
171 /* Vendor specific range: (0x80000000 - 0xFFFFFFFF) */
172 typedef uint64 CSSM_PRIVILEGE;
173 typedef CSSM_PRIVILEGE CSSM_USEE_TAG;
174 enum {
175 CSSM_USEE_LAST = 0xFF,
176 CSSM_USEE_NONE = 0,
177 CSSM_USEE_DOMESTIC = 1,
178 CSSM_USEE_FINANCIAL = 2,
179 CSSM_USEE_KRLE = 3,
180 CSSM_USEE_KRENT = 4,
181 CSSM_USEE_SSL = 5,
182 CSSM_USEE_AUTHENTICATION = 6,
183 CSSM_USEE_KEYEXCH = 7,
184 CSSM_USEE_MEDICAL = 8,
185 CSSM_USEE_INSURANCE = 9,
186 CSSM_USEE_WEAK = 10
187 };
188
189 typedef uint32 CSSM_NET_ADDRESS_TYPE;
190 enum {
191 CSSM_ADDR_NONE = 0,
192 CSSM_ADDR_CUSTOM = 1,
193 CSSM_ADDR_URL = 2, /* char* */
194 CSSM_ADDR_SOCKADDR = 3,
195 CSSM_ADDR_NAME = 4 /* char* - qualified by access method */
196 };
197
198 typedef struct cssm_net_address {
199 CSSM_NET_ADDRESS_TYPE AddressType;
200 CSSM_DATA Address;
201 } CSSM_NET_ADDRESS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_NET_ADDRESS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
202
203 typedef uint32 CSSM_NET_PROTOCOL;
204 enum {
205 CSSM_NET_PROTO_NONE = 0, /* local */
206 CSSM_NET_PROTO_CUSTOM = 1, /* proprietary implementation */
207 CSSM_NET_PROTO_UNSPECIFIED = 2, /* implementation default */
208 CSSM_NET_PROTO_LDAP = 3, /* light weight directory access protocol */
209 CSSM_NET_PROTO_LDAPS = 4, /* ldap/ssl where SSL initiates the connection */
210 CSSM_NET_PROTO_LDAPNS = 5, /* ldap where ldap negotiates an SSL session */
211 CSSM_NET_PROTO_X500DAP = 6, /* x.500 Directory access protocol */
212 CSSM_NET_PROTO_FTP = 7, /* ftp for cert/crl fetch */
213 CSSM_NET_PROTO_FTPS = 8, /* ftp/ssl/tls where SSL/TLS initiates the connection */
214 CSSM_NET_PROTO_OCSP = 9, /* online certificate status protocol */
215 CSSM_NET_PROTO_CMP = 10, /* the cert request protocol in PKIX3 */
216 CSSM_NET_PROTO_CMPS = 11 /* The ssl/tls derivative of CMP */
217 };
218
219 typedef CSSM_RETURN (CSSMAPI *CSSM_CALLBACK)
220 (CSSM_DATA_PTR OutData, void *CallerCtx);
221
222 typedef struct cssm_crypto_data {
223 CSSM_DATA Param;
224 CSSM_CALLBACK Callback;
225 void *CallerCtx;
226 } CSSM_CRYPTO_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CRYPTO_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
227
228 typedef sint32 CSSM_WORDID_TYPE;
229 enum {
230 CSSM_WORDID__UNK_ = -1, /* not in dictionary */
231 CSSM_WORDID__NLU_ = 0, /* not yet looked up */
232 CSSM_WORDID__STAR_ = 1,
233 CSSM_WORDID_A = 2,
234 CSSM_WORDID_ACL = 3,
235 CSSM_WORDID_ALPHA = 4,
236 CSSM_WORDID_B = 5,
237 CSSM_WORDID_BER = 6,
238 CSSM_WORDID_BINARY = 7,
239 CSSM_WORDID_BIOMETRIC = 8,
240 CSSM_WORDID_C = 9,
241 CSSM_WORDID_CANCELED = 10,
242 CSSM_WORDID_CERT = 11,
243 CSSM_WORDID_COMMENT = 12,
244 CSSM_WORDID_CRL = 13,
245 CSSM_WORDID_CUSTOM = 14,
246 CSSM_WORDID_D = 15,
247 CSSM_WORDID_DATE = 16,
248 CSSM_WORDID_DB_DELETE = 17,
249 CSSM_WORDID_DB_EXEC_STORED_QUERY = 18,
250 CSSM_WORDID_DB_INSERT = 19,
251 CSSM_WORDID_DB_MODIFY = 20,
252 CSSM_WORDID_DB_READ = 21,
253 CSSM_WORDID_DBS_CREATE = 22,
254 CSSM_WORDID_DBS_DELETE = 23,
255 CSSM_WORDID_DECRYPT = 24,
256 CSSM_WORDID_DELETE = 25,
257 CSSM_WORDID_DELTA_CRL = 26,
258 CSSM_WORDID_DER = 27,
259 CSSM_WORDID_DERIVE = 28,
260 CSSM_WORDID_DISPLAY = 29,
261 CSSM_WORDID_DO = 30,
262 CSSM_WORDID_DSA = 31,
263 CSSM_WORDID_DSA_SHA1 = 32,
264 CSSM_WORDID_E = 33,
265 CSSM_WORDID_ELGAMAL = 34,
266 CSSM_WORDID_ENCRYPT = 35,
267 CSSM_WORDID_ENTRY = 36,
268 CSSM_WORDID_EXPORT_CLEAR = 37,
269 CSSM_WORDID_EXPORT_WRAPPED = 38,
270 CSSM_WORDID_G = 39,
271 CSSM_WORDID_GE = 40,
272 CSSM_WORDID_GENKEY = 41,
273 CSSM_WORDID_HASH = 42,
274 CSSM_WORDID_HASHED_PASSWORD = 43,
275 CSSM_WORDID_HASHED_SUBJECT = 44,
276 CSSM_WORDID_HAVAL = 45,
277 CSSM_WORDID_IBCHASH = 46,
278 CSSM_WORDID_IMPORT_CLEAR = 47,
279 CSSM_WORDID_IMPORT_WRAPPED = 48,
280 CSSM_WORDID_INTEL = 49,
281 CSSM_WORDID_ISSUER = 50,
282 CSSM_WORDID_ISSUER_INFO = 51,
283 CSSM_WORDID_K_OF_N = 52,
284 CSSM_WORDID_KEA = 53,
285 CSSM_WORDID_KEYHOLDER = 54,
286 CSSM_WORDID_L = 55,
287 CSSM_WORDID_LE = 56,
288 CSSM_WORDID_LOGIN = 57,
289 CSSM_WORDID_LOGIN_NAME = 58,
290 CSSM_WORDID_MAC = 59,
291 CSSM_WORDID_MD2 = 60,
292 CSSM_WORDID_MD2WITHRSA = 61,
293 CSSM_WORDID_MD4 = 62,
294 CSSM_WORDID_MD5 = 63,
295 CSSM_WORDID_MD5WITHRSA = 64,
296 CSSM_WORDID_N = 65,
297 CSSM_WORDID_NAME = 66,
298 CSSM_WORDID_NDR = 67,
299 CSSM_WORDID_NHASH = 68,
300 CSSM_WORDID_NOT_AFTER = 69,
301 CSSM_WORDID_NOT_BEFORE = 70,
302 CSSM_WORDID_NULL = 71,
303 CSSM_WORDID_NUMERIC = 72,
304 CSSM_WORDID_OBJECT_HASH = 73,
305 CSSM_WORDID_ONE_TIME = 74,
306 CSSM_WORDID_ONLINE = 75,
307 CSSM_WORDID_OWNER = 76,
308 CSSM_WORDID_P = 77,
309 CSSM_WORDID_PAM_NAME = 78,
310 CSSM_WORDID_PASSWORD = 79,
311 CSSM_WORDID_PGP = 80,
312 CSSM_WORDID_PREFIX = 81,
313 CSSM_WORDID_PRIVATE_KEY = 82,
314 CSSM_WORDID_PROMPTED_BIOMETRIC = 83,
315 CSSM_WORDID_PROMPTED_PASSWORD = 84,
316 CSSM_WORDID_PROPAGATE = 85,
317 CSSM_WORDID_PROTECTED_BIOMETRIC = 86,
318 CSSM_WORDID_PROTECTED_PASSWORD = 87,
319 CSSM_WORDID_PROTECTED_PIN = 88,
320 CSSM_WORDID_PUBLIC_KEY = 89,
321 CSSM_WORDID_PUBLIC_KEY_FROM_CERT = 90,
322 CSSM_WORDID_Q = 91,
323 CSSM_WORDID_RANGE = 92,
324 CSSM_WORDID_REVAL = 93,
325 CSSM_WORDID_RIPEMAC = 94,
326 CSSM_WORDID_RIPEMD = 95,
327 CSSM_WORDID_RIPEMD160 = 96,
328 CSSM_WORDID_RSA = 97,
329 CSSM_WORDID_RSA_ISO9796 = 98,
330 CSSM_WORDID_RSA_PKCS = 99,
331 CSSM_WORDID_RSA_PKCS_MD5 = 100,
332 CSSM_WORDID_RSA_PKCS_SHA1 = 101,
333 CSSM_WORDID_RSA_PKCS1 = 102,
334 CSSM_WORDID_RSA_PKCS1_MD5 = 103,
335 CSSM_WORDID_RSA_PKCS1_SHA1 = 104,
336 CSSM_WORDID_RSA_PKCS1_SIG = 105,
337 CSSM_WORDID_RSA_RAW = 106,
338 CSSM_WORDID_SDSIV1 = 107,
339 CSSM_WORDID_SEQUENCE = 108,
340 CSSM_WORDID_SET = 109,
341 CSSM_WORDID_SEXPR = 110,
342 CSSM_WORDID_SHA1 = 111,
343 CSSM_WORDID_SHA1WITHDSA = 112,
344 CSSM_WORDID_SHA1WITHECDSA = 113,
345 CSSM_WORDID_SHA1WITHRSA = 114,
346 CSSM_WORDID_SIGN = 115,
347 CSSM_WORDID_SIGNATURE = 116,
348 CSSM_WORDID_SIGNED_NONCE = 117,
349 CSSM_WORDID_SIGNED_SECRET = 118,
350 CSSM_WORDID_SPKI = 119,
351 CSSM_WORDID_SUBJECT = 120,
352 CSSM_WORDID_SUBJECT_INFO = 121,
353 CSSM_WORDID_TAG = 122,
354 CSSM_WORDID_THRESHOLD = 123,
355 CSSM_WORDID_TIME = 124,
356 CSSM_WORDID_URI = 125,
357 CSSM_WORDID_VERSION = 126,
358 CSSM_WORDID_X509_ATTRIBUTE = 127,
359 CSSM_WORDID_X509V1 = 128,
360 CSSM_WORDID_X509V2 = 129,
361 CSSM_WORDID_X509V3 = 130,
362 CSSM_WORDID_X9_ATTRIBUTE = 131,
363 CSSM_WORDID_VENDOR_START = 0x00010000,
364 CSSM_WORDID_VENDOR_END = 0x7FFF0000
365 };
366
367 typedef uint32 CSSM_LIST_ELEMENT_TYPE, *CSSM_LIST_ELEMENT_TYPE_PTR;
368 enum {
369 CSSM_LIST_ELEMENT_DATUM = 0x00,
370 CSSM_LIST_ELEMENT_SUBLIST = 0x01,
371 CSSM_LIST_ELEMENT_WORDID = 0x02
372 };
373
374 typedef uint32 CSSM_LIST_TYPE, *CSSM_LIST_TYPE_PTR;
375 enum {
376 CSSM_LIST_TYPE_UNKNOWN = 0,
377 CSSM_LIST_TYPE_CUSTOM = 1,
378 CSSM_LIST_TYPE_SEXPR = 2
379 };
380
381 typedef struct cssm_list_element *CSSM_LIST_ELEMENT_PTR;
382
383 typedef struct cssm_list {
384 CSSM_LIST_TYPE ListType; /* type of this list */
385 CSSM_LIST_ELEMENT_PTR Head; /* head of the list */
386 CSSM_LIST_ELEMENT_PTR Tail; /* tail of the list */
387 } CSSM_LIST DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_LIST_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
388
389 typedef struct cssm_list_element {
390 struct cssm_list_element *NextElement; /* next list element */
391 CSSM_WORDID_TYPE WordID; /* integer identifier associated */
392 /* with a Word value */
393 CSSM_LIST_ELEMENT_TYPE ElementType;
394 union {
395 CSSM_LIST Sublist; /* sublist */
396 CSSM_DATA Word; /* a byte-string */
397 } Element;
398 } CSSM_LIST_ELEMENT;
399
400 typedef struct { /* 5-tuple definition */
401 CSSM_LIST Issuer; /* issuer, or empty if ACL */
402 CSSM_LIST Subject; /* subject */
403 CSSM_BOOL Delegate; /* permission to delegate */
404 CSSM_LIST AuthorizationTag; /* authorization field */
405 CSSM_LIST ValidityPeriod; /* validity information (dates) */
406 } CSSM_TUPLE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TUPLE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
407
408 typedef struct cssm_tuplegroup {
409 uint32 NumberOfTuples;
410 CSSM_TUPLE_PTR Tuples;
411 } CSSM_TUPLEGROUP DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TUPLEGROUP_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
412
413 typedef CSSM_WORDID_TYPE CSSM_SAMPLE_TYPE;
414 enum {
415 CSSM_SAMPLE_TYPE_PASSWORD = CSSM_WORDID_PASSWORD,
416 CSSM_SAMPLE_TYPE_HASHED_PASSWORD = CSSM_WORDID_HASHED_PASSWORD,
417 CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD = CSSM_WORDID_PROTECTED_PASSWORD,
418 CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD = CSSM_WORDID_PROMPTED_PASSWORD,
419 CSSM_SAMPLE_TYPE_SIGNED_NONCE = CSSM_WORDID_SIGNED_NONCE,
420 CSSM_SAMPLE_TYPE_SIGNED_SECRET = CSSM_WORDID_SIGNED_SECRET,
421 CSSM_SAMPLE_TYPE_BIOMETRIC = CSSM_WORDID_BIOMETRIC,
422 CSSM_SAMPLE_TYPE_PROTECTED_BIOMETRIC = CSSM_WORDID_PROTECTED_BIOMETRIC,
423 CSSM_SAMPLE_TYPE_PROMPTED_BIOMETRIC = CSSM_WORDID_PROMPTED_BIOMETRIC,
424 CSSM_SAMPLE_TYPE_THRESHOLD = CSSM_WORDID_THRESHOLD
425 };
426
427 typedef struct cssm_sample {
428 CSSM_LIST TypedSample;
429 const CSSM_SUBSERVICE_UID *Verifier;
430 } CSSM_SAMPLE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_SAMPLE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
431
432 typedef struct cssm_samplegroup {
433 uint32 NumberOfSamples;
434 const CSSM_SAMPLE *Samples;
435 } CSSM_SAMPLEGROUP DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_SAMPLEGROUP_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
436
437 typedef void *(CSSMAPI *CSSM_MALLOC)
438 (CSSM_SIZE size,
439 void *allocref);
440
441 typedef void (CSSMAPI *CSSM_FREE)
442 (void *memblock,
