]> git.saurik.com Git - apple/security.git/blob - base/SecBase.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-58286.240.4.tar.gz
[apple/security.git] / base / SecBase.h
1 /*
2 * Copyright (c) 2000-2016 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #ifndef _SECURITY_SECBASE_H_
25 #define _SECURITY_SECBASE_H_
26
27 #include <TargetConditionals.h>
28 #include <CoreFoundation/CFBase.h>
29 #include <AvailabilityMacros.h>
30
31 // Truth table for following declarations:
32 //
33 // TARGET_OS_OSX TARGET_OS_OSX TARGET_OS_IPHONE TARGET_OS_IPHONE TARGET_OS_IOSMAC
34 // SEC_IOS_ON_OSX SEC_IOS_ON_OSX
35 // =================================================================================================================
36 // SEC_OS_IPHONE 0 1 1 1 1
37 // SEC_OS_OSX 1 0 0 0 0
38 // SEC_OS_OSX_INCLUDES 1 1 0 0 0
39
40 #if TARGET_OS_OSX
41 #ifdef SEC_IOS_ON_OSX
42 #define SEC_OS_IPHONE 1
43
44 #define SEC_OS_OSX 0
45 #define SEC_OS_OSX_INCLUDES 1
46 #endif // SEC_IOS_ON_OSX
47 #endif // TARGET_OS_OSX
48
49 #if TARGET_OS_IOSMAC
50 #define SEC_OS_IPHONE 1
51
52 #define SEC_OS_OSX 0
53 #define SEC_OS_OSX_INCLUDES 0
54 #endif // TARGET_OS_IOSMAC
55
56 #ifndef SEC_OS_IPHONE
57 // block above did not fire; set flags to current platform
58 #define SEC_OS_IPHONE TARGET_OS_IPHONE
59
60 #define SEC_OS_OSX TARGET_OS_OSX
61 #define SEC_OS_OSX_INCLUDES TARGET_OS_OSX
62 #endif
63
64 #if SEC_OS_IPHONE
65 #include <sys/cdefs.h>
66 #endif
67
68 #if defined(__clang__)
69 #define SEC_DEPRECATED_ATTRIBUTE DEPRECATED_ATTRIBUTE
70 #else
71 #define SEC_DEPRECATED_ATTRIBUTE
72 #endif
73
74 __BEGIN_DECLS
75
76 CF_ASSUME_NONNULL_BEGIN
77 CF_IMPLICIT_BRIDGING_ENABLED
78
79
80 #if SEC_OS_IPHONE
81 #define SECTYPE(a) __##a
82 #elif SEC_OS_OSX
83 #define SECTYPE(a) Opaque##a##Ref
84 #endif
85
86 /*!
87 @typedef SecCertificateRef
88 @abstract CFType representing a X.509 certificate.
89 See SecCertificate.h for details.
90 */
91 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecCertificate) *SecCertificateRef;
92
93 /*!
94 @typedef SecIdentityRef
95 @abstract CFType representing an identity, which contains
96 a SecKeyRef and an associated SecCertificateRef. See
97 SecIdentity.h for details.
98 */
99 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecIdentity) *SecIdentityRef;
100
101 /*!
102 @typedef SecKeyRef
103 @abstract CFType representing a cryptographic key. See
104 SecKey.h for details.
105 */
106 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecKey) *SecKeyRef;
107
108 /*!
109 @typedef SecPolicyRef
110 @abstract CFType representing a X.509 certificate trust policy.
111 See SecPolicy.h for details.
112 */
113 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecPolicy) *SecPolicyRef;
114
115 /*!
116 @typedef SecAccessControl
117 @abstract CFType representing access control for an item.
118 SecAccessControl.h for details.
119 */
120 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecAccessControl) *SecAccessControlRef;
121
122 /*!
123 @typedef SecKeychainRef
124 @abstract Contains information about a keychain.
125 */
126 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecKeychain) *SecKeychainRef
127 API_AVAILABLE(macos(10.0)) SPI_AVAILABLE(ios(1.0), tvos(9.0), watchos(1.0));
128
129 /*!
130 @typedef SecKeychainItemRef
131 @abstract Contains information about a keychain item.
132 */
133 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecKeychainItem) *SecKeychainItemRef API_UNAVAILABLE(ios);
134
135 /*!
136 @typedef SecKeychainSearchRef
137 @abstract Contains information about a keychain search.
138 */
139 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecKeychainSearch) *SecKeychainSearchRef API_UNAVAILABLE(ios);
140
141 /*!
142 @typedef SecKeychainAttrType
143 @abstract Represents a keychain attribute type.
144 */
145 typedef OSType SecKeychainAttrType API_UNAVAILABLE(ios);
146
147 /*!
148 @struct SecKeychainAttribute
149 @abstract Contains keychain attributes.
150 @field tag A 4-byte attribute tag.
151 @field length The length of the buffer pointed to by data.
152 @field data A pointer to the attribute data.
153 */
154 struct API_UNAVAILABLE(ios) SecKeychainAttribute
155 {
156 SecKeychainAttrType tag;
157 UInt32 length;
158 void * __nullable data;
159 };
160 typedef struct SecKeychainAttribute SecKeychainAttribute API_UNAVAILABLE(ios);
161
162 /*!
163 @typedef SecKeychainAttributePtr
164 @abstract Represents a pointer to a keychain attribute structure.
165 */
166 typedef SecKeychainAttribute *SecKeychainAttributePtr API_UNAVAILABLE(ios);
167
168 /*!
169 @typedef SecKeychainAttributeList
170 @abstract Represents a list of keychain attributes.
171 @field count An unsigned 32-bit integer that represents the number of keychain attributes in the array.
172 @field attr A pointer to the first keychain attribute in the array.
