Keychain/SecKeyPriv.h

   1 /*
   2  *  SecKeyPriv.h
   3  *  Security
   4  *
   5  *  Created by Michael Brouwer on Fri Nov 08 2002.
   6  *  Copyright (c) 2002 __MyCompanyName__. All rights reserved.
   7  *
   8  */
   9
  10 /*
  11  * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
  12  *
  13  * The contents of this file constitute Original Code as defined in and are
  14  * subject to the Apple Public Source License Version 1.2 (the 'License').
  15  * You may not use this file except in compliance with the License. Please obtain
  16  * a copy of the License at http://www.apple.com/publicsource and read it before
  17  * using this file.
  18  *
  19  * This Original Code and all software distributed under the License are
  20  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  21  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  22  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  23  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  24  * specific language governing rights and limitations under the License.
  25  */
  26
  27 /*!
  28         @header SecKeyPriv
  29         The functions provided in SecKeyPriv implement a particular type of SecKeychainItem which represents a key.  SecKeys might be stored in a SecKeychain, but can also be used as transient object representing keys.
  30
  31         Most SecKeychainItem* functions will work on an SecKeyRef.
  32 */
  33
  34 #ifndef _SECURITY_SECKEYPRIV_H_
  35 #define _SECURITY_SECKEYPRIV_H_
  36
  37 #include <Security/SecKey.h>
  38
  39
  40 #if defined(__cplusplus)
  41 extern "C" {
  42 #endif
  43
  44 /*!
  45         @typedef SecCredentialType
  46         @abstract Determines the type of credential returned by SecKeyGetCredentials.
  47 */
  48 typedef uint32 SecCredentialType;
  49
  50 /*!
  51         @enum SecCredentialType
  52         @abstract Determines the type of credential returned by SecKeyGetCredentials.
  53         @constant kSecCredentialTypeWithUI will cause UI to happen if needed.
  54         @constant kSecCredentialTypeNoUI will fail if UI would of been required.
  55         @constant kSecCredentialTypeDefault will choose to do UI when other SecKeychain calls currently do.
  56 */
  57 enum
  58 {
  59         kSecCredentialTypeDefault = 0,
  60         kSecCredentialTypeWithUI,
  61         kSecCredentialTypeNoUI
  62 };
  63
  64
  65 /*!
  66         @function SecKeyGetCredentials
  67         @abstract For a given key return a const CSSM_ACCESS_CREDENTIALS * which will allow the key to be used.
  68         @param keyRef The key for which a credential is requested.
  69     @param operation the type of operation which is going to be perform on this key.  Examples are: CSSM_ACL_AUTHORIZATION_SIGN, CSSM_ACL_AUTHORIZATION_DECRYPT, CSSM_ACL_AUTHORIZATION_EXPORT_WRAPPED.
  70     @param credentialType The type of credential requested.
  71         @param outCredentials Output a pointer to a const CSSM_ACCESS_CREDENTIALS * is returned here which remains valid at least as long as the keyRef itself remains valid, which can be used in CDSA calls.
  72         @result A result code.  See "Security Error Codes" (SecBase.h).
  73 */
  74 OSStatus SecKeyGetCredentials(
  75         SecKeyRef keyRef,
  76                 CSSM_ACL_AUTHORIZATION_TAG operation,
  77                 SecCredentialType credentialType,
  78         const CSSM_ACCESS_CREDENTIALS **outCredentials);
  79
  80 /*!
  81         @function SecKeyImportPair
  82         @abstract Takes an asymmetric key pair and stores it in the keychain specified by the keychain parameter.
  83         @param keychainRef A reference to the keychain in which to store the private and public key items. Specify NULL for the default keychain.
  84     @param publicCssmKey A CSSM_KEY which is valid for the CSP returned by SecKeychainGetCSPHandle().  This may be a normal key or reference key.
  85     @param privateCssmKey A CSSM_KEY which is valid for the CSP returned by SecKeychainGetCSPHandle().  This may be a normal key or reference key.
  86     @param initialAccess A SecAccess object that determines the initial access rights to the private key.  The public key is given an any/any acl by default.
  87     @param publicKey Optional output pointer to the keychain item reference of the imported public key. The caller must call CFRelease on this value if it is returned.
  88     @param privateKey Optional output pointer to the keychain item reference of the imported private key. The caller must call CFRelease on this value if it is returned.
  89         @result A result code.  See "Security Error Codes" (SecBase.h).
  90 */
  91 OSStatus SecKeyImportPair(
  92         SecKeychainRef keychainRef,
  93                 const CSSM_KEY *publicCssmKey,
  94                 const CSSM_KEY *privateCssmKey,
  95         SecAccessRef initialAccess,
  96         SecKeyRef* publicKey,
  97         SecKeyRef* privateKey);
  98
  99
 100 #if defined(__cplusplus)
 101 }
 102 #endif
 103
 104 #endif /* !_SECURITY_SECKEYPRIV_H_ */
 105