443 void *allocref);
444
445 typedef void *(CSSMAPI *CSSM_REALLOC)
446 (void *memblock,
447 CSSM_SIZE size,
448 void *allocref);
449
450 typedef void *(CSSMAPI *CSSM_CALLOC)
451 (uint32 num,
452 CSSM_SIZE size,
453 void *allocref);
454
455 typedef struct cssm_memory_funcs {
456 CSSM_MALLOC malloc_func;
457 CSSM_FREE free_func;
458 CSSM_REALLOC realloc_func;
459 CSSM_CALLOC calloc_func;
460 void *AllocRef;
461 } CSSM_MEMORY_FUNCS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_MEMORY_FUNCS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
462
463 typedef CSSM_MEMORY_FUNCS CSSM_API_MEMORY_FUNCS;
464 typedef CSSM_API_MEMORY_FUNCS *CSSM_API_MEMORY_FUNCS_PTR;
465
466 typedef CSSM_RETURN (CSSMAPI * CSSM_CHALLENGE_CALLBACK)
467 (const CSSM_LIST *Challenge,
468 CSSM_SAMPLEGROUP_PTR Response,
469 void *CallerCtx,
470 const CSSM_MEMORY_FUNCS *MemFuncs);
471
472 typedef uint32 CSSM_CERT_TYPE, *CSSM_CERT_TYPE_PTR;
473 enum {
474 CSSM_CERT_UNKNOWN = 0x00,
475 CSSM_CERT_X_509v1 = 0x01,
476 CSSM_CERT_X_509v2 = 0x02,
477 CSSM_CERT_X_509v3 = 0x03,
478 CSSM_CERT_PGP = 0x04,
479 CSSM_CERT_SPKI = 0x05,
480 CSSM_CERT_SDSIv1 = 0x06,
481 CSSM_CERT_Intel = 0x08,
482 CSSM_CERT_X_509_ATTRIBUTE = 0x09, /* X.509 attribute cert */
483 CSSM_CERT_X9_ATTRIBUTE = 0x0A, /* X9 attribute cert */
484 CSSM_CERT_TUPLE = 0x0B,
485 CSSM_CERT_ACL_ENTRY = 0x0C,
486 CSSM_CERT_MULTIPLE = 0x7FFE,
487 CSSM_CERT_LAST = 0x7FFF,
488 /* Applications wishing to define their own custom certificate
489 type should define and publicly document a uint32 value greater
490 than the CSSM_CL_CUSTOM_CERT_TYPE */
491 CSSM_CL_CUSTOM_CERT_TYPE = 0x08000
492 };
493
494 typedef uint32 CSSM_CERT_ENCODING, *CSSM_CERT_ENCODING_PTR;
495 enum {
496 CSSM_CERT_ENCODING_UNKNOWN = 0x00,
497 CSSM_CERT_ENCODING_CUSTOM = 0x01,
498 CSSM_CERT_ENCODING_BER = 0x02,
499 CSSM_CERT_ENCODING_DER = 0x03,
500 CSSM_CERT_ENCODING_NDR = 0x04,
501 CSSM_CERT_ENCODING_SEXPR = 0x05,
502 CSSM_CERT_ENCODING_PGP = 0x06,
503 CSSM_CERT_ENCODING_MULTIPLE = 0x7FFE,
504 CSSM_CERT_ENCODING_LAST = 0x7FFF,
505 /* Applications wishing to define their own custom certificate
506 encoding should create a uint32 value greater than the
507 CSSM_CL_CUSTOM_CERT_ENCODING */
508 CSSM_CL_CUSTOM_CERT_ENCODING = 0x8000
509 };
510
511 typedef struct cssm_encoded_cert {
512 CSSM_CERT_TYPE CertType; /* type of certificate */
513 CSSM_CERT_ENCODING CertEncoding; /* encoding for this packed cert */
514 CSSM_DATA CertBlob; /* packed cert */
515 } CSSM_ENCODED_CERT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ENCODED_CERT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
516
517 typedef uint32 CSSM_CERT_PARSE_FORMAT, *CSSM_CERT_PARSE_FORMAT_PTR;
518 enum {
519 CSSM_CERT_PARSE_FORMAT_NONE = 0x00,
520 CSSM_CERT_PARSE_FORMAT_CUSTOM = 0x01, /* void* */
521 CSSM_CERT_PARSE_FORMAT_SEXPR = 0x02, /* CSSM_LIST */
522 CSSM_CERT_PARSE_FORMAT_COMPLEX = 0x03, /* void* */
523 CSSM_CERT_PARSE_FORMAT_OID_NAMED = 0x04, /* CSSM_FIELDGROUP */
524 CSSM_CERT_PARSE_FORMAT_TUPLE = 0x05, /* CSSM_TUPLE */
525 CSSM_CERT_PARSE_FORMAT_MULTIPLE = 0x7FFE,
526 /* multiple forms, each cert carries a
527 parse format indicator */
528 CSSM_CERT_PARSE_FORMAT_LAST = 0x7FFF,
529 /* Applications wishing to define their
530 own custom parse format should create
531 a * uint32 value greater than the
532 CSSM_CL_CUSTOM_CERT_PARSE_FORMAT */
533 CSSM_CL_CUSTOM_CERT_PARSE_FORMAT = 0x8000
534 };
535
536 typedef struct cssm_parsed_cert {
537 CSSM_CERT_TYPE CertType; /* certificate type */
538 CSSM_CERT_PARSE_FORMAT ParsedCertFormat;
539 /* struct of ParsedCert */
540 void *ParsedCert; /* parsed cert (to be typecast) */
541 } CSSM_PARSED_CERT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PARSED_CERT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
542
543 typedef struct cssm_cert_pair {
544 CSSM_ENCODED_CERT EncodedCert; /* an encoded certificate blob */
545 CSSM_PARSED_CERT ParsedCert; /* equivalent parsed certificate */
546 } CSSM_CERT_PAIR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CERT_PAIR_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
547
548 typedef uint32 CSSM_CERTGROUP_TYPE, *CSSM_CERTGROUP_TYPE_PTR;
549 enum {
550 CSSM_CERTGROUP_DATA = 0x00,
551 CSSM_CERTGROUP_ENCODED_CERT = 0x01,
552 CSSM_CERTGROUP_PARSED_CERT = 0x02,
553 CSSM_CERTGROUP_CERT_PAIR = 0x03
554 };
555
556 typedef struct cssm_certgroup {
557 CSSM_CERT_TYPE CertType;
558 CSSM_CERT_ENCODING CertEncoding;
559 uint32 NumCerts; /* # of certificates in this list */
560 union {
561 CSSM_DATA_PTR CertList; /* legacy list of single type certificate blobs */
562 CSSM_ENCODED_CERT_PTR EncodedCertList;
563 /* list of multi-type certificate blobs */
564 CSSM_PARSED_CERT_PTR ParsedCertList;
565 /* list of multi-type parsed certs */
566 CSSM_CERT_PAIR_PTR PairCertList;
567 /*list of single or multi-type certs with two representations: blob and parsed */
568 } GroupList;
569 CSSM_CERTGROUP_TYPE CertGroupType;
570 /* type of structure in the GroupList */
571 void *Reserved; /* reserved for implementation dependent use */
572 } CSSM_CERTGROUP, *CSSM_CERTGROUP_PTR;
573
574 typedef struct cssm_base_certs {
575 CSSM_TP_HANDLE TPHandle;
576 CSSM_CL_HANDLE CLHandle;
577 CSSM_CERTGROUP Certs;
578 } CSSM_BASE_CERTS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_BASE_CERTS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
579
580 typedef struct cssm_access_credentials {
581 CSSM_STRING EntryTag;
582 CSSM_BASE_CERTS BaseCerts;
583 CSSM_SAMPLEGROUP Samples;
584 CSSM_CHALLENGE_CALLBACK Callback;
585 void *CallerCtx;
586 } CSSM_ACCESS_CREDENTIALS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACCESS_CREDENTIALS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
587
588 typedef sint32 CSSM_ACL_SUBJECT_TYPE;
589 enum {
590 CSSM_ACL_SUBJECT_TYPE_ANY = CSSM_WORDID__STAR_,
591 CSSM_ACL_SUBJECT_TYPE_THRESHOLD = CSSM_WORDID_THRESHOLD,
592 CSSM_ACL_SUBJECT_TYPE_PASSWORD = CSSM_WORDID_PASSWORD,
593 CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD = CSSM_WORDID_PROTECTED_PASSWORD,
594 CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD = CSSM_WORDID_PROMPTED_PASSWORD,
595 CSSM_ACL_SUBJECT_TYPE_PUBLIC_KEY = CSSM_WORDID_PUBLIC_KEY,
596 CSSM_ACL_SUBJECT_TYPE_HASHED_SUBJECT = CSSM_WORDID_HASHED_SUBJECT,
597 CSSM_ACL_SUBJECT_TYPE_BIOMETRIC = CSSM_WORDID_BIOMETRIC,
598 CSSM_ACL_SUBJECT_TYPE_PROTECTED_BIOMETRIC = CSSM_WORDID_PROTECTED_BIOMETRIC,
599 CSSM_ACL_SUBJECT_TYPE_PROMPTED_BIOMETRIC = CSSM_WORDID_PROMPTED_BIOMETRIC,
600 CSSM_ACL_SUBJECT_TYPE_LOGIN_NAME = CSSM_WORDID_LOGIN_NAME,
601 CSSM_ACL_SUBJECT_TYPE_EXT_PAM_NAME = CSSM_WORDID_PAM_NAME
602 };
603
604 /* Authorization tag type */
605 typedef sint32 CSSM_ACL_AUTHORIZATION_TAG;
606 enum {
607 /* All vendor specific constants must be in the number range
608 starting at CSSM_ACL_AUTHORIZATION_TAG_VENDOR_DEFINED_START */
609 CSSM_ACL_AUTHORIZATION_TAG_VENDOR_DEFINED_START = 0x00010000,
610 /* No restrictions. Permission to perform all operations on
611 the resource or available to an ACL owner. */
612 CSSM_ACL_AUTHORIZATION_ANY = CSSM_WORDID__STAR_,
613 /* Defined authorization tag values for CSPs */
614 CSSM_ACL_AUTHORIZATION_LOGIN = CSSM_WORDID_LOGIN,
615 CSSM_ACL_AUTHORIZATION_GENKEY = CSSM_WORDID_GENKEY,
616 CSSM_ACL_AUTHORIZATION_DELETE = CSSM_WORDID_DELETE,
617 CSSM_ACL_AUTHORIZATION_EXPORT_WRAPPED = CSSM_WORDID_EXPORT_WRAPPED,
618 CSSM_ACL_AUTHORIZATION_EXPORT_CLEAR = CSSM_WORDID_EXPORT_CLEAR,
619 CSSM_ACL_AUTHORIZATION_IMPORT_WRAPPED = CSSM_WORDID_IMPORT_WRAPPED,
620 CSSM_ACL_AUTHORIZATION_IMPORT_CLEAR = CSSM_WORDID_IMPORT_CLEAR,
621 CSSM_ACL_AUTHORIZATION_SIGN = CSSM_WORDID_SIGN,
622 CSSM_ACL_AUTHORIZATION_ENCRYPT = CSSM_WORDID_ENCRYPT,
623 CSSM_ACL_AUTHORIZATION_DECRYPT = CSSM_WORDID_DECRYPT,
624 CSSM_ACL_AUTHORIZATION_MAC = CSSM_WORDID_MAC,
625 CSSM_ACL_AUTHORIZATION_DERIVE = CSSM_WORDID_DERIVE,
626 /* Defined authorization tag values for DLs */
627 CSSM_ACL_AUTHORIZATION_DBS_CREATE = CSSM_WORDID_DBS_CREATE,
628 CSSM_ACL_AUTHORIZATION_DBS_DELETE = CSSM_WORDID_DBS_DELETE,
629 CSSM_ACL_AUTHORIZATION_DB_READ = CSSM_WORDID_DB_READ,
630 CSSM_ACL_AUTHORIZATION_DB_INSERT = CSSM_WORDID_DB_INSERT,
631 CSSM_ACL_AUTHORIZATION_DB_MODIFY = CSSM_WORDID_DB_MODIFY,
632 CSSM_ACL_AUTHORIZATION_DB_DELETE = CSSM_WORDID_DB_DELETE
633 };
634
635 typedef struct cssm_authorizationgroup {
636 uint32 NumberOfAuthTags;
637 CSSM_ACL_AUTHORIZATION_TAG *AuthTags;
638 } CSSM_AUTHORIZATIONGROUP DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_AUTHORIZATIONGROUP_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
639
640 typedef struct cssm_acl_validity_period {
641 CSSM_DATA StartDate;
642 CSSM_DATA EndDate;
643 } CSSM_ACL_VALIDITY_PERIOD DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_VALIDITY_PERIOD_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
644
645 typedef struct cssm_acl_entry_prototype {
646 CSSM_LIST TypedSubject;
647 CSSM_BOOL Delegate;
648 CSSM_AUTHORIZATIONGROUP Authorization;
649 CSSM_ACL_VALIDITY_PERIOD TimeRange;
650 CSSM_STRING EntryTag;
651 } CSSM_ACL_ENTRY_PROTOTYPE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_ENTRY_PROTOTYPE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
652
653 typedef struct cssm_acl_owner_prototype {
654 CSSM_LIST TypedSubject;
655 CSSM_BOOL Delegate;
656 } CSSM_ACL_OWNER_PROTOTYPE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_OWNER_PROTOTYPE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
657
658 typedef CSSM_RETURN (CSSMAPI * CSSM_ACL_SUBJECT_CALLBACK)
659 (const CSSM_LIST *SubjectRequest,
660 CSSM_LIST_PTR SubjectResponse,
661 void *CallerContext,
662 const CSSM_MEMORY_FUNCS *MemFuncs);
663