173 */
174 struct API_UNAVAILABLE(ios) SecKeychainAttributeList
175 {
176 UInt32 count;
177 SecKeychainAttribute * __nullable attr;
178 };
179 typedef struct SecKeychainAttributeList SecKeychainAttributeList API_UNAVAILABLE(ios);
180
181 /*!
182 @typedef SecKeychainStatus
183 @abstract Represents the status of a keychain.
184 */
185 typedef UInt32 SecKeychainStatus API_UNAVAILABLE(ios);
186
187 /*!
188 @typedef SecTrustedApplicationRef
189 @abstract Contains information about a trusted application.
190 */
191 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecTrustedApplication) *SecTrustedApplicationRef API_UNAVAILABLE(ios);
192
193 /*!
194 @typedef SecAccessRef
195 @abstract Contains information about an access.
196 */
197 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecAccess) *SecAccessRef API_UNAVAILABLE(ios);
198
199 /*!
200 @typedef SecACLRef
201 @abstract Contains information about an access control list (ACL) entry.
202 */
203 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecTrust) *SecACLRef API_UNAVAILABLE(ios);
204
205 /*!
206 @typedef SecPasswordRef
207 @abstract Contains information about a password.
208 */
209 typedef struct CF_BRIDGED_TYPE(id) SECTYPE(SecPassword) *SecPasswordRef API_UNAVAILABLE(ios);
210
211 /*!
212 @typedef SecKeychainAttributeInfo
213 @abstract Represents an attribute.
214 @field count The number of tag-format pairs in the respective arrays.
215 @field tag A pointer to the first attribute tag in the array.
216 @field format A pointer to the first CSSM_DB_ATTRIBUTE_FORMAT in the array.
217 @discussion Each tag and format item form a pair.
218 */
219 struct API_UNAVAILABLE(ios) SecKeychainAttributeInfo
220 {
221 UInt32 count;
222 UInt32 *tag;
223 UInt32 * __nullable format;
224 };
225 typedef struct SecKeychainAttributeInfo SecKeychainAttributeInfo API_UNAVAILABLE(ios);
226
227 /*!
228 @function SecCopyErrorMessageString
229 @abstract Returns a string describing the specified error result code.
230 @param status An error result code of type OSStatus or CSSM_RETURN, as returned by a Security or CSSM function.
231 @reserved Reserved for future use. Your code should pass NULL in this parameter.
232 @result A reference to an error string, or NULL if no error string is available for the specified result code. Your code must release this reference by calling the CFRelease function.
233 */
234 __nullable
235 CFStringRef SecCopyErrorMessageString(OSStatus status, void * __nullable reserved)
236 __OSX_AVAILABLE_STARTING(__MAC_10_3, __IPHONE_11_3);
237
238 #undef SECTYPE
239
240
241 /*!
242 @enum Security Error Codes
243 @abstract Result codes returned from Security framework functions.
244 @constant errSecSuccess No error.
245 @constant errSecUnimplemented Function or operation not implemented.
246 @constant errSecDskFull Disk Full error.
247 @constant errSecIO I/O error.
248 @constant errSecParam One or more parameters passed to a function were not valid.
249 @constant errSecWrPerm Write permissions error.
250 @constant errSecAllocate Failed to allocate memory.
251 @constant errSecUserCanceled User canceled the operation.
252 @constant errSecBadReq Bad parameter or invalid state for operation.
253 @constant errSecInternalComponent
254 @constant errSecCoreFoundationUnknown
255 @constant errSecNotAvailable No keychain is available.
256 @constant errSecReadOnly Read only error.
257 @constant errSecAuthFailed Authorization/Authentication failed.
258 @constant errSecNoSuchKeychain The keychain does not exist.
259 @constant errSecInvalidKeychain The keychain is not valid.
260 @constant errSecDuplicateKeychain A keychain with the same name already exists.
261 @constant errSecDuplicateCallback The specified callback is already installed.
262 @constant errSecInvalidCallback The specified callback is not valid.
263 @constant errSecDuplicateItem The item already exists.
264 @constant errSecItemNotFound The item cannot be found.
265 @constant errSecBufferTooSmall The buffer is too small.
266 @constant errSecDataTooLarge The data is too large.
267 @constant errSecNoSuchAttr The attribute does not exist.
268 @constant errSecInvalidItemRef The item reference is invalid.
269 @constant errSecInvalidSearchRef The search reference is invalid.
270 @constant errSecNoSuchClass The keychain item class does not exist.
271 @constant errSecNoDefaultKeychain A default keychain does not exist.
272 @constant errSecInteractionNotAllowed User interaction is not allowed.
273 @constant errSecReadOnlyAttr The attribute is read only.
274 @constant errSecWrongSecVersion The version is incorrect.
275 @constant errSecKeySizeNotAllowed The key size is not allowed.
276 @constant errSecNoStorageModule There is no storage module available.
277 @constant errSecNoCertificateModule There is no certificate module available.
278 @constant errSecNoPolicyModule There is no policy module available.
279 @constant errSecInteractionRequired User interaction is required.
280 @constant errSecDataNotAvailable The data is not available.
281 @constant errSecDataNotModifiable The data is not modifiable.
282 @constant errSecCreateChainFailed The attempt to create a certificate chain failed.
283 @constant errSecACLNotSimple The access control list is not in standard simple form.
284 @constant errSecPolicyNotFound The policy specified cannot be found.
285 @constant errSecInvalidTrustSetting The specified trust setting is invalid.
286 @constant errSecNoAccessForItem The specified item has no access control.
287 @constant errSecInvalidOwnerEdit Invalid attempt to change the owner of this item.
288 @constant errSecTrustNotAvailable No trust results are available.
