OSX/libsecurity_keychain/lib/SecKeychainPriv.h

   1 /*
   2  * Copyright (c) 2003-2004,2011-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #ifndef _SECURITY_SECKEYCHAINPRIV_H_
  25 #define _SECURITY_SECKEYCHAINPRIV_H_
  26
  27 #include <Security/Security.h>
  28 #include <Security/SecBasePriv.h>
  29 #include <Security/SecKeychain.h>
  30 #include <CoreFoundation/CoreFoundation.h>
  31
  32 #if defined(__cplusplus)
  33 extern "C" {
  34 #endif
  35
  36 enum {kSecKeychainEnteredBatchModeEvent = 14,
  37           kSecKeychainLeftBatchModeEvent = 15};
  38 enum {kSecKeychainEnteredBatchModeEventMask = 1 << kSecKeychainEnteredBatchModeEvent,
  39           kSecKeychainLeftBatchModeEventMask = 1 << kSecKeychainLeftBatchModeEvent};
  40
  41
  42 /* Keychain management */
  43 OSStatus SecKeychainCreateNew(SecKeychainRef keychainRef, UInt32 passwordLength, const char* inPassword)
  44     __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_NA);
  45 OSStatus SecKeychainMakeFromFullPath(const char *fullPathName, SecKeychainRef *keychainRef)
  46     __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_NA);
  47 OSStatus SecKeychainIsValid(SecKeychainRef keychainRef, Boolean* isValid)
  48     __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_NA);
  49 OSStatus SecKeychainChangePassword(SecKeychainRef keychainRef, UInt32 oldPasswordLength, const void *oldPassword,  UInt32 newPasswordLength, const void *newPassword)
  50     __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_NA);
  51 OSStatus SecKeychainOpenWithGuid(const CSSM_GUID *guid, uint32 subserviceId, uint32 subserviceType, const char* dbName, const CSSM_NET_ADDRESS *dbLocation, SecKeychainRef *keychain)
  52     API_DEPRECATED("CSSM_GUID/CSSM_NET_ADDRESS is deprecated", macos(10.4,10.14)) API_UNAVAILABLE(ios, watchos, tvos, bridgeos, iosmac);
  53 OSStatus SecKeychainSetBatchMode (SecKeychainRef kcRef, Boolean mode, Boolean rollback)
  54     __OSX_AVAILABLE_STARTING(__MAC_10_5, __IPHONE_NA);
  55
  56 /* Keychain list management */
  57 UInt16 SecKeychainListGetCount(void)
  58     __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_NA);
  59 OSStatus SecKeychainListCopyKeychainAtIndex(UInt16 index, SecKeychainRef *keychainRef)
  60     __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_NA);
  61 OSStatus SecKeychainListRemoveKeychain(SecKeychainRef *keychainRef)
  62     __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_NA);
  63 OSStatus SecKeychainRemoveFromSearchList(SecKeychainRef keychainRef)
  64     __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_NA);
  65
  66 /* Login keychain support */
  67 OSStatus SecKeychainLogin(UInt32 nameLength, const void* name, UInt32 passwordLength, const void* password)
  68     __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_NA);
  69 OSStatus SecKeychainStash(void)
  70     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_NA);
  71 OSStatus SecKeychainLogout(void)
  72     __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_NA);
  73 OSStatus SecKeychainCopyLogin(SecKeychainRef *keychainRef)
  74     __OSX_AVAILABLE_STARTING(__MAC_10_2, __IPHONE_NA);
  75 OSStatus SecKeychainResetLogin(UInt32 passwordLength, const void* password, Boolean resetSearchList)
  76     __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_NA);
  77
  78 OSStatus SecKeychainVerifyKeyStorePassphrase(uint32_t retries)
  79     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_NA);
  80 OSStatus SecKeychainChangeKeyStorePassphrase(void)