664 typedef struct cssm_acl_entry_input {
665 CSSM_ACL_ENTRY_PROTOTYPE Prototype;
666 CSSM_ACL_SUBJECT_CALLBACK Callback;
667 void *CallerContext;
668 } CSSM_ACL_ENTRY_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_ENTRY_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
669
670 typedef struct cssm_resource_control_context {
671 CSSM_ACCESS_CREDENTIALS_PTR AccessCred;
672 CSSM_ACL_ENTRY_INPUT InitialAclEntry;
673 } CSSM_RESOURCE_CONTROL_CONTEXT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_RESOURCE_CONTROL_CONTEXT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
674
675 typedef CSSM_HANDLE CSSM_ACL_HANDLE;
676
677 typedef struct cssm_acl_entry_info {
678 CSSM_ACL_ENTRY_PROTOTYPE EntryPublicInfo;
679 CSSM_ACL_HANDLE EntryHandle;
680 } CSSM_ACL_ENTRY_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_ENTRY_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
681
682 typedef uint32 CSSM_ACL_EDIT_MODE;
683 enum {
684 CSSM_ACL_EDIT_MODE_ADD = 1,
685 CSSM_ACL_EDIT_MODE_DELETE = 2,
686 CSSM_ACL_EDIT_MODE_REPLACE = 3
687 };
688
689 typedef struct cssm_acl_edit {
690 CSSM_ACL_EDIT_MODE EditMode;
691 CSSM_ACL_HANDLE OldEntryHandle;
692 const CSSM_ACL_ENTRY_INPUT *NewEntry;
693 } CSSM_ACL_EDIT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_EDIT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
694
695 #if defined(WIN32)
696 typedef FARPROC CSSM_PROC_ADDR;
697 #else
698 typedef void (CSSMAPI *CSSM_PROC_ADDR) (void);
699 #endif
700 typedef CSSM_PROC_ADDR *CSSM_PROC_ADDR_PTR;
701
702 typedef struct cssm_func_name_addr {
703 CSSM_STRING Name;
704 CSSM_PROC_ADDR Address;
705 } CSSM_FUNC_NAME_ADDR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_FUNC_NAME_ADDR_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
706
707
708 /* Data Types for Cryptographic Services */
709
710 typedef struct cssm_date {
711 uint8 Year[4];
712 uint8 Month[2];
713 uint8 Day[2];
714 } CSSM_DATE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DATE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
715
716 typedef struct cssm_range {
717 uint32 Min; /* inclusive minimum value */
718 uint32 Max; /* inclusive maximum value */
719 } CSSM_RANGE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_RANGE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
720
721 typedef struct cssm_query_size_data {
722 uint32 SizeInputBlock; /* size of input data block */
723 uint32 SizeOutputBlock; /* size of resulting output data block */
724 } CSSM_QUERY_SIZE_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_QUERY_SIZE_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
725
726 typedef uint32 CSSM_HEADERVERSION;
727 enum {
728 CSSM_KEYHEADER_VERSION = 2
729 };
730
731 typedef struct cssm_key_size {
732 uint32 LogicalKeySizeInBits; /* Logical key size in bits */
733 uint32 EffectiveKeySizeInBits; /* Effective key size in bits */
734 } CSSM_KEY_SIZE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_KEY_SIZE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
735
736 typedef uint32 CSSM_KEYBLOB_TYPE;
737 enum {
738 CSSM_KEYBLOB_RAW = 0, /* The blob is a clear, raw key */
739 CSSM_KEYBLOB_REFERENCE = 2, /* The blob is a reference to a key */
740 CSSM_KEYBLOB_WRAPPED = 3, /* The blob is a wrapped RAW key */
741 CSSM_KEYBLOB_OTHER = 0xFFFFFFFF
742 };
743
744 typedef uint32 CSSM_KEYBLOB_FORMAT;
745 enum {
746 /* Raw Format */
747 CSSM_KEYBLOB_RAW_FORMAT_NONE = 0,
748 /* No further conversion need to be done */
749 CSSM_KEYBLOB_RAW_FORMAT_PKCS1 = 1, /* RSA PKCS1 V1.5 */
750 CSSM_KEYBLOB_RAW_FORMAT_PKCS3 = 2, /* RSA PKCS3 V1.5 */
751 CSSM_KEYBLOB_RAW_FORMAT_MSCAPI = 3, /* Microsoft CAPI V2.0 */
752 CSSM_KEYBLOB_RAW_FORMAT_PGP = 4, /* PGP V */
753 CSSM_KEYBLOB_RAW_FORMAT_FIPS186 = 5, /* US Gov. FIPS 186 - DSS V */
754 CSSM_KEYBLOB_RAW_FORMAT_BSAFE = 6, /* RSA Bsafe V3.0 */
755 CSSM_KEYBLOB_RAW_FORMAT_CCA = 9, /* CCA clear public key blob */
756 CSSM_KEYBLOB_RAW_FORMAT_PKCS8 = 10, /* RSA PKCS8 V1.2 */
757 CSSM_KEYBLOB_RAW_FORMAT_SPKI = 11, /* SPKI Specification */
758 CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING = 12,
759 CSSM_KEYBLOB_RAW_FORMAT_OTHER = 0xFFFFFFFF /* Other, CSP defined */
760 };
761 enum {
762 /* Wrapped Format */
763 CSSM_KEYBLOB_WRAPPED_FORMAT_NONE = 0,
764 /* No further conversion need to be done */
765 CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS8 = 1, /* RSA PKCS8 V1.2 */
766 CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS7 = 2,
767 CSSM_KEYBLOB_WRAPPED_FORMAT_MSCAPI = 3,
768 CSSM_KEYBLOB_WRAPPED_FORMAT_OTHER = 0xFFFFFFFF /* Other, CSP defined */
769 };
770 enum {
771 /* Reference Format */
772 CSSM_KEYBLOB_REF_FORMAT_INTEGER = 0, /* Reference is a number or handle */
773 CSSM_KEYBLOB_REF_FORMAT_STRING = 1, /* Reference is a string or label */
774 CSSM_KEYBLOB_REF_FORMAT_SPKI = 2, /* Reference is an SPKI S-expression */
775 /* to be evaluated to locate the key */
776 CSSM_KEYBLOB_REF_FORMAT_OTHER = 0xFFFFFFFF /* Other, CSP defined */
777 };
778
779 typedef uint32 CSSM_KEYCLASS;
780 enum {
781 CSSM_KEYCLASS_PUBLIC_KEY = 0, /* Key is public key */
782 CSSM_KEYCLASS_PRIVATE_KEY = 1, /* Key is private key */
783 CSSM_KEYCLASS_SESSION_KEY = 2, /* Key is session or symmetric key */
784 CSSM_KEYCLASS_SECRET_PART = 3, /* Key is part of secret key */
785 CSSM_KEYCLASS_OTHER = 0xFFFFFFFF /* Other */
786 };
787
788 typedef uint32 CSSM_KEYATTR_FLAGS;
789 enum {
790 /* Valid only during call to an API. Will never be valid when set in a key header */
791 CSSM_KEYATTR_RETURN_DEFAULT = 0x00000000,
792 CSSM_KEYATTR_RETURN_DATA = 0x10000000,
793 CSSM_KEYATTR_RETURN_REF = 0x20000000,
794 CSSM_KEYATTR_RETURN_NONE = 0x40000000,
795 /* Valid during an API call and in a key header */
796 CSSM_KEYATTR_PERMANENT = 0x00000001,
797 CSSM_KEYATTR_PRIVATE = 0x00000002,
798 CSSM_KEYATTR_MODIFIABLE = 0x00000004,
799 CSSM_KEYATTR_SENSITIVE = 0x00000008,
800 CSSM_KEYATTR_EXTRACTABLE = 0x00000020,
801 /* Valid only in a key header generated by a CSP, not valid during an API call */
802 CSSM_KEYATTR_ALWAYS_SENSITIVE = 0x00000010,
803 CSSM_KEYATTR_NEVER_EXTRACTABLE = 0x00000040
804 };
805
806 typedef uint32 CSSM_KEYUSE;
807 enum {
808 CSSM_KEYUSE_ANY = 0x80000000,
809 CSSM_KEYUSE_ENCRYPT = 0x00000001,
810 CSSM_KEYUSE_DECRYPT = 0x00000002,
811 CSSM_KEYUSE_SIGN = 0x00000004,
812 CSSM_KEYUSE_VERIFY = 0x00000008,
813 CSSM_KEYUSE_SIGN_RECOVER = 0x00000010,
814 CSSM_KEYUSE_VERIFY_RECOVER = 0x00000020,
815 CSSM_KEYUSE_WRAP = 0x00000040,
816 CSSM_KEYUSE_UNWRAP = 0x00000080,
817 CSSM_KEYUSE_DERIVE = 0x00000100
818 };
819
820 typedef uint32 CSSM_ALGORITHMS;
821 enum {
822 CSSM_ALGID_NONE = 0,
823 CSSM_ALGID_CUSTOM = CSSM_ALGID_NONE + 1,
824 CSSM_ALGID_DH = CSSM_ALGID_NONE + 2,
825 CSSM_ALGID_PH = CSSM_ALGID_NONE + 3,
826 CSSM_ALGID_KEA = CSSM_ALGID_NONE + 4,
827 CSSM_ALGID_MD2 = CSSM_ALGID_NONE + 5,
828 CSSM_ALGID_MD4 = CSSM_ALGID_NONE + 6,
829 CSSM_ALGID_MD5 = CSSM_ALGID_NONE + 7,
830 CSSM_ALGID_SHA1 = CSSM_ALGID_NONE + 8,
831 CSSM_ALGID_NHASH = CSSM_ALGID_NONE + 9,
832 CSSM_ALGID_HAVAL = CSSM_ALGID_NONE + 10,
833 CSSM_ALGID_RIPEMD = CSSM_ALGID_NONE + 11,
834 CSSM_ALGID_IBCHASH = CSSM_ALGID_NONE + 12,
835 CSSM_ALGID_RIPEMAC = CSSM_ALGID_NONE + 13,
836 CSSM_ALGID_DES = CSSM_ALGID_NONE + 14,
837 CSSM_ALGID_DESX = CSSM_ALGID_NONE + 15,
838 CSSM_ALGID_RDES = CSSM_ALGID_NONE + 16,
839 CSSM_ALGID_3DES_3KEY_EDE = CSSM_ALGID_NONE + 17,
840 CSSM_ALGID_3DES_2KEY_EDE = CSSM_ALGID_NONE + 18,
841 CSSM_ALGID_3DES_1KEY_EEE = CSSM_ALGID_NONE + 19,
842 CSSM_ALGID_3DES_3KEY = CSSM_ALGID_3DES_3KEY_EDE,
843 CSSM_ALGID_3DES_3KEY_EEE = CSSM_ALGID_NONE + 20,
844 CSSM_ALGID_3DES_2KEY = CSSM_ALGID_3DES_2KEY_EDE,
845 CSSM_ALGID_3DES_2KEY_EEE = CSSM_ALGID_NONE + 21,
846 CSSM_ALGID_3DES_1KEY = CSSM_ALGID_3DES_3KEY_EEE,
847 CSSM_ALGID_IDEA = CSSM_ALGID_NONE + 22,
848 CSSM_ALGID_RC2 = CSSM_ALGID_NONE + 23,
849 CSSM_ALGID_RC5 = CSSM_ALGID_NONE + 24,
850 CSSM_ALGID_RC4 = CSSM_ALGID_NONE + 25,
851 CSSM_ALGID_SEAL = CSSM_ALGID_NONE + 26,
852 CSSM_ALGID_CAST = CSSM_ALGID_NONE + 27,
853 CSSM_ALGID_BLOWFISH = CSSM_ALGID_NONE + 28,
854 CSSM_ALGID_SKIPJACK = CSSM_ALGID_NONE + 29,
855 CSSM_ALGID_LUCIFER = CSSM_ALGID_NONE + 30,
856 CSSM_ALGID_MADRYGA = CSSM_ALGID_NONE + 31,
857 CSSM_ALGID_FEAL = CSSM_ALGID_NONE + 32,
858 CSSM_ALGID_REDOC = CSSM_ALGID_NONE + 33,
859 CSSM_ALGID_REDOC3 = CSSM_ALGID_NONE + 34,
860 CSSM_ALGID_LOKI = CSSM_ALGID_NONE + 35,
861 CSSM_ALGID_KHUFU = CSSM_ALGID_NONE + 36,
862 CSSM_ALGID_KHAFRE = CSSM_ALGID_NONE + 37,
863 CSSM_ALGID_MMB = CSSM_ALGID_NONE + 38,
864 CSSM_ALGID_GOST = CSSM_ALGID_NONE + 39,
865 CSSM_ALGID_SAFER = CSSM_ALGID_NONE + 40,
866 CSSM_ALGID_CRAB = CSSM_ALGID_NONE + 41,
867 CSSM_ALGID_RSA = CSSM_ALGID_NONE + 42,
868 CSSM_ALGID_DSA = CSSM_ALGID_NONE + 43,
869 CSSM_ALGID_MD5WithRSA = CSSM_ALGID_NONE + 44,
870 CSSM_ALGID_MD2WithRSA = CSSM_ALGID_NONE + 45,
871 CSSM_ALGID_ElGamal = CSSM_ALGID_NONE + 46,
872 CSSM_ALGID_MD2Random = CSSM_ALGID_NONE + 47,
873 CSSM_ALGID_MD5Random = CSSM_ALGID_NONE + 48,
874 CSSM_ALGID_SHARandom = CSSM_ALGID_NONE + 49,
875 CSSM_ALGID_DESRandom = CSSM_ALGID_NONE + 50,
876 CSSM_ALGID_SHA1WithRSA = CSSM_ALGID_NONE + 51,
877 CSSM_ALGID_CDMF = CSSM_ALGID_NONE + 52,
878 CSSM_ALGID_CAST3 = CSSM_ALGID_NONE + 53,
879 CSSM_ALGID_CAST5 = CSSM_ALGID_NONE + 54,
880 CSSM_ALGID_GenericSecret = CSSM_ALGID_NONE + 55,
881 CSSM_ALGID_ConcatBaseAndKey = CSSM_ALGID_NONE + 56,
882 CSSM_ALGID_ConcatKeyAndBase = CSSM_ALGID_NONE + 57,
883 CSSM_ALGID_ConcatBaseAndData = CSSM_ALGID_NONE + 58,
884 CSSM_ALGID_ConcatDataAndBase = CSSM_ALGID_NONE + 59,
885 CSSM_ALGID_XORBaseAndData = CSSM_ALGID_NONE + 60,
886 CSSM_ALGID_ExtractFromKey = CSSM_ALGID_NONE + 61,
887 CSSM_ALGID_SSL3PreMasterGen = CSSM_ALGID_NONE + 62,