289 @constant errSecUnsupportedFormat Import/Export format unsupported.
290 @constant errSecUnknownFormat Unknown format in import.
291 @constant errSecKeyIsSensitive Key material must be wrapped for export.
292 @constant errSecMultiplePrivKeys An attempt was made to import multiple private keys.
293 @constant errSecPassphraseRequired Passphrase is required for import/export.
294 @constant errSecInvalidPasswordRef The password reference was invalid.
295 @constant errSecInvalidTrustSettings The Trust Settings Record was corrupted.
296 @constant errSecNoTrustSettings No Trust Settings were found.
297 @constant errSecPkcs12VerifyFailure MAC verification failed during PKCS12 Import.
298 @constant errSecDecode Unable to decode the provided data.
299
300 @discussion The assigned error space is discontinuous: e.g. -25240..-25279, -25290..-25329, -68608..-67585, and so on.
301 */
302
303 /*
304 Note: the comments that appear after these errors are used to create SecErrorMessages.strings.
305 The comments must not be multi-line, and should be in a form meaningful to an end user. If
306 a different or additional comment is needed, it can be put in the header doc format, or on a
307 line that does not start with errZZZ.
308 */
309
310 CF_ENUM(OSStatus)
311 {
312 errSecSuccess = 0, /* No error. */
313 errSecUnimplemented = -4, /* Function or operation not implemented. */
314 errSecDiskFull = -34, /* The disk is full. */
315 errSecDskFull = -34,
316 errSecIO = -36, /* I/O error. */
317 errSecOpWr = -49, /* File already open with write permission. */
318 errSecParam = -50, /* One or more parameters passed to a function were not valid. */
319 errSecWrPerm = -61, /* Write permissions error. */
320 errSecAllocate = -108, /* Failed to allocate memory. */
321 errSecUserCanceled = -128, /* User canceled the operation. */
322 errSecBadReq = -909, /* Bad parameter or invalid state for operation. */
323
324 errSecInternalComponent = -2070,
325 errSecCoreFoundationUnknown = -4960,
326
327 errSecMissingEntitlement = -34018, /* A required entitlement isn't present. */
328
329 errSecNotAvailable = -25291, /* No keychain is available. You may need to restart your computer. */
330 errSecReadOnly = -25292, /* This keychain cannot be modified. */
331 errSecAuthFailed = -25293, /* The user name or passphrase you entered is not correct. */
332 errSecNoSuchKeychain = -25294, /* The specified keychain could not be found. */
333 errSecInvalidKeychain = -25295, /* The specified keychain is not a valid keychain file. */
334 errSecDuplicateKeychain = -25296, /* A keychain with the same name already exists. */
335 errSecDuplicateCallback = -25297, /* The specified callback function is already installed. */
336 errSecInvalidCallback = -25298, /* The specified callback function is not valid. */
337 errSecDuplicateItem = -25299, /* The specified item already exists in the keychain. */
338 errSecItemNotFound = -25300, /* The specified item could not be found in the keychain. */
339 errSecBufferTooSmall = -25301, /* There is not enough memory available to use the specified item. */
340 errSecDataTooLarge = -25302, /* This item contains information which is too large or in a format that cannot be displayed. */
341 errSecNoSuchAttr = -25303, /* The specified attribute does not exist. */
342 errSecInvalidItemRef = -25304, /* The specified item is no longer valid. It may have been deleted from the keychain. */
343 errSecInvalidSearchRef = -25305, /* Unable to search the current keychain. */
344 errSecNoSuchClass = -25306, /* The specified item does not appear to be a valid keychain item. */
345 errSecNoDefaultKeychain = -25307, /* A default keychain could not be found. */
346 errSecInteractionNotAllowed = -25308, /* User interaction is not allowed. */
347 errSecReadOnlyAttr = -25309, /* The specified attribute could not be modified. */
348 errSecWrongSecVersion = -25310, /* This keychain was created by a different version of the system software and cannot be opened. */
349 errSecKeySizeNotAllowed = -25311, /* This item specifies a key size which is too large or too small. */
350 errSecNoStorageModule = -25312, /* A required component (data storage module) could not be loaded. You may need to restart your computer. */
351 errSecNoCertificateModule = -25313, /* A required component (certificate module) could not be loaded. You may need to restart your computer. */
352 errSecNoPolicyModule = -25314, /* A required component (policy module) could not be loaded. You may need to restart your computer. */
353 errSecInteractionRequired = -25315, /* User interaction is required, but is currently not allowed. */
354 errSecDataNotAvailable = -25316, /* The contents of this item cannot be retrieved. */
355 errSecDataNotModifiable = -25317, /* The contents of this item cannot be modified. */
356 errSecCreateChainFailed = -25318, /* One or more certificates required to validate this certificate cannot be found. */
357 errSecInvalidPrefsDomain = -25319, /* The specified preferences domain is not valid. */
358 errSecInDarkWake = -25320, /* In dark wake, no UI possible */
359
360 errSecACLNotSimple = -25240, /* The specified access control list is not in standard (simple) form. */
361 errSecPolicyNotFound = -25241, /* The specified policy cannot be found. */
362 errSecInvalidTrustSetting = -25242, /* The specified trust setting is invalid. */
363 errSecNoAccessForItem = -25243, /* The specified item has no access control. */
364 errSecInvalidOwnerEdit = -25244, /* Invalid attempt to change the owner of this item. */