  81     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_NA);
  82
  83 /* Keychain synchronization */
  84 enum {
  85   kSecKeychainNotSynchronized = 0,
  86   kSecKeychainSynchronizedWithDotMac = 1
  87 };
  88 typedef UInt32 SecKeychainSyncState;
  89
  90 OSStatus SecKeychainCopySignature(SecKeychainRef keychainRef, CFDataRef *keychainSignature)
  91     __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_NA);
  92 OSStatus SecKeychainCopyBlob(SecKeychainRef keychainRef, CFDataRef *dbBlob)
  93     __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_NA);
  94 OSStatus SecKeychainRecodeKeychain(SecKeychainRef keychainRef, CFArrayRef dbBlobArray, CFDataRef extraData)
  95     __OSX_AVAILABLE_STARTING(__MAC_10_6, __IPHONE_NA);
  96 OSStatus SecKeychainCreateWithBlob(const char* fullPathName, CFDataRef dbBlob, SecKeychainRef *kcRef)
  97     __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_NA);
  98
  99 /* Keychain list manipulation */
 100 OSStatus SecKeychainAddDBToKeychainList (SecPreferencesDomain domain, const char* dbName, const CSSM_GUID *guid, uint32 subServiceType)
 101     API_DEPRECATED("CSSM_GUID is deprecated", macos(10.4,10.14)) API_UNAVAILABLE(ios, watchos, tvos, bridgeos, iosmac);
 102 OSStatus SecKeychainDBIsInKeychainList (SecPreferencesDomain domain, const char* dbName, const CSSM_GUID *guid, uint32 subServiceType)
 103     API_DEPRECATED("CSSM_GUID is deprecated", macos(10.4,10.14)) API_UNAVAILABLE(ios, watchos, tvos, bridgeos, iosmac);
 104 OSStatus SecKeychainRemoveDBFromKeychainList (SecPreferencesDomain domain, const char* dbName, const CSSM_GUID *guid, uint32 subServiceType)
 105     API_DEPRECATED("CSSM_GUID is deprecated", macos(10.4,10.14)) API_UNAVAILABLE(ios, watchos, tvos, bridgeos, iosmac);
 106
 107 /* server operation (keychain inhibit) */
 108 void SecKeychainSetServerMode(void)
 109     __OSX_AVAILABLE_STARTING(__MAC_10_5, __IPHONE_NA);
 110
 111 /* special calls */
 112 OSStatus SecKeychainCleanupHandles(void)
 113     __OSX_AVAILABLE_STARTING(__MAC_10_5, __IPHONE_NA);
 114 OSStatus SecKeychainSystemKeychainCheckWouldDeadlock(void)
 115     __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_NA);
 116 OSStatus SecKeychainStoreUnlockKey(SecKeychainRef userKeychainRef, SecKeychainRef systemKeychainRef, CFStringRef username, CFStringRef password)
 117     __OSX_AVAILABLE_STARTING(__MAC_10_10, __IPHONE_NA);
 118
 119 /* Token login support */
 120 OSStatus SecKeychainStoreUnlockKeyWithPubKeyHash(CFDataRef pubKeyHash, CFStringRef tokenID, CFDataRef wrapPubKeyHash, SecKeychainRef userKeychain, CFStringRef password)
 121     __OSX_AVAILABLE_STARTING(__MAC_10_12, __IPHONE_NA);
 122 OSStatus SecKeychainEraseUnlockKeyWithPubKeyHash(CFDataRef pubKeyHash)
 123     __OSX_AVAILABLE_STARTING(__MAC_10_12, __IPHONE_NA);
 124
 125 /* calls to interact with keychain versions */
 126 OSStatus SecKeychainGetKeychainVersion(SecKeychainRef keychain, UInt32* version)
 127     __OSX_AVAILABLE_STARTING(__MAC_10_11, __IPHONE_NA);
 128
 129 OSStatus SecKeychainAttemptMigrationWithMasterKey(SecKeychainRef keychain, UInt32 version, const char* masterKeyFilename)
 130     __OSX_AVAILABLE_STARTING(__MAC_10_11, __IPHONE_NA);
 131
 132 /* calls for testing only */
 133 OSStatus SecKeychainGetUserPromptAttempts(uint32_t* attempts)
 134     __OSX_AVAILABLE_STARTING(__MAC_10_12, __IPHONE_NA);
 135
 136 /*!
 137  @function SecKeychainMDSInstall
 138  Set up MDS.
 139  */
 140 OSStatus SecKeychainMDSInstall(void);
 141
 142 #if defined(__cplusplus)
 143 }
 144 #endif
 145
 146 #endif /* !_SECURITY_SECKEYCHAINPRIV_H_ */