888 CSSM_ALGID_SSL3MasterDerive = CSSM_ALGID_NONE + 63,
889 CSSM_ALGID_SSL3KeyAndMacDerive = CSSM_ALGID_NONE + 64,
890 CSSM_ALGID_SSL3MD5_MAC = CSSM_ALGID_NONE + 65,
891 CSSM_ALGID_SSL3SHA1_MAC = CSSM_ALGID_NONE + 66,
892 CSSM_ALGID_PKCS5_PBKDF1_MD5 = CSSM_ALGID_NONE + 67,
893 CSSM_ALGID_PKCS5_PBKDF1_MD2 = CSSM_ALGID_NONE + 68,
894 CSSM_ALGID_PKCS5_PBKDF1_SHA1 = CSSM_ALGID_NONE + 69,
895 CSSM_ALGID_WrapLynks = CSSM_ALGID_NONE + 70,
896 CSSM_ALGID_WrapSET_OAEP = CSSM_ALGID_NONE + 71,
897 CSSM_ALGID_BATON = CSSM_ALGID_NONE + 72,
898 CSSM_ALGID_ECDSA = CSSM_ALGID_NONE + 73,
899 CSSM_ALGID_MAYFLY = CSSM_ALGID_NONE + 74,
900 CSSM_ALGID_JUNIPER = CSSM_ALGID_NONE + 75,
901 CSSM_ALGID_FASTHASH = CSSM_ALGID_NONE + 76,
902 CSSM_ALGID_3DES = CSSM_ALGID_NONE + 77,
903 CSSM_ALGID_SSL3MD5 = CSSM_ALGID_NONE + 78,
904 CSSM_ALGID_SSL3SHA1 = CSSM_ALGID_NONE + 79,
905 CSSM_ALGID_FortezzaTimestamp = CSSM_ALGID_NONE + 80,
906 CSSM_ALGID_SHA1WithDSA = CSSM_ALGID_NONE + 81,
907 CSSM_ALGID_SHA1WithECDSA = CSSM_ALGID_NONE + 82,
908 CSSM_ALGID_DSA_BSAFE = CSSM_ALGID_NONE + 83,
909 CSSM_ALGID_ECDH = CSSM_ALGID_NONE + 84,
910 CSSM_ALGID_ECMQV = CSSM_ALGID_NONE + 85,
911 CSSM_ALGID_PKCS12_SHA1_PBE = CSSM_ALGID_NONE + 86,
912 CSSM_ALGID_ECNRA = CSSM_ALGID_NONE + 87,
913 CSSM_ALGID_SHA1WithECNRA = CSSM_ALGID_NONE + 88,
914 CSSM_ALGID_ECES = CSSM_ALGID_NONE + 89,
915 CSSM_ALGID_ECAES = CSSM_ALGID_NONE + 90,
916 CSSM_ALGID_SHA1HMAC = CSSM_ALGID_NONE + 91,
917 CSSM_ALGID_FIPS186Random = CSSM_ALGID_NONE + 92,
918 CSSM_ALGID_ECC = CSSM_ALGID_NONE + 93,
919 CSSM_ALGID_MQV = CSSM_ALGID_NONE + 94,
920 CSSM_ALGID_NRA = CSSM_ALGID_NONE + 95,
921 CSSM_ALGID_IntelPlatformRandom = CSSM_ALGID_NONE + 96,
922 CSSM_ALGID_UTC = CSSM_ALGID_NONE + 97,
923 CSSM_ALGID_HAVAL3 = CSSM_ALGID_NONE + 98,
924 CSSM_ALGID_HAVAL4 = CSSM_ALGID_NONE + 99,
925 CSSM_ALGID_HAVAL5 = CSSM_ALGID_NONE + 100,
926 CSSM_ALGID_TIGER = CSSM_ALGID_NONE + 101,
927 CSSM_ALGID_MD5HMAC = CSSM_ALGID_NONE + 102,
928 CSSM_ALGID_PKCS5_PBKDF2 = CSSM_ALGID_NONE + 103,
929 CSSM_ALGID_RUNNING_COUNTER = CSSM_ALGID_NONE + 104,
930 CSSM_ALGID_LAST = CSSM_ALGID_NONE + 0x7FFFFFFF,
931 /* All algorithms IDs that are vendor specific, and not
932 part of the CSSM specification should be defined relative
933 to CSSM_ALGID_VENDOR_DEFINED. */
934 CSSM_ALGID_VENDOR_DEFINED = CSSM_ALGID_NONE + 0x80000000
935 };
936
937 typedef uint32 CSSM_ENCRYPT_MODE;
938 enum {
939 CSSM_ALGMODE_NONE = 0,
940 CSSM_ALGMODE_CUSTOM = CSSM_ALGMODE_NONE + 1,
941 CSSM_ALGMODE_ECB = CSSM_ALGMODE_NONE + 2,
942 CSSM_ALGMODE_ECBPad = CSSM_ALGMODE_NONE + 3,
943 CSSM_ALGMODE_CBC = CSSM_ALGMODE_NONE + 4,
944 CSSM_ALGMODE_CBC_IV8 = CSSM_ALGMODE_NONE + 5,
945 CSSM_ALGMODE_CBCPadIV8 = CSSM_ALGMODE_NONE + 6,
946 CSSM_ALGMODE_CFB = CSSM_ALGMODE_NONE + 7,
947 CSSM_ALGMODE_CFB_IV8 = CSSM_ALGMODE_NONE + 8,
948 CSSM_ALGMODE_CFBPadIV8 = CSSM_ALGMODE_NONE + 9,
949 CSSM_ALGMODE_OFB = CSSM_ALGMODE_NONE + 10,
950 CSSM_ALGMODE_OFB_IV8 = CSSM_ALGMODE_NONE + 11,
951 CSSM_ALGMODE_OFBPadIV8 = CSSM_ALGMODE_NONE + 12,
952 CSSM_ALGMODE_COUNTER = CSSM_ALGMODE_NONE + 13,
953 CSSM_ALGMODE_BC = CSSM_ALGMODE_NONE + 14,
954 CSSM_ALGMODE_PCBC = CSSM_ALGMODE_NONE + 15,
955 CSSM_ALGMODE_CBCC = CSSM_ALGMODE_NONE + 16,
956 CSSM_ALGMODE_OFBNLF = CSSM_ALGMODE_NONE + 17,
957 CSSM_ALGMODE_PBC = CSSM_ALGMODE_NONE + 18,
958 CSSM_ALGMODE_PFB = CSSM_ALGMODE_NONE + 19,
959 CSSM_ALGMODE_CBCPD = CSSM_ALGMODE_NONE + 20,
960 CSSM_ALGMODE_PUBLIC_KEY = CSSM_ALGMODE_NONE + 21,
961 CSSM_ALGMODE_PRIVATE_KEY = CSSM_ALGMODE_NONE + 22,
962 CSSM_ALGMODE_SHUFFLE = CSSM_ALGMODE_NONE + 23,
963 CSSM_ALGMODE_ECB64 = CSSM_ALGMODE_NONE + 24,
964 CSSM_ALGMODE_CBC64 = CSSM_ALGMODE_NONE + 25,
965 CSSM_ALGMODE_OFB64 = CSSM_ALGMODE_NONE + 26,
966 CSSM_ALGMODE_CFB32 = CSSM_ALGMODE_NONE + 28,
967 CSSM_ALGMODE_CFB16 = CSSM_ALGMODE_NONE + 29,
968 CSSM_ALGMODE_CFB8 = CSSM_ALGMODE_NONE + 30,
969 CSSM_ALGMODE_WRAP = CSSM_ALGMODE_NONE + 31,
970 CSSM_ALGMODE_PRIVATE_WRAP = CSSM_ALGMODE_NONE + 32,
971 CSSM_ALGMODE_RELAYX = CSSM_ALGMODE_NONE + 33,
972 CSSM_ALGMODE_ECB128 = CSSM_ALGMODE_NONE + 34,
973 CSSM_ALGMODE_ECB96 = CSSM_ALGMODE_NONE + 35,
974 CSSM_ALGMODE_CBC128 = CSSM_ALGMODE_NONE + 36,
975 CSSM_ALGMODE_OAEP_HASH = CSSM_ALGMODE_NONE + 37,
976 CSSM_ALGMODE_PKCS1_EME_V15 = CSSM_ALGMODE_NONE + 38,
977 CSSM_ALGMODE_PKCS1_EME_OAEP = CSSM_ALGMODE_NONE + 39,
978 CSSM_ALGMODE_PKCS1_EMSA_V15 = CSSM_ALGMODE_NONE + 40,
979 CSSM_ALGMODE_ISO_9796 = CSSM_ALGMODE_NONE + 41,
980 CSSM_ALGMODE_X9_31 = CSSM_ALGMODE_NONE + 42,
981 CSSM_ALGMODE_LAST = CSSM_ALGMODE_NONE + 0x7FFFFFFF,
982 /* All algorithms modes that are vendor specific, and
983 not part of the CSSM specification should be defined
984 relative to CSSM_ALGMODE_VENDOR_DEFINED. */
985 CSSM_ALGMODE_VENDOR_DEFINED = CSSM_ALGMODE_NONE + 0x80000000
986 };
987
988 typedef struct cssm_keyheader {
989 CSSM_HEADERVERSION HeaderVersion; /* Key header version */
990 CSSM_GUID CspId; /* GUID of CSP generating the key */
991 CSSM_KEYBLOB_TYPE BlobType; /* See BlobType enum */
992 CSSM_KEYBLOB_FORMAT Format; /* Raw or Reference format */
993 CSSM_ALGORITHMS AlgorithmId; /* Algorithm ID of key */
994 CSSM_KEYCLASS KeyClass; /* Public/Private/Secret, etc. */
995 uint32 LogicalKeySizeInBits; /* Logical key size in bits */
996 CSSM_KEYATTR_FLAGS KeyAttr; /* Attribute flags */
997 CSSM_KEYUSE KeyUsage; /* Key use flags */
998 CSSM_DATE StartDate; /* Effective date of key */
999 CSSM_DATE EndDate; /* Expiration date of key */
1000 CSSM_ALGORITHMS WrapAlgorithmId; /* == CSSM_ALGID_NONE if clear key */
1001 CSSM_ENCRYPT_MODE WrapMode; /* if alg supports multiple wrapping modes */
1002 uint32 Reserved;
1003 } CSSM_KEYHEADER DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_KEYHEADER_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1004
1005 typedef struct cssm_key {
1006 CSSM_KEYHEADER KeyHeader; /* Fixed length key header */
1007 CSSM_DATA KeyData; /* Variable length key data */
1008 } CSSM_KEY DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_KEY_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1009
1010 typedef CSSM_KEY CSSM_WRAP_KEY, *CSSM_WRAP_KEY_PTR;
1011
1012 typedef uint32 CSSM_CSPTYPE;
1013 enum {
1014 CSSM_CSP_SOFTWARE = 1,
1015 CSSM_CSP_HARDWARE = CSSM_CSP_SOFTWARE + 1,
1016 CSSM_CSP_HYBRID = CSSM_CSP_SOFTWARE + 2
1017 };
1018
1019 /* From DL. */
1020 typedef struct cssm_dl_db_handle {
1021 CSSM_DL_HANDLE DLHandle;
1022 CSSM_DB_HANDLE DBHandle;
1023 } CSSM_DL_DB_HANDLE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DL_DB_HANDLE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1024
1025 typedef uint32 CSSM_CONTEXT_TYPE;
1026 enum {
1027 CSSM_ALGCLASS_NONE = 0,
1028 CSSM_ALGCLASS_CUSTOM = CSSM_ALGCLASS_NONE + 1,
1029 CSSM_ALGCLASS_SIGNATURE = CSSM_ALGCLASS_NONE + 2,
1030 CSSM_ALGCLASS_SYMMETRIC = CSSM_ALGCLASS_NONE + 3,
1031 CSSM_ALGCLASS_DIGEST = CSSM_ALGCLASS_NONE + 4,
1032 CSSM_ALGCLASS_RANDOMGEN = CSSM_ALGCLASS_NONE + 5,
1033 CSSM_ALGCLASS_UNIQUEGEN = CSSM_ALGCLASS_NONE + 6,
1034 CSSM_ALGCLASS_MAC = CSSM_ALGCLASS_NONE + 7,
1035 CSSM_ALGCLASS_ASYMMETRIC = CSSM_ALGCLASS_NONE + 8,
1036 CSSM_ALGCLASS_KEYGEN = CSSM_ALGCLASS_NONE + 9,
1037 CSSM_ALGCLASS_DERIVEKEY = CSSM_ALGCLASS_NONE + 10
1038 };
1039
1040 /* Attribute data type tags */
1041 enum {
1042 CSSM_ATTRIBUTE_DATA_NONE = 0x00000000,
1043 CSSM_ATTRIBUTE_DATA_UINT32 = 0x10000000,
1044 CSSM_ATTRIBUTE_DATA_CSSM_DATA = 0x20000000,
1045 CSSM_ATTRIBUTE_DATA_CRYPTO_DATA = 0x30000000,
1046 CSSM_ATTRIBUTE_DATA_KEY = 0x40000000,
1047 CSSM_ATTRIBUTE_DATA_STRING = 0x50000000,
1048 CSSM_ATTRIBUTE_DATA_DATE = 0x60000000,
1049 CSSM_ATTRIBUTE_DATA_RANGE = 0x70000000,
1050 CSSM_ATTRIBUTE_DATA_ACCESS_CREDENTIALS = 0x80000000,
1051 CSSM_ATTRIBUTE_DATA_VERSION = 0x01000000,
1052 CSSM_ATTRIBUTE_DATA_DL_DB_HANDLE = 0x02000000,
1053 CSSM_ATTRIBUTE_DATA_KR_PROFILE = 0x03000000,
1054 CSSM_ATTRIBUTE_TYPE_MASK = 0xFF000000
1055 };
1056
1057 typedef uint32 CSSM_ATTRIBUTE_TYPE;
1058 enum {
1059 CSSM_ATTRIBUTE_NONE = 0,
1060 CSSM_ATTRIBUTE_CUSTOM = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 1,
1061 CSSM_ATTRIBUTE_DESCRIPTION = CSSM_ATTRIBUTE_DATA_STRING | 2,
1062 CSSM_ATTRIBUTE_KEY = CSSM_ATTRIBUTE_DATA_KEY | 3,
1063 CSSM_ATTRIBUTE_INIT_VECTOR = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 4,
1064 CSSM_ATTRIBUTE_SALT = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 5,
1065 CSSM_ATTRIBUTE_PADDING = CSSM_ATTRIBUTE_DATA_UINT32 | 6,
1066 CSSM_ATTRIBUTE_RANDOM = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 7,
1067 CSSM_ATTRIBUTE_SEED = CSSM_ATTRIBUTE_DATA_CRYPTO_DATA | 8,
1068 CSSM_ATTRIBUTE_PASSPHRASE = CSSM_ATTRIBUTE_DATA_CRYPTO_DATA | 9,
1069 CSSM_ATTRIBUTE_KEY_LENGTH = CSSM_ATTRIBUTE_DATA_UINT32 | 10,
1070 CSSM_ATTRIBUTE_KEY_LENGTH_RANGE = CSSM_ATTRIBUTE_DATA_RANGE | 11,
1071 CSSM_ATTRIBUTE_BLOCK_SIZE = CSSM_ATTRIBUTE_DATA_UINT32 | 12,
1072 CSSM_ATTRIBUTE_OUTPUT_SIZE = CSSM_ATTRIBUTE_DATA_UINT32 | 13,
1073 CSSM_ATTRIBUTE_ROUNDS = CSSM_ATTRIBUTE_DATA_UINT32 | 14,
1074 CSSM_ATTRIBUTE_IV_SIZE = CSSM_ATTRIBUTE_DATA_UINT32 | 15,
1075 CSSM_ATTRIBUTE_ALG_PARAMS = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 16,
1076 CSSM_ATTRIBUTE_LABEL = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 17,
1077 CSSM_ATTRIBUTE_KEY_TYPE = CSSM_ATTRIBUTE_DATA_UINT32 | 18,
1078 CSSM_ATTRIBUTE_MODE = CSSM_ATTRIBUTE_DATA_UINT32 | 19,
1079 CSSM_ATTRIBUTE_EFFECTIVE_BITS = CSSM_ATTRIBUTE_DATA_UINT32 | 20,
1080 CSSM_ATTRIBUTE_START_DATE = CSSM_ATTRIBUTE_DATA_DATE | 21,
1081 CSSM_ATTRIBUTE_END_DATE = CSSM_ATTRIBUTE_DATA_DATE | 22,
1082 CSSM_ATTRIBUTE_KEYUSAGE = CSSM_ATTRIBUTE_DATA_UINT32 | 23,
1083 CSSM_ATTRIBUTE_KEYATTR = CSSM_ATTRIBUTE_DATA_UINT32 | 24,