365 errSecTrustNotAvailable = -25245, /* No trust results are available. */
366 errSecUnsupportedFormat = -25256, /* Import/Export format unsupported. */
367 errSecUnknownFormat = -25257, /* Unknown format in import. */
368 errSecKeyIsSensitive = -25258, /* Key material must be wrapped for export. */
369 errSecMultiplePrivKeys = -25259, /* An attempt was made to import multiple private keys. */
370 errSecPassphraseRequired = -25260, /* Passphrase is required for import/export. */
371 errSecInvalidPasswordRef = -25261, /* The password reference was invalid. */
372 errSecInvalidTrustSettings = -25262, /* The Trust Settings Record was corrupted. */
373 errSecNoTrustSettings = -25263, /* No Trust Settings were found. */
374 errSecPkcs12VerifyFailure = -25264, /* MAC verification failed during PKCS12 import (wrong password?) */
375 errSecNotSigner = -26267, /* A certificate was not signed by its proposed parent. */
376
377 errSecDecode = -26275, /* Unable to decode the provided data. */
378
379 errSecServiceNotAvailable = -67585, /* The required service is not available. */
380 errSecInsufficientClientID = -67586, /* The client ID is not correct. */
381 errSecDeviceReset = -67587, /* A device reset has occurred. */
382 errSecDeviceFailed = -67588, /* A device failure has occurred. */
383 errSecAppleAddAppACLSubject = -67589, /* Adding an application ACL subject failed. */
384 errSecApplePublicKeyIncomplete = -67590, /* The public key is incomplete. */
385 errSecAppleSignatureMismatch = -67591, /* A signature mismatch has occurred. */
386 errSecAppleInvalidKeyStartDate = -67592, /* The specified key has an invalid start date. */
387 errSecAppleInvalidKeyEndDate = -67593, /* The specified key has an invalid end date. */
388 errSecConversionError = -67594, /* A conversion error has occurred. */
389 errSecAppleSSLv2Rollback = -67595, /* A SSLv2 rollback error has occurred. */
390 errSecQuotaExceeded = -67596, /* The quota was exceeded. */
391 errSecFileTooBig = -67597, /* The file is too big. */
392 errSecInvalidDatabaseBlob = -67598, /* The specified database has an invalid blob. */
393 errSecInvalidKeyBlob = -67599, /* The specified database has an invalid key blob. */
394 errSecIncompatibleDatabaseBlob = -67600, /* The specified database has an incompatible blob. */
395 errSecIncompatibleKeyBlob = -67601, /* The specified database has an incompatible key blob. */
396 errSecHostNameMismatch = -67602, /* A host name mismatch has occurred. */
397 errSecUnknownCriticalExtensionFlag = -67603, /* There is an unknown critical extension flag. */
398 errSecNoBasicConstraints = -67604, /* No basic constraints were found. */
399 errSecNoBasicConstraintsCA = -67605, /* No basic CA constraints were found. */
400 errSecInvalidAuthorityKeyID = -67606, /* The authority key ID is not valid. */
401 errSecInvalidSubjectKeyID = -67607, /* The subject key ID is not valid. */
402 errSecInvalidKeyUsageForPolicy = -67608, /* The key usage is not valid for the specified policy. */
403 errSecInvalidExtendedKeyUsage = -67609, /* The extended key usage is not valid. */
404 errSecInvalidIDLinkage = -67610, /* The ID linkage is not valid. */
405 errSecPathLengthConstraintExceeded = -67611, /* The path length constraint was exceeded. */
406 errSecInvalidRoot = -67612, /* The root or anchor certificate is not valid. */
407 errSecCRLExpired = -67613, /* The CRL has expired. */
408 errSecCRLNotValidYet = -67614, /* The CRL is not yet valid. */
409 errSecCRLNotFound = -67615, /* The CRL was not found. */
410 errSecCRLServerDown = -67616, /* The CRL server is down. */
411 errSecCRLBadURI = -67617, /* The CRL has a bad Uniform Resource Identifier. */
412 errSecUnknownCertExtension = -67618, /* An unknown certificate extension was encountered. */
413 errSecUnknownCRLExtension = -67619, /* An unknown CRL extension was encountered. */
414 errSecCRLNotTrusted = -67620, /* The CRL is not trusted. */
415 errSecCRLPolicyFailed = -67621, /* The CRL policy failed. */
416 errSecIDPFailure = -67622, /* The issuing distribution point was not valid. */
417 errSecSMIMEEmailAddressesNotFound = -67623, /* An email address mismatch was encountered. */
418 errSecSMIMEBadExtendedKeyUsage = -67624, /* The appropriate extended key usage for SMIME was not found. */
419 errSecSMIMEBadKeyUsage = -67625, /* The key usage is not compatible with SMIME. */
420 errSecSMIMEKeyUsageNotCritical = -67626, /* The key usage extension is not marked as critical. */
421 errSecSMIMENoEmailAddress = -67627, /* No email address was found in the certificate. */
422 errSecSMIMESubjAltNameNotCritical = -67628, /* The subject alternative name extension is not marked as critical. */
423 errSecSSLBadExtendedKeyUsage = -67629, /* The appropriate extended key usage for SSL was not found. */
424 errSecOCSPBadResponse = -67630, /* The OCSP response was incorrect or could not be parsed. */
425 errSecOCSPBadRequest = -67631, /* The OCSP request was incorrect or could not be parsed. */
426 errSecOCSPUnavailable = -67632, /* OCSP service is unavailable. */
427 errSecOCSPStatusUnrecognized = -67633, /* The OCSP server did not recognize this certificate. */
428 errSecEndOfData = -67634, /* An end-of-data was detected. */
429 errSecIncompleteCertRevocationCheck = -67635, /* An incomplete certificate revocation check occurred. */
430 errSecNetworkFailure = -67636, /* A network failure occurred. */
431 errSecOCSPNotTrustedToAnchor = -67637, /* The OCSP response was not trusted to a root or anchor certificate. */
