2 * Copyright (c) 2000-2004,2011,2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
24 * SecImportExportCrypto.h - low-level crypto routines for wrapping and unwrapping
29 #ifndef _SECURITY_SEC_IMPORT_EXPORT_CRYPTO_H_
30 #define _SECURITY_SEC_IMPORT_EXPORT_CRYPTO_H_
32 #include <Security/cssmtype.h>
33 #include <Security/SecAccess.h>
34 #include <Security/SecKeychain.h>
35 #include <Security/SecImportExport.h>
36 #include <CoreFoundation/CoreFoundation.h>
37 #include <security_cdsa_utilities/cssmdata.h>
45 * Post notification of a "new key added" event.
46 * If you know of another way to do this, other than a dlclient-based lookup of the
47 * existing key in order to get a KeychainCore::Item, by all means have at it.
49 OSStatus
impExpKeyNotify(
50 SecKeychainRef importKeychain
,
51 const CssmData
&keyLabel
, // stored with this, we use it to do a lookup
52 const CSSM_KEY
&cssmKey
); // unwrapped key in CSSM format
55 * Attempt to import a raw key. This can be used as a lightweight
56 * "guess" evaluator if a handle to the raw CSP is passed in (with
57 * no keychaain), or as the real thing which does full keychain import.
59 OSStatus
impExpImportRawKey(
61 SecExternalFormat externForm
,
62 SecExternalItemType itemType
,
63 CSSM_ALGORITHMS keyAlg
,
64 SecKeychainRef importKeychain
, // optional
65 CSSM_CSP_HANDLE cspHand
, // optional
66 SecItemImportExportFlags flags
,
67 const SecKeyImportExportParameters
*keyParams
, // optional
68 const char *printName
, // optional
69 CFMutableArrayRef outArray
); // optional, append here
72 * Auxiliary encryption parameters associated with a key unwrap.
73 * Most of these are usually zero (meaning "tell the CSP to take the default").
76 CSSM_ALGORITHMS encrAlg
; // 0 ==> null unwrap
77 CSSM_ENCRYPT_MODE encrMode
;
78 CSSM_KEY_PTR unwrappingKey
; // NULL ==> null unwrap
82 /* weird RC2/RC5 params */
83 uint32 effectiveKeySizeInBits
; // RC2
84 uint32 blockSizeInBits
; // RC5
86 } impExpKeyUnwrapParams
;
89 * Common code to unwrap a key, used for raw keys (which do a NULL unwrap) and
92 OSStatus
impExpImportKeyCommon(
93 const CSSM_KEY
*wrappedKey
,
94 SecKeychainRef importKeychain
, // optional
95 CSSM_CSP_HANDLE cspHand
, // optional
96 SecItemImportExportFlags flags
,
97 const SecKeyImportExportParameters
*keyParams
, // optional
98 const impExpKeyUnwrapParams
*unwrapParams
,
99 const char *printName
, // optional
100 CFMutableArrayRef outArray
); // optional, append here
103 * Common code to wrap a key. NULL unwraps don't use this (yet?).
105 CSSM_RETURN
impExpExportKeyCommon(
106 CSSM_CSP_HANDLE cspHand
, // for all three keys
108 CSSM_KEY_PTR wrappingKey
,
109 CSSM_KEY_PTR wrappedKey
, // RETURNED
110 CSSM_ALGORITHMS wrapAlg
,
111 CSSM_ENCRYPT_MODE wrapMode
,
112 CSSM_PADDING wrapPad
,
113 CSSM_KEYBLOB_FORMAT wrapFormat
, // NONE, PKCS7, PKCS8
114 CSSM_ATTRIBUTE_TYPE blobAttrType
, // optional raw key format attr
115 CSSM_KEYBLOB_FORMAT blobForm
, // ditto
116 const CSSM_DATA
*descData
, // optional descriptive data
117 const CSSM_DATA
*iv
);
123 #endif /* _SECURITY_SEC_IMPORT_EXPORT_CRYPTO_H_ */
projects / apple / security.git / blob