1084 CSSM_ATTRIBUTE_VERSION = CSSM_ATTRIBUTE_DATA_VERSION | 25,
1085 CSSM_ATTRIBUTE_PRIME = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 26,
1086 CSSM_ATTRIBUTE_BASE = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 27,
1087 CSSM_ATTRIBUTE_SUBPRIME = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 28,
1088 CSSM_ATTRIBUTE_ALG_ID = CSSM_ATTRIBUTE_DATA_UINT32 | 29,
1089 CSSM_ATTRIBUTE_ITERATION_COUNT = CSSM_ATTRIBUTE_DATA_UINT32 | 30,
1090 CSSM_ATTRIBUTE_ROUNDS_RANGE = CSSM_ATTRIBUTE_DATA_RANGE | 31,
1091 CSSM_ATTRIBUTE_KRPROFILE_LOCAL = CSSM_ATTRIBUTE_DATA_KR_PROFILE | 32,
1092 CSSM_ATTRIBUTE_KRPROFILE_REMOTE = CSSM_ATTRIBUTE_DATA_KR_PROFILE | 33,
1093 CSSM_ATTRIBUTE_CSP_HANDLE = CSSM_ATTRIBUTE_DATA_UINT32 | 34,
1094 CSSM_ATTRIBUTE_DL_DB_HANDLE = CSSM_ATTRIBUTE_DATA_DL_DB_HANDLE | 35,
1095 CSSM_ATTRIBUTE_ACCESS_CREDENTIALS = CSSM_ATTRIBUTE_DATA_ACCESS_CREDENTIALS | 36,
1096 CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT = CSSM_ATTRIBUTE_DATA_UINT32 | 37,
1097 CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT = CSSM_ATTRIBUTE_DATA_UINT32 | 38,
1098 CSSM_ATTRIBUTE_SYMMETRIC_KEY_FORMAT=CSSM_ATTRIBUTE_DATA_UINT32 | 39,
1099 CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT = CSSM_ATTRIBUTE_DATA_UINT32 | 40
1100 };
1101
1102 typedef uint32 CSSM_PADDING;
1103 enum {
1104 CSSM_PADDING_NONE = 0,
1105 CSSM_PADDING_CUSTOM = CSSM_PADDING_NONE + 1,
1106 CSSM_PADDING_ZERO = CSSM_PADDING_NONE + 2,
1107 CSSM_PADDING_ONE = CSSM_PADDING_NONE + 3,
1108 CSSM_PADDING_ALTERNATE = CSSM_PADDING_NONE + 4,
1109 CSSM_PADDING_FF = CSSM_PADDING_NONE + 5,
1110 CSSM_PADDING_PKCS5 = CSSM_PADDING_NONE + 6,
1111 CSSM_PADDING_PKCS7 = CSSM_PADDING_NONE + 7,
1112 CSSM_PADDING_CIPHERSTEALING = CSSM_PADDING_NONE + 8,
1113 CSSM_PADDING_RANDOM = CSSM_PADDING_NONE + 9,
1114 CSSM_PADDING_PKCS1 = CSSM_PADDING_NONE + 10,
1115 CSSM_PADDING_SIGRAW = CSSM_PADDING_NONE + 11,
1116 /* All padding types that are vendor specific, and not
1117 part of the CSSM specification should be defined
1118 relative to CSSM_PADDING_VENDOR_DEFINED. */
1119 CSSM_PADDING_VENDOR_DEFINED = CSSM_PADDING_NONE + 0x80000000
1120 };
1121
1122 typedef CSSM_ALGORITHMS CSSM_KEY_TYPE;
1123
1124 typedef struct cssm_context_attribute {
1125 CSSM_ATTRIBUTE_TYPE AttributeType;
1126 uint32 AttributeLength;
1127 union cssm_context_attribute_value {
1128 char *String;
1129 uint32 Uint32;
1130 CSSM_ACCESS_CREDENTIALS_PTR AccessCredentials;
1131 CSSM_KEY_PTR Key;
1132 CSSM_DATA_PTR Data;
1133 CSSM_PADDING Padding;
1134 CSSM_DATE_PTR Date;
1135 CSSM_RANGE_PTR Range;
1136 CSSM_CRYPTO_DATA_PTR CryptoData;
1137 CSSM_VERSION_PTR Version;
1138 CSSM_DL_DB_HANDLE_PTR DLDBHandle;
1139 struct cssm_kr_profile *KRProfile;
1140 } Attribute;
1141 } CSSM_CONTEXT_ATTRIBUTE, *CSSM_CONTEXT_ATTRIBUTE_PTR;
1142
1143 typedef struct cssm_context {
1144 CSSM_CONTEXT_TYPE ContextType;
1145 CSSM_ALGORITHMS AlgorithmType;
1146 uint32 NumberOfAttributes;
1147 CSSM_CONTEXT_ATTRIBUTE_PTR ContextAttributes;
1148 CSSM_CSP_HANDLE CSPHandle;
1149 CSSM_BOOL Privileged;
1150 uint32 /*CSSM_KR_POLICY_FLAGS*/ EncryptionProhibited;
1151 uint32 WorkFactor;
1152 uint32 Reserved; /* reserved for future use */
1153 } CSSM_CONTEXT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CONTEXT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1154
1155 typedef uint32 CSSM_SC_FLAGS;
1156 enum {
1157 CSSM_CSP_TOK_RNG = 0x00000001,
1158 CSSM_CSP_TOK_CLOCK_EXISTS = 0x00000040
1159 };
1160
1161 typedef uint32 CSSM_CSP_READER_FLAGS;
1162 enum {
1163 CSSM_CSP_RDR_TOKENPRESENT = 0x00000001,
1164 /* Token is present in reader/slot */
1165 CSSM_CSP_RDR_EXISTS = 0x00000002,
1166 /* Device is a reader with a
1167 removable token */
1168 CSSM_CSP_RDR_HW = 0x00000004
1169 /* Slot is a hardware slot */
1170 };
1171
1172 typedef uint32 CSSM_CSP_FLAGS;
1173 enum {
1174 CSSM_CSP_TOK_WRITE_PROTECTED = 0x00000002,
1175 CSSM_CSP_TOK_LOGIN_REQUIRED = 0x00000004,
1176 CSSM_CSP_TOK_USER_PIN_INITIALIZED = 0x00000008,
1177 CSSM_CSP_TOK_PROT_AUTHENTICATION = 0x00000100,
1178 CSSM_CSP_TOK_USER_PIN_EXPIRED = 0x00100000,
1179 CSSM_CSP_TOK_SESSION_KEY_PASSWORD = 0x00200000,
1180 CSSM_CSP_TOK_PRIVATE_KEY_PASSWORD = 0x00400000,
1181 CSSM_CSP_STORES_PRIVATE_KEYS = 0x01000000,
1182 CSSM_CSP_STORES_PUBLIC_KEYS = 0x02000000,
1183 CSSM_CSP_STORES_SESSION_KEYS = 0x04000000,
1184 CSSM_CSP_STORES_CERTIFICATES = 0x08000000,
1185 CSSM_CSP_STORES_GENERIC = 0x10000000
1186 };
1187
1188 typedef uint32 CSSM_PKCS_OAEP_MGF;
1189 enum {
1190 CSSM_PKCS_OAEP_MGF_NONE = 0,
1191 CSSM_PKCS_OAEP_MGF1_SHA1 = CSSM_PKCS_OAEP_MGF_NONE + 1,
1192 CSSM_PKCS_OAEP_MGF1_MD5 = CSSM_PKCS_OAEP_MGF_NONE + 2
1193 };
1194
1195 typedef uint32 CSSM_PKCS_OAEP_PSOURCE;
1196 enum {
1197 CSSM_PKCS_OAEP_PSOURCE_NONE = 0,
1198 CSSM_PKCS_OAEP_PSOURCE_Pspecified = CSSM_PKCS_OAEP_PSOURCE_NONE + 1
1199 };
1200
1201 typedef struct cssm_pkcs1_oaep_params {
1202 uint32 HashAlgorithm;
1203 CSSM_DATA HashParams;
1204 CSSM_PKCS_OAEP_MGF MGF;
1205 CSSM_DATA MGFParams;
1206 CSSM_PKCS_OAEP_PSOURCE PSource;
1207 CSSM_DATA PSourceParams;
1208 } CSSM_PKCS1_OAEP_PARAMS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PKCS1_OAEP_PARAMS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1209
1210 typedef struct cssm_csp_operational_statistics {
1211 CSSM_BOOL UserAuthenticated;
1212 /* CSSM_TRUE if the user is logged in to the token, CSSM_FALSE otherwise. */
1213 CSSM_CSP_FLAGS DeviceFlags;
1214 uint32 TokenMaxSessionCount; /* Exported by Cryptoki modules. */
1215 uint32 TokenOpenedSessionCount;
1216 uint32 TokenMaxRWSessionCount;
1217 uint32 TokenOpenedRWSessionCount;
1218 uint32 TokenTotalPublicMem; /* Storage space statistics. */
1219 uint32 TokenFreePublicMem;
1220 uint32 TokenTotalPrivateMem;
1221 uint32 TokenFreePrivateMem;
1222 } CSSM_CSP_OPERATIONAL_STATISTICS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CSP_OPERATIONAL_STATISTICS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1223
1224 /* Indicates that the statistical value can not be revealed or is not
1225 relevant for a CSP */
1226 enum {
1227 CSSM_VALUE_NOT_AVAILABLE = -1
1228 };
1229
1230 typedef struct cssm_pkcs5_pbkdf1_params {
1231 CSSM_DATA Passphrase;
1232 CSSM_DATA InitVector;
1233 } CSSM_PKCS5_PBKDF1_PARAMS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PKCS5_PBKDF1_PARAMS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1234
1235 typedef uint32 CSSM_PKCS5_PBKDF2_PRF;
1236 enum {
1237 CSSM_PKCS5_PBKDF2_PRF_HMAC_SHA1 = 0
1238 };
1239
1240 typedef struct cssm_pkcs5_pbkdf2_params {
1241 CSSM_DATA Passphrase;
1242 CSSM_PKCS5_PBKDF2_PRF PseudoRandomFunction;
1243 } CSSM_PKCS5_PBKDF2_PARAMS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PKCS5_PBKDF2_PARAMS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1244
1245 typedef struct cssm_kea_derive_params {
1246 CSSM_DATA Rb;
1247 CSSM_DATA Yb;
1248 } CSSM_KEA_DERIVE_PARAMS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_KEA_DERIVE_PARAMS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1249
1250
1251 /* Data Types for Trust Policy Services */
1252
1253 typedef struct cssm_tp_authority_id {
1254 CSSM_DATA *AuthorityCert;
1255 CSSM_NET_ADDRESS_PTR AuthorityLocation;
1256 } CSSM_TP_AUTHORITY_ID DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_AUTHORITY_ID_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1257
1258 typedef uint32 CSSM_TP_AUTHORITY_REQUEST_TYPE, *CSSM_TP_AUTHORITY_REQUEST_TYPE_PTR;
1259 enum {
1260 CSSM_TP_AUTHORITY_REQUEST_CERTISSUE = 0x01,
1261 CSSM_TP_AUTHORITY_REQUEST_CERTREVOKE = 0x02,
1262 CSSM_TP_AUTHORITY_REQUEST_CERTSUSPEND = 0x03,
1263 CSSM_TP_AUTHORITY_REQUEST_CERTRESUME = 0x04,
1264 CSSM_TP_AUTHORITY_REQUEST_CERTVERIFY = 0x05,
1265 CSSM_TP_AUTHORITY_REQUEST_CERTNOTARIZE = 0x06,
1266 CSSM_TP_AUTHORITY_REQUEST_CERTUSERECOVER = 0x07,
1267 CSSM_TP_AUTHORITY_REQUEST_CRLISSUE = 0x100
1268 };
1269
1270 typedef CSSM_RETURN (CSSMAPI * CSSM_TP_VERIFICATION_RESULTS_CALLBACK)
1271 (CSSM_MODULE_HANDLE ModuleHandle,
1272 void *CallerCtx,
1273 CSSM_DATA_PTR VerifiedCert);
1274
1275 /* From CL */
1276 typedef CSSM_DATA CSSM_OID, *CSSM_OID_PTR;
1277
1278 typedef struct cssm_field {
1279 CSSM_OID FieldOid;
1280 CSSM_DATA FieldValue;
1281 } CSSM_FIELD DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_FIELD_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1282
1283 /* TP Again. */
1284 typedef struct cssm_tp_policyinfo {
1285 uint32 NumberOfPolicyIds;
1286 CSSM_FIELD_PTR PolicyIds;
1287 void *PolicyControl;
1288 } CSSM_TP_POLICYINFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_POLICYINFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1289
1290 typedef uint32 CSSM_TP_SERVICES;
1291 enum {
1292 /* bit masks for additional Authority services available through TP */
1293 CSSM_TP_KEY_ARCHIVE = 0x0001, /* archive cert & keys */
1294 CSSM_TP_CERT_PUBLISH = 0x0002, /* register cert in directory */
1295 CSSM_TP_CERT_NOTIFY_RENEW = 0x0004, /* notify at renewal time */
1296 CSSM_TP_CERT_DIR_UPDATE = 0x0008, /* update cert registry entry */
1297 CSSM_TP_CRL_DISTRIBUTE = 0x0010 /* push CRL to everyone */
1298 };
1299
1300 typedef uint32 CSSM_TP_ACTION;
1301 enum {
1302 CSSM_TP_ACTION_DEFAULT = 0
1303 };
1304
1305 typedef uint32 CSSM_TP_STOP_ON;
1306 enum {
1307 CSSM_TP_STOP_ON_POLICY = 0, /* use the pre-defined stopping criteria */
1308 CSSM_TP_STOP_ON_NONE = 1, /* evaluate all condition whether TRUE or FALSE */
1309 CSSM_TP_STOP_ON_FIRST_PASS = 2, /* stop evaluation at first TRUE */
1310 CSSM_TP_STOP_ON_FIRST_FAIL = 3 /* stop evaluation at first FALSE */
1311 };
1312
1313 typedef char *CSSM_TIMESTRING;
1314
1315 /* From DL. */
1316 typedef struct cssm_dl_db_list {