432 errSecRecordModified = -67638, /* The record was modified. */
433 errSecOCSPSignatureError = -67639, /* The OCSP response had an invalid signature. */
434 errSecOCSPNoSigner = -67640, /* The OCSP response had no signer. */
435 errSecOCSPResponderMalformedReq = -67641, /* The OCSP responder was given a malformed request. */
436 errSecOCSPResponderInternalError = -67642, /* The OCSP responder encountered an internal error. */
437 errSecOCSPResponderTryLater = -67643, /* The OCSP responder is busy, try again later. */
438 errSecOCSPResponderSignatureRequired = -67644, /* The OCSP responder requires a signature. */
439 errSecOCSPResponderUnauthorized = -67645, /* The OCSP responder rejected this request as unauthorized. */
440 errSecOCSPResponseNonceMismatch = -67646, /* The OCSP response nonce did not match the request. */
441 errSecCodeSigningBadCertChainLength = -67647, /* Code signing encountered an incorrect certificate chain length. */
442 errSecCodeSigningNoBasicConstraints = -67648, /* Code signing found no basic constraints. */
443 errSecCodeSigningBadPathLengthConstraint = -67649, /* Code signing encountered an incorrect path length constraint. */
444 errSecCodeSigningNoExtendedKeyUsage = -67650, /* Code signing found no extended key usage. */
445 errSecCodeSigningDevelopment = -67651, /* Code signing indicated use of a development-only certificate. */
446 errSecResourceSignBadCertChainLength = -67652, /* Resource signing has encountered an incorrect certificate chain length. */
447 errSecResourceSignBadExtKeyUsage = -67653, /* Resource signing has encountered an error in the extended key usage. */
448 errSecTrustSettingDeny = -67654, /* The trust setting for this policy was set to Deny. */
449 errSecInvalidSubjectName = -67655, /* An invalid certificate subject name was encountered. */
450 errSecUnknownQualifiedCertStatement = -67656, /* An unknown qualified certificate statement was encountered. */
451 errSecMobileMeRequestQueued = -67657,
452 errSecMobileMeRequestRedirected = -67658,
453 errSecMobileMeServerError = -67659,
454 errSecMobileMeServerNotAvailable = -67660,
455 errSecMobileMeServerAlreadyExists = -67661,
456 errSecMobileMeServerServiceErr = -67662,
457 errSecMobileMeRequestAlreadyPending = -67663,
458 errSecMobileMeNoRequestPending = -67664,
459 errSecMobileMeCSRVerifyFailure = -67665,
460 errSecMobileMeFailedConsistencyCheck = -67666,
461 errSecNotInitialized = -67667, /* A function was called without initializing CSSM. */
462 errSecInvalidHandleUsage = -67668, /* The CSSM handle does not match with the service type. */
463 errSecPVCReferentNotFound = -67669, /* A reference to the calling module was not found in the list of authorized callers. */
464 errSecFunctionIntegrityFail = -67670, /* A function address was not within the verified module. */
465 errSecInternalError = -67671, /* An internal error has occurred. */
466 errSecMemoryError = -67672, /* A memory error has occurred. */
467 errSecInvalidData = -67673, /* Invalid data was encountered. */
468 errSecMDSError = -67674, /* A Module Directory Service error has occurred. */
469 errSecInvalidPointer = -67675, /* An invalid pointer was encountered. */
470 errSecSelfCheckFailed = -67676, /* Self-check has failed. */
471 errSecFunctionFailed = -67677, /* A function has failed. */
472 errSecModuleManifestVerifyFailed = -67678, /* A module manifest verification failure has occurred. */
473 errSecInvalidGUID = -67679, /* An invalid GUID was encountered. */
474 errSecInvalidHandle = -67680, /* An invalid handle was encountered. */
475 errSecInvalidDBList = -67681, /* An invalid DB list was encountered. */
476 errSecInvalidPassthroughID = -67682, /* An invalid passthrough ID was encountered. */
477 errSecInvalidNetworkAddress = -67683, /* An invalid network address was encountered. */
478 errSecCRLAlreadySigned = -67684, /* The certificate revocation list is already signed. */
479 errSecInvalidNumberOfFields = -67685, /* An invalid number of fields were encountered. */
480 errSecVerificationFailure = -67686, /* A verification failure occurred. */
481 errSecUnknownTag = -67687, /* An unknown tag was encountered. */
482 errSecInvalidSignature = -67688, /* An invalid signature was encountered. */
483 errSecInvalidName = -67689, /* An invalid name was encountered. */
484 errSecInvalidCertificateRef = -67690, /* An invalid certificate reference was encountered. */
485 errSecInvalidCertificateGroup = -67691, /* An invalid certificate group was encountered. */
486 errSecTagNotFound = -67692, /* The specified tag was not found. */
487 errSecInvalidQuery = -67693, /* The specified query was not valid. */
488 errSecInvalidValue = -67694, /* An invalid value was detected. */
489 errSecCallbackFailed = -67695, /* A callback has failed. */
490 errSecACLDeleteFailed = -67696, /* An ACL delete operation has failed. */
491 errSecACLReplaceFailed = -67697, /* An ACL replace operation has failed. */
492 errSecACLAddFailed = -67698, /* An ACL add operation has failed. */
493 errSecACLChangeFailed = -67699, /* An ACL change operation has failed. */
494 errSecInvalidAccessCredentials = -67700, /* Invalid access credentials were encountered. */
495 errSecInvalidRecord = -67701, /* An invalid record was encountered. */
496 errSecInvalidACL = -67702, /* An invalid ACL was encountered. */
497 errSecInvalidSampleValue = -67703, /* An invalid sample value was encountered. */
498 errSecIncompatibleVersion = -67704, /* An incompatible version was encountered. */
499 errSecPrivilegeNotGranted = -67705, /* The privilege was not granted. */
500 errSecInvalidScope = -67706, /* An invalid scope was encountered. */
501 errSecPVCAlreadyConfigured = -67707, /* The PVC is already configured. */
502 errSecInvalidPVC = -67708, /* An invalid PVC was encountered. */
503 errSecEMMLoadFailed = -67709, /* The EMM load has failed. */
504 errSecEMMUnloadFailed = -67710, /* The EMM unload has failed. */
505 errSecAddinLoadFailed = -67711, /* The add-in load operation has failed. */
506 errSecInvalidKeyRef = -67712, /* An invalid key was encountered. */
507 errSecInvalidKeyHierarchy = -67713, /* An invalid key hierarchy was encountered. */
508 errSecAddinUnloadFailed = -67714, /* The add-in unload operation has failed. */
509 errSecLibraryReferenceNotFound = -67715, /* A library reference was not found. */
510 errSecInvalidAddinFunctionTable = -67716, /* An invalid add-in function table was encountered. */
511 errSecInvalidServiceMask = -67717, /* An invalid service mask was encountered. */
512 errSecModuleNotLoaded = -67718, /* A module was not loaded. */
513 errSecInvalidSubServiceID = -67719, /* An invalid subservice ID was encountered. */
514 errSecAttributeNotInContext = -67720, /* An attribute was not in the context. */
515 errSecModuleManagerInitializeFailed = -67721, /* A module failed to initialize. */
516 errSecModuleManagerNotFound = -67722, /* A module was not found. */
517 errSecEventNotificationCallbackNotFound = -67723, /* An event notification callback was not found. */
518 errSecInputLengthError = -67724, /* An input length error was encountered. */
519 errSecOutputLengthError = -67725, /* An output length error was encountered. */
520 errSecPrivilegeNotSupported = -67726, /* The privilege is not supported. */
521 errSecDeviceError = -67727, /* A device error was encountered. */
522 errSecAttachHandleBusy = -67728, /* The CSP handle was busy. */
523 errSecNotLoggedIn = -67729, /* You are not logged in. */
524 errSecAlgorithmMismatch = -67730, /* An algorithm mismatch was encountered. */
525 errSecKeyUsageIncorrect = -67731, /* The key usage is incorrect. */
526 errSecKeyBlobTypeIncorrect = -67732, /* The key blob type is incorrect. */
527 errSecKeyHeaderInconsistent = -67733, /* The key header is inconsistent. */
528 errSecUnsupportedKeyFormat = -67734, /* The key header format is not supported. */
529 errSecUnsupportedKeySize = -67735, /* The key size is not supported. */
530 errSecInvalidKeyUsageMask = -67736, /* The key usage mask is not valid. */
531 errSecUnsupportedKeyUsageMask = -67737, /* The key usage mask is not supported. */
532 errSecInvalidKeyAttributeMask = -67738, /* The key attribute mask is not valid. */
533 errSecUnsupportedKeyAttributeMask = -67739, /* The key attribute mask is not supported. */
534 errSecInvalidKeyLabel = -67740, /* The key label is not valid. */
535 errSecUnsupportedKeyLabel = -67741, /* The key label is not supported. */
536 errSecInvalidKeyFormat = -67742, /* The key format is not valid. */
537 errSecUnsupportedVectorOfBuffers = -67743, /* The vector of buffers is not supported. */
538 errSecInvalidInputVector = -67744, /* The input vector is not valid. */
539 errSecInvalidOutputVector = -67745, /* The output vector is not valid. */
540 errSecInvalidContext = -67746, /* An invalid context was encountered. */
541 errSecInvalidAlgorithm = -67747, /* An invalid algorithm was encountered. */
542 errSecInvalidAttributeKey = -67748, /* A key attribute was not valid. */
543 errSecMissingAttributeKey = -67749, /* A key attribute was missing. */
544 errSecInvalidAttributeInitVector = -67750, /* An init vector attribute was not valid. */
545 errSecMissingAttributeInitVector = -67751, /* An init vector attribute was missing. */
546 errSecInvalidAttributeSalt = -67752, /* A salt attribute was not valid. */
547 errSecMissingAttributeSalt = -67753, /* A salt attribute was missing. */
548 errSecInvalidAttributePadding = -67754, /* A padding attribute was not valid. */
549 errSecMissingAttributePadding = -67755, /* A padding attribute was missing. */
550 errSecInvalidAttributeRandom = -67756, /* A random number attribute was not valid. */
551 errSecMissingAttributeRandom = -67757, /* A random number attribute was missing. */
552 errSecInvalidAttributeSeed = -67758, /* A seed attribute was not valid. */
553 errSecMissingAttributeSeed = -67759, /* A seed attribute was missing. */
554 errSecInvalidAttributePassphrase = -67760, /* A passphrase attribute was not valid. */
555 errSecMissingAttributePassphrase = -67761, /* A passphrase attribute was missing. */
556 errSecInvalidAttributeKeyLength = -67762, /* A key length attribute was not valid. */
557 errSecMissingAttributeKeyLength = -67763, /* A key length attribute was missing. */
558 errSecInvalidAttributeBlockSize = -67764, /* A block size attribute was not valid. */
559 errSecMissingAttributeBlockSize = -67765, /* A block size attribute was missing. */
560 errSecInvalidAttributeOutputSize = -67766, /* An output size attribute was not valid. */
561 errSecMissingAttributeOutputSize = -67767, /* An output size attribute was missing. */
562 errSecInvalidAttributeRounds = -67768, /* The number of rounds attribute was not valid. */
563 errSecMissingAttributeRounds = -67769, /* The number of rounds attribute was missing. */
564 errSecInvalidAlgorithmParms = -67770, /* An algorithm parameters attribute was not valid. */