1317 uint32 NumHandles;
1318 CSSM_DL_DB_HANDLE_PTR DLDBHandle;
1319 } CSSM_DL_DB_LIST DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DL_DB_LIST_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1320
1321 /* TP Again. */
1322 typedef struct cssm_tp_callerauth_context {
1323 CSSM_TP_POLICYINFO Policy;
1324 CSSM_TIMESTRING VerifyTime;
1325 CSSM_TP_STOP_ON VerificationAbortOn;
1326 CSSM_TP_VERIFICATION_RESULTS_CALLBACK CallbackWithVerifiedCert;
1327 uint32 NumberOfAnchorCerts;
1328 CSSM_DATA_PTR AnchorCerts;
1329 CSSM_DL_DB_LIST_PTR DBList;
1330 CSSM_ACCESS_CREDENTIALS_PTR CallerCredentials;
1331 } CSSM_TP_CALLERAUTH_CONTEXT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CALLERAUTH_CONTEXT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1332
1333 typedef uint32 CSSM_CRL_PARSE_FORMAT, * CSSM_CRL_PARSE_FORMAT_PTR;
1334 enum {
1335 CSSM_CRL_PARSE_FORMAT_NONE = 0x00,
1336 CSSM_CRL_PARSE_FORMAT_CUSTOM = 0x01,
1337 CSSM_CRL_PARSE_FORMAT_SEXPR = 0x02,
1338 CSSM_CRL_PARSE_FORMAT_COMPLEX = 0x03,
1339 CSSM_CRL_PARSE_FORMAT_OID_NAMED = 0x04,
1340 CSSM_CRL_PARSE_FORMAT_TUPLE = 0x05,
1341 CSSM_CRL_PARSE_FORMAT_MULTIPLE = 0x7FFE,
1342 CSSM_CRL_PARSE_FORMAT_LAST = 0x7FFF,
1343 /* Applications wishing to define their own custom parse
1344 format should create a uint32 value greater than the
1345 CSSM_CL_CUSTOM_CRL_PARSE_FORMAT */
1346 CSSM_CL_CUSTOM_CRL_PARSE_FORMAT = 0x8000
1347 };
1348
1349 /* From CL. */
1350 typedef uint32 CSSM_CRL_TYPE, *CSSM_CRL_TYPE_PTR;
1351 enum {
1352 CSSM_CRL_TYPE_UNKNOWN = 0x00,
1353 CSSM_CRL_TYPE_X_509v1 = 0x01,
1354 CSSM_CRL_TYPE_X_509v2 = 0x02,
1355 CSSM_CRL_TYPE_SPKI = 0x03,
1356 CSSM_CRL_TYPE_MULTIPLE = 0x7FFE
1357 };
1358
1359 typedef uint32 CSSM_CRL_ENCODING, *CSSM_CRL_ENCODING_PTR;
1360 enum {
1361 CSSM_CRL_ENCODING_UNKNOWN = 0x00,
1362 CSSM_CRL_ENCODING_CUSTOM = 0x01,
1363 CSSM_CRL_ENCODING_BER = 0x02,
1364 CSSM_CRL_ENCODING_DER = 0x03,
1365 CSSM_CRL_ENCODING_BLOOM = 0x04,
1366 CSSM_CRL_ENCODING_SEXPR = 0x05,
1367 CSSM_CRL_ENCODING_MULTIPLE = 0x7FFE
1368 };
1369
1370 typedef struct cssm_encoded_crl {
1371 CSSM_CRL_TYPE CrlType; /* type of CRL */
1372 CSSM_CRL_ENCODING CrlEncoding; /* encoding for this packed CRL */
1373 CSSM_DATA CrlBlob; /* packed CRL */
1374 } CSSM_ENCODED_CRL DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ENCODED_CRL_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1375
1376 /* TP Again. */
1377 typedef struct cssm_parsed_crl {
1378 CSSM_CRL_TYPE CrlType; /* CRL type */
1379 CSSM_CRL_PARSE_FORMAT ParsedCrlFormat;
1380 /* struct of ParsedCrl */
1381 void *ParsedCrl; /* parsed CRL (to be typecast) */
1382 } CSSM_PARSED_CRL DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PARSED_CRL_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1383
1384 typedef struct cssm_crl_pair {
1385 CSSM_ENCODED_CRL EncodedCrl; /* an encoded CRL blob */
1386 CSSM_PARSED_CRL ParsedCrl; /* equivalent parsed CRL */
1387 } CSSM_CRL_PAIR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CRL_PAIR_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1388
1389 typedef uint32 CSSM_CRLGROUP_TYPE, * CSSM_CRLGROUP_TYPE_PTR;
1390 enum {
1391 CSSM_CRLGROUP_DATA = 0x00,
1392 CSSM_CRLGROUP_ENCODED_CRL = 0x01,
1393 CSSM_CRLGROUP_PARSED_CRL = 0x02,
1394 CSSM_CRLGROUP_CRL_PAIR = 0x03
1395 };
1396
1397 typedef struct cssm_crlgroup {
1398 CSSM_CRL_TYPE CrlType;
1399 CSSM_CRL_ENCODING CrlEncoding;
1400 uint32 NumberOfCrls;
1401 union {
1402 CSSM_DATA_PTR CrlList; /* CRL blob */
1403 CSSM_ENCODED_CRL_PTR EncodedCrlList; /* CRL blob w/ separate type */
1404 CSSM_PARSED_CRL_PTR ParsedCrlList; /* bushy, parsed CRL */
1405 CSSM_CRL_PAIR_PTR PairCrlList;
1406 } GroupCrlList;
1407 CSSM_CRLGROUP_TYPE CrlGroupType;
1408 } CSSM_CRLGROUP, *CSSM_CRLGROUP_PTR;
1409
1410 typedef struct cssm_fieldgroup {
1411 int NumberOfFields; /* number of fields in the array */
1412 CSSM_FIELD_PTR Fields; /* array of fields */
1413 } CSSM_FIELDGROUP DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_FIELDGROUP_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1414
1415 typedef uint32 CSSM_EVIDENCE_FORM;
1416 enum {
1417 CSSM_EVIDENCE_FORM_UNSPECIFIC = 0x0,
1418 CSSM_EVIDENCE_FORM_CERT = 0x1,
1419 CSSM_EVIDENCE_FORM_CRL = 0x2,
1420 CSSM_EVIDENCE_FORM_CERT_ID = 0x3,
1421 CSSM_EVIDENCE_FORM_CRL_ID = 0x4,
1422 CSSM_EVIDENCE_FORM_VERIFIER_TIME = 0x5,
1423 CSSM_EVIDENCE_FORM_CRL_THISTIME = 0x6,
1424 CSSM_EVIDENCE_FORM_CRL_NEXTTIME = 0x7,
1425 CSSM_EVIDENCE_FORM_POLICYINFO = 0x8,
1426 CSSM_EVIDENCE_FORM_TUPLEGROUP = 0x9
1427 };
1428
1429 typedef struct cssm_evidence {
1430 CSSM_EVIDENCE_FORM EvidenceForm;
1431 void *Evidence; /* Evidence content */
1432 } CSSM_EVIDENCE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_EVIDENCE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1433
1434 typedef struct cssm_tp_verify_context {
1435 CSSM_TP_ACTION Action;
1436 CSSM_DATA ActionData;
1437 CSSM_CRLGROUP Crls;
1438 CSSM_TP_CALLERAUTH_CONTEXT_PTR Cred;
1439 } CSSM_TP_VERIFY_CONTEXT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_VERIFY_CONTEXT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1440
1441 typedef struct cssm_tp_verify_context_result {
1442 uint32 NumberOfEvidences;
1443 CSSM_EVIDENCE_PTR Evidence;
1444 } CSSM_TP_VERIFY_CONTEXT_RESULT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_VERIFY_CONTEXT_RESULT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1445
1446 typedef struct cssm_tp_request_set {
1447 uint32 NumberOfRequests;
1448 void *Requests;
1449 } CSSM_TP_REQUEST_SET DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_REQUEST_SET_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1450
1451 typedef struct cssm_tp_result_set {
1452 uint32 NumberOfResults;
1453 void *Results;
1454 } CSSM_TP_RESULT_SET DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_RESULT_SET_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1455
1456 typedef uint32 CSSM_TP_CONFIRM_STATUS, *CSSM_TP_CONFIRM_STATUS_PTR;
1457 enum {
1458 CSSM_TP_CONFIRM_STATUS_UNKNOWN = 0x0,
1459 /* indeterminate */
1460 CSSM_TP_CONFIRM_ACCEPT = 0x1,
1461 /* accept results of executing a
1462 submit-retrieve function pair */
1463 CSSM_TP_CONFIRM_REJECT = 0x2
1464 /* reject results of executing a
1465 submit-retrieve function pair */
1466 };
1467
1468 typedef struct cssm_tp_confirm_response {
1469 uint32 NumberOfResponses;
1470 CSSM_TP_CONFIRM_STATUS_PTR Responses;
1471 } CSSM_TP_CONFIRM_RESPONSE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CONFIRM_RESPONSE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1472
1473 enum {
1474 CSSM_ESTIMATED_TIME_UNKNOWN = -1
1475 };
1476
1477 enum {
1478 CSSM_ELAPSED_TIME_UNKNOWN = -1,
1479 CSSM_ELAPSED_TIME_COMPLETE = -2
1480 };
1481
1482 typedef struct cssm_tp_certissue_input {
1483 CSSM_SUBSERVICE_UID CSPSubserviceUid;
1484 CSSM_CL_HANDLE CLHandle;
1485 uint32 NumberOfTemplateFields;
1486 CSSM_FIELD_PTR SubjectCertFields;
1487 CSSM_TP_SERVICES MoreServiceRequests;
1488 uint32 NumberOfServiceControls;
1489 CSSM_FIELD_PTR ServiceControls;
1490 CSSM_ACCESS_CREDENTIALS_PTR UserCredentials;
1491 } CSSM_TP_CERTISSUE_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTISSUE_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1492
1493 typedef uint32 CSSM_TP_CERTISSUE_STATUS;
1494 enum {
1495 CSSM_TP_CERTISSUE_STATUS_UNKNOWN = 0x0,
1496 /* indeterminate */
1497 CSSM_TP_CERTISSUE_OK = 0x1,
1498 /* cert issued as requested */
1499 CSSM_TP_CERTISSUE_OKWITHCERTMODS = 0x2,
1500 /* cert issued but cert contents were
1501 updated by the issuing authority */
1502 CSSM_TP_CERTISSUE_OKWITHSERVICEMODS = 0x3,
1503 /* cert issued but some requested backend
1504 services were not performed by the
1505 issuing authority */
1506 CSSM_TP_CERTISSUE_REJECTED = 0x4,
1507 /* cert was not issued due to some error
1508 condition */
1509 CSSM_TP_CERTISSUE_NOT_AUTHORIZED = 0x5,
1510 /* cert was not issued, the request was
1511 not authorized */
1512 CSSM_TP_CERTISSUE_WILL_BE_REVOKED = 0x6
1513 /* cert was issued, but TP has initiated
1514 a revocation of the certificate */
1515 };
1516
1517 typedef struct cssm_tp_certissue_output {
1518 CSSM_TP_CERTISSUE_STATUS IssueStatus;
1519 CSSM_CERTGROUP_PTR CertGroup;
1520 CSSM_TP_SERVICES PerformedServiceRequests;
1521 } CSSM_TP_CERTISSUE_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTISSUE_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1522
1523 typedef uint32 CSSM_TP_CERTCHANGE_ACTION;
1524 enum {
1525 CSSM_TP_CERTCHANGE_NONE = 0x0, /* no change */
1526 CSSM_TP_CERTCHANGE_REVOKE = 0x1, /* Revoke the certificate */
1527 /* This action type indicates a request to revoke a single
1528 certificate. Notice of the revocation operation remains
1529 in affect until the certificate itself expires. Revocation
1530 should be used to permanently remove a certificate from use. */
1531 CSSM_TP_CERTCHANGE_HOLD = 0x2, /* Hold/suspend the certificate */
1532 /* This action type indicates a request to suspend a
1533 single certificate. A suspension operation implies
1534 that the requester intends, at some time in the future,
1535 to request that the certificate be released from hold,
1536 making it available for use again. Placing a hold on
1537 a certificate does not obligate the requester to
1538 request a release. In practice, a certificate may
1539 remain on hold until the certificate itself expires.
1540 Revocation should be used to permanently remove a
1541 certificate from use. */
1542 CSSM_TP_CERTCHANGE_RELEASE = 0x3 /* Release the held certificate */
1543 /* This action type indicates a request to release a
1544 single certificate currently on hold. A release
1545 operation makes a certificate available for use again.