565 errSecMissingAlgorithmParms = -67771, /* An algorithm parameters attribute was missing. */
566 errSecInvalidAttributeLabel = -67772, /* A label attribute was not valid. */
567 errSecMissingAttributeLabel = -67773, /* A label attribute was missing. */
568 errSecInvalidAttributeKeyType = -67774, /* A key type attribute was not valid. */
569 errSecMissingAttributeKeyType = -67775, /* A key type attribute was missing. */
570 errSecInvalidAttributeMode = -67776, /* A mode attribute was not valid. */
571 errSecMissingAttributeMode = -67777, /* A mode attribute was missing. */
572 errSecInvalidAttributeEffectiveBits = -67778, /* An effective bits attribute was not valid. */
573 errSecMissingAttributeEffectiveBits = -67779, /* An effective bits attribute was missing. */
574 errSecInvalidAttributeStartDate = -67780, /* A start date attribute was not valid. */
575 errSecMissingAttributeStartDate = -67781, /* A start date attribute was missing. */
576 errSecInvalidAttributeEndDate = -67782, /* An end date attribute was not valid. */
577 errSecMissingAttributeEndDate = -67783, /* An end date attribute was missing. */
578 errSecInvalidAttributeVersion = -67784, /* A version attribute was not valid. */
579 errSecMissingAttributeVersion = -67785, /* A version attribute was missing. */
580 errSecInvalidAttributePrime = -67786, /* A prime attribute was not valid. */
581 errSecMissingAttributePrime = -67787, /* A prime attribute was missing. */
582 errSecInvalidAttributeBase = -67788, /* A base attribute was not valid. */
583 errSecMissingAttributeBase = -67789, /* A base attribute was missing. */
584 errSecInvalidAttributeSubprime = -67790, /* A subprime attribute was not valid. */
585 errSecMissingAttributeSubprime = -67791, /* A subprime attribute was missing. */
586 errSecInvalidAttributeIterationCount = -67792, /* An iteration count attribute was not valid. */
587 errSecMissingAttributeIterationCount = -67793, /* An iteration count attribute was missing. */
588 errSecInvalidAttributeDLDBHandle = -67794, /* A database handle attribute was not valid. */
589 errSecMissingAttributeDLDBHandle = -67795, /* A database handle attribute was missing. */
590 errSecInvalidAttributeAccessCredentials = -67796, /* An access credentials attribute was not valid. */
591 errSecMissingAttributeAccessCredentials = -67797, /* An access credentials attribute was missing. */
592 errSecInvalidAttributePublicKeyFormat = -67798, /* A public key format attribute was not valid. */
593 errSecMissingAttributePublicKeyFormat = -67799, /* A public key format attribute was missing. */
594 errSecInvalidAttributePrivateKeyFormat = -67800, /* A private key format attribute was not valid. */
595 errSecMissingAttributePrivateKeyFormat = -67801, /* A private key format attribute was missing. */
596 errSecInvalidAttributeSymmetricKeyFormat = -67802, /* A symmetric key format attribute was not valid. */
597 errSecMissingAttributeSymmetricKeyFormat = -67803, /* A symmetric key format attribute was missing. */
598 errSecInvalidAttributeWrappedKeyFormat = -67804, /* A wrapped key format attribute was not valid. */
599 errSecMissingAttributeWrappedKeyFormat = -67805, /* A wrapped key format attribute was missing. */
600 errSecStagedOperationInProgress = -67806, /* A staged operation is in progress. */
601 errSecStagedOperationNotStarted = -67807, /* A staged operation was not started. */
602 errSecVerifyFailed = -67808, /* A cryptographic verification failure has occurred. */
603 errSecQuerySizeUnknown = -67809, /* The query size is unknown. */
604 errSecBlockSizeMismatch = -67810, /* A block size mismatch occurred. */
605 errSecPublicKeyInconsistent = -67811, /* The public key was inconsistent. */
606 errSecDeviceVerifyFailed = -67812, /* A device verification failure has occurred. */
607 errSecInvalidLoginName = -67813, /* An invalid login name was detected. */
608 errSecAlreadyLoggedIn = -67814, /* The user is already logged in. */
609 errSecInvalidDigestAlgorithm = -67815, /* An invalid digest algorithm was detected. */
610 errSecInvalidCRLGroup = -67816, /* An invalid CRL group was detected. */
611 errSecCertificateCannotOperate = -67817, /* The certificate cannot operate. */
612 errSecCertificateExpired = -67818, /* An expired certificate was detected. */
613 errSecCertificateNotValidYet = -67819, /* The certificate is not yet valid. */
614 errSecCertificateRevoked = -67820, /* The certificate was revoked. */
615 errSecCertificateSuspended = -67821, /* The certificate was suspended. */
616 errSecInsufficientCredentials = -67822, /* Insufficient credentials were detected. */
617 errSecInvalidAction = -67823, /* The action was not valid. */
618 errSecInvalidAuthority = -67824, /* The authority was not valid. */
619 errSecVerifyActionFailed = -67825, /* A verify action has failed. */
620 errSecInvalidCertAuthority = -67826, /* The certificate authority was not valid. */
621 errSecInvaldCRLAuthority = -67827, /* The CRL authority was not valid. */
622 errSecInvalidCRLEncoding = -67828, /* The CRL encoding was not valid. */
623 errSecInvalidCRLType = -67829, /* The CRL type was not valid. */
624 errSecInvalidCRL = -67830, /* The CRL was not valid. */
625 errSecInvalidFormType = -67831, /* The form type was not valid. */
626 errSecInvalidID = -67832, /* The ID was not valid. */
627 errSecInvalidIdentifier = -67833, /* The identifier was not valid. */
628 errSecInvalidIndex = -67834, /* The index was not valid. */
629 errSecInvalidPolicyIdentifiers = -67835, /* The policy identifiers are not valid. */