1546 Revocation should be used to permanently remove a
1547 certificate from use. */
1548 };
1549
1550 typedef uint32 CSSM_TP_CERTCHANGE_REASON;
1551 enum {
1552 CSSM_TP_CERTCHANGE_REASON_UNKNOWN = 0x0,
1553 /* unspecified */
1554 CSSM_TP_CERTCHANGE_REASON_KEYCOMPROMISE = 0x1,
1555 /* Subject key believed to be compromised */
1556 CSSM_TP_CERTCHANGE_REASON_CACOMPROMISE = 0x2,
1557 /* CA\92s key believed to be compromised */
1558 CSSM_TP_CERTCHANGE_REASON_CEASEOPERATION = 0x3,
1559 /* certificate holder ceases operation under
1560 the jurisdiction of this certificate */
1561 CSSM_TP_CERTCHANGE_REASON_AFFILIATIONCHANGE = 0x4,
1562 /* certificate holder has moved from this
1563 jurisdiction */
1564 CSSM_TP_CERTCHANGE_REASON_SUPERCEDED = 0x5,
1565 /* certificate holder as issued a new, superceding
1566 certificate */
1567 CSSM_TP_CERTCHANGE_REASON_SUSPECTEDCOMPROMISE = 0x6,
1568 /* certificate could be compromised */
1569 CSSM_TP_CERTCHANGE_REASON_HOLDRELEASE = 0x7
1570 /* certificate holder resumes operation under the
1571 jurisdiction of this certificate */
1572 };
1573
1574 typedef struct cssm_tp_certchange_input {
1575 CSSM_TP_CERTCHANGE_ACTION Action;
1576 CSSM_TP_CERTCHANGE_REASON Reason;
1577 CSSM_CL_HANDLE CLHandle;
1578 CSSM_DATA_PTR Cert;
1579 CSSM_FIELD_PTR ChangeInfo;
1580 CSSM_TIMESTRING StartTime;
1581 CSSM_ACCESS_CREDENTIALS_PTR CallerCredentials;
1582 } CSSM_TP_CERTCHANGE_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTCHANGE_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1583
1584 typedef uint32 CSSM_TP_CERTCHANGE_STATUS;
1585 enum {
1586 CSSM_TP_CERTCHANGE_STATUS_UNKNOWN = 0x0,
1587 /* indeterminate */
1588 CSSM_TP_CERTCHANGE_OK = 0x1,
1589 /* cert state was successfully changed
1590 beginning at the specified time */
1591 CSSM_TP_CERTCHANGE_OKWITHNEWTIME = 0x2,
1592 /* cert state was successfully changed,
1593 at a modified effective time */
1594 CSSM_TP_CERTCHANGE_WRONGCA = 0x3,
1595 /* cert state was not changed, the
1596 selected CA is not authorized to
1597 change the cert state */
1598 CSSM_TP_CERTCHANGE_REJECTED = 0x4,
1599 /* cert state was not changed due to some
1600 error condition */
1601 CSSM_TP_CERTCHANGE_NOT_AUTHORIZED = 0x5
1602 /* cert state was not changed, the
1603 requester is not authorized to change
1604 the cert state */
1605 };
1606
1607 typedef struct cssm_tp_certchange_output {
1608 CSSM_TP_CERTCHANGE_STATUS ActionStatus;
1609 CSSM_FIELD RevokeInfo;
1610 } CSSM_TP_CERTCHANGE_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTCHANGE_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1611
1612 typedef struct cssm_tp_certverify_input {
1613 CSSM_CL_HANDLE CLHandle;
1614 CSSM_DATA_PTR Cert;
1615 CSSM_TP_VERIFY_CONTEXT_PTR VerifyContext;
1616 } CSSM_TP_CERTVERIFY_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTVERIFY_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1617
1618 typedef uint32 CSSM_TP_CERTVERIFY_STATUS;
1619 enum {
1620 CSSM_TP_CERTVERIFY_UNKNOWN = 0x0,
1621 CSSM_TP_CERTVERIFY_VALID = 0x1,
1622 CSSM_TP_CERTVERIFY_INVALID = 0x2,
1623 CSSM_TP_CERTVERIFY_REVOKED = 0x3,
1624 CSSM_TP_CERTVERIFY_SUSPENDED = 0x4,
1625 CSSM_TP_CERTVERIFY_EXPIRED = 0x5,
1626 CSSM_TP_CERTVERIFY_NOT_VALID_YET = 0x6,
1627 CSSM_TP_CERTVERIFY_INVALID_AUTHORITY = 0x7,
1628 CSSM_TP_CERTVERIFY_INVALID_SIGNATURE = 0x8,
1629 CSSM_TP_CERTVERIFY_INVALID_CERT_VALUE = 0x9,
1630 CSSM_TP_CERTVERIFY_INVALID_CERTGROUP = 0xA,
1631 CSSM_TP_CERTVERIFY_INVALID_POLICY = 0xB,
1632 CSSM_TP_CERTVERIFY_INVALID_POLICY_IDS = 0xC,
1633 CSSM_TP_CERTVERIFY_INVALID_BASIC_CONSTRAINTS = 0xD,
1634 CSSM_TP_CERTVERIFY_INVALID_CRL_DIST_PT = 0xE,
1635 CSSM_TP_CERTVERIFY_INVALID_NAME_TREE = 0xF,
1636 CSSM_TP_CERTVERIFY_UNKNOWN_CRITICAL_EXT = 0x10
1637 };
1638
1639 typedef struct cssm_tp_certverify_output {
1640 CSSM_TP_CERTVERIFY_STATUS VerifyStatus;
1641 uint32 NumberOfEvidence;
1642 CSSM_EVIDENCE_PTR Evidence;
1643 } CSSM_TP_CERTVERIFY_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTVERIFY_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1644
1645 typedef struct cssm_tp_certnotarize_input {
1646 CSSM_CL_HANDLE CLHandle;
1647 uint32 NumberOfFields;
1648 CSSM_FIELD_PTR MoreFields;
1649 CSSM_FIELD_PTR SignScope;
1650 uint32 ScopeSize;
1651 CSSM_TP_SERVICES MoreServiceRequests;
1652 uint32 NumberOfServiceControls;
1653 CSSM_FIELD_PTR ServiceControls;
1654 CSSM_ACCESS_CREDENTIALS_PTR UserCredentials;
1655 } CSSM_TP_CERTNOTARIZE_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTNOTARIZE_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1656
1657 typedef uint32 CSSM_TP_CERTNOTARIZE_STATUS;
1658 enum {
1659 CSSM_TP_CERTNOTARIZE_STATUS_UNKNOWN = 0x0,
1660 /* indeterminate */
1661 CSSM_TP_CERTNOTARIZE_OK = 0x1,
1662 /* cert fields were added and the result was
1663 notarized as requested */
1664 CSSM_TP_CERTNOTARIZE_OKWITHOUTFIELDS = 0x2,
1665 /* non-conflicting cert fields were added,
1666 conflicting cert fields were ignored,
1667 and the result was notarized as requested */
1668 CSSM_TP_CERTNOTARIZE_OKWITHSERVICEMODS = 0x3,
1669 /* cert fields were added and the result was
1670 notarized as requested, but some requested
1671 backend services were not performed by the
1672 notary */
1673 CSSM_TP_CERTNOTARIZE_REJECTED = 0x4,
1674 /* cert was not notarized due to some error
1675 condition */
1676 CSSM_TP_CERTNOTARIZE_NOT_AUTHORIZED = 0x5
1677 /* cert was not notarized, the request was
1678 not authorized */
1679 };
1680
1681 typedef struct cssm_tp_certnotarize_output {
1682 CSSM_TP_CERTNOTARIZE_STATUS NotarizeStatus;
1683 CSSM_CERTGROUP_PTR NotarizedCertGroup;
1684 CSSM_TP_SERVICES PerformedServiceRequests;
1685 } CSSM_TP_CERTNOTARIZE_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTNOTARIZE_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1686
1687 typedef struct cssm_tp_certreclaim_input {
1688 CSSM_CL_HANDLE CLHandle;
1689 uint32 NumberOfSelectionFields;
1690 CSSM_FIELD_PTR SelectionFields;
1691 CSSM_ACCESS_CREDENTIALS_PTR UserCredentials;
1692 } CSSM_TP_CERTRECLAIM_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTRECLAIM_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1693
1694 typedef uint32 CSSM_TP_CERTRECLAIM_STATUS;
1695 enum {
1696 CSSM_TP_CERTRECLAIM_STATUS_UNKNOWN = 0x0,
1697 /* indeterminate */
1698 CSSM_TP_CERTRECLAIM_OK = 0x1,
1699 /* a set of one or more certificates were
1700 returned by the CA for local recovery
1701 of the associated private key */
1702 CSSM_TP_CERTRECLAIM_NOMATCH = 0x2,
1703 /* no certificates owned by the requester
1704 were found matching the specified
1705 selection fields */
1706 CSSM_TP_CERTRECLAIM_REJECTED = 0x3,
1707 /* certificate reclamation failed due
1708 to some error condition */
1709 CSSM_TP_CERTRECLAIM_NOT_AUTHORIZED = 0x4
1710 /* certificate reclamation was not
1711 performed, the request was not
1712 authorized */
1713 };
1714
1715 typedef struct cssm_tp_certreclaim_output {
1716 CSSM_TP_CERTRECLAIM_STATUS ReclaimStatus;
1717 CSSM_CERTGROUP_PTR ReclaimedCertGroup;
1718 CSSM_LONG_HANDLE KeyCacheHandle;
1719 } CSSM_TP_CERTRECLAIM_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTRECLAIM_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1720
1721 typedef struct cssm_tp_crlissue_input {
1722 CSSM_CL_HANDLE CLHandle;
1723 uint32 CrlIdentifier;
1724 CSSM_TIMESTRING CrlThisTime;
1725 CSSM_FIELD_PTR PolicyIdentifier;
1726 CSSM_ACCESS_CREDENTIALS_PTR CallerCredentials;
1727 } CSSM_TP_CRLISSUE_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CRLISSUE_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1728
1729 typedef uint32 CSSM_TP_CRLISSUE_STATUS;
1730 enum {
1731 CSSM_TP_CRLISSUE_STATUS_UNKNOWN = 0x0,
1732 /* indeterminate */
1733 CSSM_TP_CRLISSUE_OK = 0x1,
1734 /* a copy of the most current CRL was
1735 issued as requested and the time for
1736 issuing the next CRL is also returned */
1737 CSSM_TP_CRLISSUE_NOT_CURRENT = 0x2,
1738 /* either no CRL has been issued since
1739 the CRL identified in the request, or
1740 it is not time to issue an updated CRL.
1741 no CRL has been returned, but the time
1742 for issuing the next CRL is included
1743 in the results */
1744 CSSM_TP_CRLISSUE_INVALID_DOMAIN = 0x3,
1745 /* CRL domain was not recognized or was
1746 outside the CA jurisdiction, no CRL or
1747 time for the next CRL has been
1748 returned. */
1749 CSSM_TP_CRLISSUE_UNKNOWN_IDENTIFIER = 0x4,
1750 /* unrecognized CRL identifier, no CRL or
1751 time for the next CRL has been
1752 returned. */
1753 CSSM_TP_CRLISSUE_REJECTED = 0x5,
1754 /* CRL was not issued due to some error
1755 condition, no CRL or time for the next
1756 CRL has been returned. */
1757 CSSM_TP_CRLISSUE_NOT_AUTHORIZED = 0x6
1758 /* CRL was not issued, the request was
1759 not authorized, no CRL or time for the
1760 next CRL has been returned. */
1761 };
1762
1763 typedef struct cssm_tp_crlissue_output {
1764 CSSM_TP_CRLISSUE_STATUS IssueStatus;
1765 CSSM_ENCODED_CRL_PTR Crl;
1766 CSSM_TIMESTRING CrlNextTime;
1767 } CSSM_TP_CRLISSUE_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CRLISSUE_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1768
1769 typedef uint32 CSSM_TP_FORM_TYPE;
1770 enum {
1771 CSSM_TP_FORM_TYPE_GENERIC = 0x0,
1772 CSSM_TP_FORM_TYPE_REGISTRATION = 0x1
1773 };
1774
1775 /* Data Types for Certificate Library Services */
1776
1777 typedef uint32 CSSM_CL_TEMPLATE_TYPE;
1778 enum {
1779 CSSM_CL_TEMPLATE_INTERMEDIATE_CERT = 1,
1780 /* for X509 certificates, a fully-formed
1781 encoded certificate with empty signature field */
1782 CSSM_CL_TEMPLATE_PKIX_CERTTEMPLATE = 2
1783 /* as defined in RFC2511, section 5 CertTemplate */
1784 };
1785
1786 typedef uint32 CSSM_CERT_BUNDLE_TYPE;
1787 enum {
1788 CSSM_CERT_BUNDLE_UNKNOWN = 0x00,
1789 CSSM_CERT_BUNDLE_CUSTOM = 0x01,
1790 CSSM_CERT_BUNDLE_PKCS7_SIGNED_DATA = 0x02,
1791 CSSM_CERT_BUNDLE_PKCS7_SIGNED_ENVELOPED_DATA = 0x03,
1792 CSSM_CERT_BUNDLE_PKCS12 = 0x04,
1793 CSSM_CERT_BUNDLE_PFX = 0x05,
1794 CSSM_CERT_BUNDLE_SPKI_SEQUENCE = 0x06,
1795 CSSM_CERT_BUNDLE_PGP_KEYRING = 0x07,
1796 CSSM_CERT_BUNDLE_LAST = 0x7FFF,
1797 /* Applications wishing to define their own custom certificate
1798 bundle type should define and publicly document a uint32
1799 value greater than CSSM_CL_CUSTOM_CERT_BUNDLE_TYPE */
1800 CSSM_CL_CUSTOM_CERT_BUNDLE_TYPE = 0x8000
1801 };
1802
1803 typedef uint32 CSSM_CERT_BUNDLE_ENCODING;
1804 enum {
1805 CSSM_CERT_BUNDLE_ENCODING_UNKNOWN = 0x00,
1806 CSSM_CERT_BUNDLE_ENCODING_CUSTOM = 0x01,
1807 CSSM_CERT_BUNDLE_ENCODING_BER = 0x02,
1808 CSSM_CERT_BUNDLE_ENCODING_DER = 0x03,
1809 CSSM_CERT_BUNDLE_ENCODING_SEXPR = 0x04,
1810 CSSM_CERT_BUNDLE_ENCODING_PGP = 0x05
1811 };
1812
1813 typedef struct cssm_cert_bundle_header {
1814 CSSM_CERT_BUNDLE_TYPE BundleType;
1815 CSSM_CERT_BUNDLE_ENCODING BundleEncoding;
1816 } CSSM_CERT_BUNDLE_HEADER DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CERT_BUNDLE_HEADER_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1817
1818 typedef struct cssm_cert_bundle {
1819 CSSM_CERT_BUNDLE_HEADER BundleHeader;
1820 CSSM_DATA Bundle;
1821 } CSSM_CERT_BUNDLE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CERT_BUNDLE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1822
1823 enum {
1824 CSSM_FIELDVALUE_COMPLEX_DATA_TYPE = 0xFFFFFFFF
1825 };
1826
1827 /* Data Types for Data Storage Library Services */
1828
1829 typedef uint32 CSSM_DB_ATTRIBUTE_NAME_FORMAT, *CSSM_DB_ATTRIBUTE_NAME_FORMAT_PTR;
1830 enum {
1831 CSSM_DB_ATTRIBUTE_NAME_AS_STRING = 0,
1832 CSSM_DB_ATTRIBUTE_NAME_AS_OID = 1,
1833 CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER = 2
1834 };
1835
1836 typedef uint32 CSSM_DB_ATTRIBUTE_FORMAT, *CSSM_DB_ATTRIBUTE_FORMAT_PTR;
1837 enum {
1838 CSSM_DB_ATTRIBUTE_FORMAT_STRING = 0,
1839 CSSM_DB_ATTRIBUTE_FORMAT_SINT32 = 1,
1840 CSSM_DB_ATTRIBUTE_FORMAT_UINT32 = 2,
1841 CSSM_DB_ATTRIBUTE_FORMAT_BIG_NUM = 3,
1842 CSSM_DB_ATTRIBUTE_FORMAT_REAL = 4,
1843 CSSM_DB_ATTRIBUTE_FORMAT_TIME_DATE = 5,
1844 CSSM_DB_ATTRIBUTE_FORMAT_BLOB = 6,
1845 CSSM_DB_ATTRIBUTE_FORMAT_MULTI_UINT32 = 7,
1846 CSSM_DB_ATTRIBUTE_FORMAT_COMPLEX = 8
1847 };
1848
1849 typedef struct cssm_db_attribute_info {
1850 CSSM_DB_ATTRIBUTE_NAME_FORMAT AttributeNameFormat;
1851 union cssm_db_attribute_label {
1852 char *AttributeName; /* e.g., "record label" */
1853 CSSM_OID AttributeOID; /* e.g., CSSMOID_RECORDLABEL */
1854 uint32 AttributeID; /* e.g., FOUR_CHAR_CODE('recl') */
1855 } Label;
1856 CSSM_DB_ATTRIBUTE_FORMAT AttributeFormat;
1857 } CSSM_DB_ATTRIBUTE_INFO, *CSSM_DB_ATTRIBUTE_INFO_PTR;
1858
1859 typedef struct cssm_db_attribute_data {
1860 CSSM_DB_ATTRIBUTE_INFO Info;
1861 uint32 NumberOfValues;
1862 CSSM_DATA_PTR Value;
1863 } CSSM_DB_ATTRIBUTE_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_ATTRIBUTE_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1864
1865 typedef uint32 CSSM_DB_RECORDTYPE;
1866 enum {
1867 /* Schema Management Name Space Range Definition*/
1868 CSSM_DB_RECORDTYPE_SCHEMA_START = 0x00000000,
1869 CSSM_DB_RECORDTYPE_SCHEMA_END = CSSM_DB_RECORDTYPE_SCHEMA_START + 4,
1870 /* Open Group Application Name Space Range Definition*/
1871 CSSM_DB_RECORDTYPE_OPEN_GROUP_START = 0x0000000A,
1872 CSSM_DB_RECORDTYPE_OPEN_GROUP_END = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 8,
1873 /* Industry At Large Application Name Space Range Definition */
1874 CSSM_DB_RECORDTYPE_APP_DEFINED_START = 0x80000000,
1875 CSSM_DB_RECORDTYPE_APP_DEFINED_END = 0xffffffff,
1876 /* Record Types defined in the Schema Management Name Space */
1877 CSSM_DL_DB_SCHEMA_INFO = CSSM_DB_RECORDTYPE_SCHEMA_START + 0,
1878 CSSM_DL_DB_SCHEMA_INDEXES = CSSM_DB_RECORDTYPE_SCHEMA_START + 1,
1879 CSSM_DL_DB_SCHEMA_ATTRIBUTES = CSSM_DB_RECORDTYPE_SCHEMA_START + 2,
1880 CSSM_DL_DB_SCHEMA_PARSING_MODULE = CSSM_DB_RECORDTYPE_SCHEMA_START + 3,
1881 /* Record Types defined in the Open Group Application Name Space */
1882 CSSM_DL_DB_RECORD_ANY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 0,
1883 CSSM_DL_DB_RECORD_CERT = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 1,
1884 CSSM_DL_DB_RECORD_CRL = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 2,
1885 CSSM_DL_DB_RECORD_POLICY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 3,
1886 CSSM_DL_DB_RECORD_GENERIC = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 4,
1887 CSSM_DL_DB_RECORD_PUBLIC_KEY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 5,
1888 CSSM_DL_DB_RECORD_PRIVATE_KEY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 6,
1889 CSSM_DL_DB_RECORD_SYMMETRIC_KEY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 7,
1890 CSSM_DL_DB_RECORD_ALL_KEYS = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 8
1891 };
1892
1893 enum {
1894 CSSM_DB_CERT_USE_TRUSTED = 0x00000001, /* application-defined as trusted */
1895 CSSM_DB_CERT_USE_SYSTEM = 0x00000002, /* the CSSM system cert */
1896 CSSM_DB_CERT_USE_OWNER = 0x00000004, /* private key owned by system user*/
1897 CSSM_DB_CERT_USE_REVOKED = 0x00000008, /* revoked cert -15913 used w CRL APIs */
1898 CSSM_DB_CERT_USE_SIGNING = 0x00000010, /* use cert for signing only */
1899 CSSM_DB_CERT_USE_PRIVACY = 0x00000020 /* use cert for confidentiality only */
1900 };
1901
1902 typedef struct cssm_db_record_attribute_info {
1903 CSSM_DB_RECORDTYPE DataRecordType;
1904 uint32 NumberOfAttributes;
1905 CSSM_DB_ATTRIBUTE_INFO_PTR AttributeInfo;
1906 } CSSM_DB_RECORD_ATTRIBUTE_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_RECORD_ATTRIBUTE_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1907
1908 typedef struct cssm_db_record_attribute_data {
1909 CSSM_DB_RECORDTYPE DataRecordType;
1910 uint32 SemanticInformation;
1911 uint32 NumberOfAttributes;
1912 CSSM_DB_ATTRIBUTE_DATA_PTR AttributeData;
1913 } CSSM_DB_RECORD_ATTRIBUTE_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_RECORD_ATTRIBUTE_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1914
1915 typedef struct cssm_db_parsing_module_info {
1916 CSSM_DB_RECORDTYPE RecordType;
1917 CSSM_SUBSERVICE_UID ModuleSubserviceUid;
1918 } CSSM_DB_PARSING_MODULE_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_PARSING_MODULE_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1919
1920 typedef uint32 CSSM_DB_INDEX_TYPE;
1921 enum {
1922 CSSM_DB_INDEX_UNIQUE = 0,
1923 CSSM_DB_INDEX_NONUNIQUE = 1
1924 };
1925
1926 typedef uint32 CSSM_DB_INDEXED_DATA_LOCATION;
1927 enum {
1928 CSSM_DB_INDEX_ON_UNKNOWN = 0,
1929 CSSM_DB_INDEX_ON_ATTRIBUTE = 1,
1930 CSSM_DB_INDEX_ON_RECORD = 2
1931 };
1932
1933 typedef struct cssm_db_index_info {
1934 CSSM_DB_INDEX_TYPE IndexType;
1935 CSSM_DB_INDEXED_DATA_LOCATION IndexedDataLocation;
1936 CSSM_DB_ATTRIBUTE_INFO Info;
1937 } CSSM_DB_INDEX_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_INDEX_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1938
1939 typedef struct cssm_db_unique_record {
1940 CSSM_DB_INDEX_INFO RecordLocator;
1941 CSSM_DATA RecordIdentifier;
1942 } CSSM_DB_UNIQUE_RECORD DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_UNIQUE_RECORD_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1943
1944 typedef struct cssm_db_record_index_info {
1945 CSSM_DB_RECORDTYPE DataRecordType;
1946 uint32 NumberOfIndexes;
1947 CSSM_DB_INDEX_INFO_PTR IndexInfo;
1948 } CSSM_DB_RECORD_INDEX_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_RECORD_INDEX_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1949
1950 typedef uint32 CSSM_DB_ACCESS_TYPE, *CSSM_DB_ACCESS_TYPE_PTR;
1951 enum {
1952 CSSM_DB_ACCESS_READ = 0x00001,
1953 CSSM_DB_ACCESS_WRITE = 0x00002,
1954 CSSM_DB_ACCESS_PRIVILEGED = 0x00004 /* versus user mode */
1955 };
1956
1957 typedef uint32 CSSM_DB_MODIFY_MODE;
1958 enum {
1959 CSSM_DB_MODIFY_ATTRIBUTE_NONE = 0,
1960 CSSM_DB_MODIFY_ATTRIBUTE_ADD = CSSM_DB_MODIFY_ATTRIBUTE_NONE + 1,
1961 CSSM_DB_MODIFY_ATTRIBUTE_DELETE = CSSM_DB_MODIFY_ATTRIBUTE_NONE + 2,
1962 CSSM_DB_MODIFY_ATTRIBUTE_REPLACE = CSSM_DB_MODIFY_ATTRIBUTE_NONE + 3
1963 };
1964
1965 typedef struct cssm_dbinfo {
1966 /* meta information about each record type stored in this
1967 data store including meta information about record
1968 attributes and indexes */
1969 uint32 NumberOfRecordTypes;
1970 CSSM_DB_PARSING_MODULE_INFO_PTR DefaultParsingModules;
1971 CSSM_DB_RECORD_ATTRIBUTE_INFO_PTR RecordAttributeNames;
1972 CSSM_DB_RECORD_INDEX_INFO_PTR RecordIndexes;
1973 /* access restrictions for opening this data store */
1974 CSSM_BOOL IsLocal;
1975 char *AccessPath; /* URL, dir path, etc. */
1976 void *Reserved;
1977 } CSSM_DBINFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DBINFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
1978
1979 typedef uint32 CSSM_DB_OPERATOR, *CSSM_DB_OPERATOR_PTR;
1980 enum {
1981 CSSM_DB_EQUAL = 0,
1982 CSSM_DB_NOT_EQUAL = 1,
1983 CSSM_DB_LESS_THAN = 2,
1984 CSSM_DB_GREATER_THAN = 3,
1985 CSSM_DB_CONTAINS = 4,
1986 CSSM_DB_CONTAINS_INITIAL_SUBSTRING = 5,
1987 CSSM_DB_CONTAINS_FINAL_SUBSTRING = 6
1988 };
1989
1990 typedef uint32 CSSM_DB_CONJUNCTIVE, *CSSM_DB_CONJUNCTIVE_PTR;
1991 enum {
1992 CSSM_DB_NONE = 0,
1993 CSSM_DB_AND = 1,
1994 CSSM_DB_OR = 2
1995 };
1996
1997 typedef struct cssm_selection_predicate {
1998 CSSM_DB_OPERATOR DbOperator;
1999 CSSM_DB_ATTRIBUTE_DATA Attribute;
2000 } CSSM_SELECTION_PREDICATE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_SELECTION_PREDICATE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
2001
2002 enum {
2003 CSSM_QUERY_TIMELIMIT_NONE = 0
2004 };
2005
2006 enum {
2007 CSSM_QUERY_SIZELIMIT_NONE = 0
2008 };
2009
2010 typedef struct cssm_query_limits {
2011 uint32 TimeLimit; /* in seconds */
2012 uint32 SizeLimit; /* max. number of records to return */
2013 } CSSM_QUERY_LIMITS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_QUERY_LIMITS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
2014
2015 typedef uint32 CSSM_QUERY_FLAGS;
2016 enum {
2017 CSSM_QUERY_RETURN_DATA = 0x01
2018 };
2019
2020 typedef struct cssm_query {
2021 CSSM_DB_RECORDTYPE RecordType;
2022 CSSM_DB_CONJUNCTIVE Conjunctive;
2023 uint32 NumSelectionPredicates;
2024 CSSM_SELECTION_PREDICATE_PTR SelectionPredicate;
2025 CSSM_QUERY_LIMITS QueryLimits;
2026 CSSM_QUERY_FLAGS QueryFlags;
2027 } CSSM_QUERY DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_QUERY_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
2028
2029 typedef uint32 CSSM_DLTYPE, *CSSM_DLTYPE_PTR;
2030 enum {
2031 CSSM_DL_UNKNOWN = 0,
2032 CSSM_DL_CUSTOM = 1,
2033 CSSM_DL_LDAP = 2,
2034 CSSM_DL_ODBC = 3,
2035 CSSM_DL_PKCS11 = 4,
2036 CSSM_DL_FFS = 5, /* flat file system */
2037 CSSM_DL_MEMORY = 6,
2038 CSSM_DL_REMOTEDIR = 7
2039 };
2040
2041 typedef void *CSSM_DL_CUSTOM_ATTRIBUTES;
2042 typedef void *CSSM_DL_LDAP_ATTRIBUTES;
2043 typedef void *CSSM_DL_ODBC_ATTRIBUTES;
2044 typedef void *CSSM_DL_FFS_ATTRIBUTES;
2045
2046 typedef struct cssm_dl_pkcs11_attributes {
2047 uint32 DeviceAccessFlags;
2048 } *CSSM_DL_PKCS11_ATTRIBUTE, *CSSM_DL_PKCS11_ATTRIBUTE_PTR;
2049
2050 enum {
2051 CSSM_DB_DATASTORES_UNKNOWN = 0xFFFFFFFF
2052 };
2053
2054 typedef struct cssm_name_list {
2055 uint32 NumStrings;
2056 char **String;
2057 } CSSM_NAME_LIST DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_NAME_LIST_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
2058
2059 typedef uint32 CSSM_DB_RETRIEVAL_MODES;
2060 enum {
2061 CSSM_DB_TRANSACTIONAL_MODE = 0,
2062 CSSM_DB_FILESYSTEMSCAN_MODE = 1
2063 };
2064
2065 typedef struct cssm_db_schema_attribute_info {
2066 uint32 AttributeId;
2067 char *AttributeName;
2068 CSSM_OID AttributeNameID;
2069 CSSM_DB_ATTRIBUTE_FORMAT DataType;
2070 } CSSM_DB_SCHEMA_ATTRIBUTE_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_SCHEMA_ATTRIBUTE_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
2071
2072 typedef struct cssm_db_schema_index_info {
2073 uint32 AttributeId;
2074 uint32 IndexId;
2075 CSSM_DB_INDEX_TYPE IndexType;
2076 CSSM_DB_INDEXED_DATA_LOCATION IndexedDataLocation;
2077 } CSSM_DB_SCHEMA_INDEX_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_SCHEMA_INDEX_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
2078
2079 #pragma clang diagnostic pop
2080
2081 #ifdef __cplusplus
2082 }
2083 #endif
2084
2085 #endif /* _CSSMTYPE_H_ */
mirror of Security