630 errSecInvalidTimeString = -67836, /* The time specified was not valid. */
631 errSecInvalidReason = -67837, /* The trust policy reason was not valid. */
632 errSecInvalidRequestInputs = -67838, /* The request inputs are not valid. */
633 errSecInvalidResponseVector = -67839, /* The response vector was not valid. */
634 errSecInvalidStopOnPolicy = -67840, /* The stop-on policy was not valid. */
635 errSecInvalidTuple = -67841, /* The tuple was not valid. */
636 errSecMultipleValuesUnsupported = -67842, /* Multiple values are not supported. */
637 errSecNotTrusted = -67843, /* The certificate was not trusted. */
638 errSecNoDefaultAuthority = -67844, /* No default authority was detected. */
639 errSecRejectedForm = -67845, /* The trust policy had a rejected form. */
640 errSecRequestLost = -67846, /* The request was lost. */
641 errSecRequestRejected = -67847, /* The request was rejected. */
642 errSecUnsupportedAddressType = -67848, /* The address type is not supported. */
643 errSecUnsupportedService = -67849, /* The service is not supported. */
644 errSecInvalidTupleGroup = -67850, /* The tuple group was not valid. */
645 errSecInvalidBaseACLs = -67851, /* The base ACLs are not valid. */
646 errSecInvalidTupleCredendtials = -67852, /* The tuple credentials are not valid. */
647 errSecInvalidEncoding = -67853, /* The encoding was not valid. */
648 errSecInvalidValidityPeriod = -67854, /* The validity period was not valid. */
649 errSecInvalidRequestor = -67855, /* The requestor was not valid. */
650 errSecRequestDescriptor = -67856, /* The request descriptor was not valid. */
651 errSecInvalidBundleInfo = -67857, /* The bundle information was not valid. */
652 errSecInvalidCRLIndex = -67858, /* The CRL index was not valid. */
653 errSecNoFieldValues = -67859, /* No field values were detected. */
654 errSecUnsupportedFieldFormat = -67860, /* The field format is not supported. */
655 errSecUnsupportedIndexInfo = -67861, /* The index information is not supported. */
656 errSecUnsupportedLocality = -67862, /* The locality is not supported. */
657 errSecUnsupportedNumAttributes = -67863, /* The number of attributes is not supported. */
658 errSecUnsupportedNumIndexes = -67864, /* The number of indexes is not supported. */
659 errSecUnsupportedNumRecordTypes = -67865, /* The number of record types is not supported. */
660 errSecFieldSpecifiedMultiple = -67866, /* Too many fields were specified. */
661 errSecIncompatibleFieldFormat = -67867, /* The field format was incompatible. */
662 errSecInvalidParsingModule = -67868, /* The parsing module was not valid. */
663 errSecDatabaseLocked = -67869, /* The database is locked. */
664 errSecDatastoreIsOpen = -67870, /* The data store is open. */
665 errSecMissingValue = -67871, /* A missing value was detected. */
666 errSecUnsupportedQueryLimits = -67872, /* The query limits are not supported. */
667 errSecUnsupportedNumSelectionPreds = -67873, /* The number of selection predicates is not supported. */
668 errSecUnsupportedOperator = -67874, /* The operator is not supported. */
669 errSecInvalidDBLocation = -67875, /* The database location is not valid. */
670 errSecInvalidAccessRequest = -67876, /* The access request is not valid. */
671 errSecInvalidIndexInfo = -67877, /* The index information is not valid. */
672 errSecInvalidNewOwner = -67878, /* The new owner is not valid. */
673 errSecInvalidModifyMode = -67879, /* The modify mode is not valid. */
674 errSecMissingRequiredExtension = -67880, /* A required certificate extension is missing. */
675 errSecExtendedKeyUsageNotCritical = -67881, /* The extended key usage extension was not marked critical. */
676 errSecTimestampMissing = -67882, /* A timestamp was expected but was not found. */
677 errSecTimestampInvalid = -67883, /* The timestamp was not valid. */
678 errSecTimestampNotTrusted = -67884, /* The timestamp was not trusted. */
679 errSecTimestampServiceNotAvailable = -67885, /* The timestamp service is not available. */
680 errSecTimestampBadAlg = -67886, /* An unrecognized or unsupported Algorithm Identifier in timestamp. */
681 errSecTimestampBadRequest = -67887, /* The timestamp transaction is not permitted or supported. */
682 errSecTimestampBadDataFormat = -67888, /* The timestamp data submitted has the wrong format. */
683 errSecTimestampTimeNotAvailable = -67889, /* The time source for the Timestamp Authority is not available. */
684 errSecTimestampUnacceptedPolicy = -67890, /* The requested policy is not supported by the Timestamp Authority. */
685 errSecTimestampUnacceptedExtension = -67891, /* The requested extension is not supported by the Timestamp Authority. */
686 errSecTimestampAddInfoNotAvailable = -67892, /* The additional information requested is not available. */
687 errSecTimestampSystemFailure = -67893, /* The timestamp request cannot be handled due to system failure. */
688 errSecSigningTimeMissing = -67894, /* A signing time was expected but was not found. */
689 errSecTimestampRejection = -67895, /* A timestamp transaction was rejected. */
690 errSecTimestampWaiting = -67896, /* A timestamp transaction is waiting. */
691 errSecTimestampRevocationWarning = -67897, /* A timestamp authority revocation warning was issued. */
692 errSecTimestampRevocationNotification = -67898, /* A timestamp authority revocation notification was issued. */
693 };
694
695
696 CF_IMPLICIT_BRIDGING_DISABLED
697 CF_ASSUME_NONNULL_END
698
699 __END_DECLS
700
701 #endif /* _SECURITY_SECBASE_H_ */
mirror of Security