]> git.saurik.com Git - apple/security.git/blob - libsecurity_pkcs12/lib/pkcs12Utils.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-55163.44.tar.gz
[apple/security.git] / libsecurity_pkcs12 / lib / pkcs12Utils.h
1 /*
2 * Copyright (c) 2003-2004 Apple Computer, Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23 /*
24 * pkcs12Utils.h
25 */
26
27 #ifndef _PKCS12_UTILS_H_
28 #define _PKCS12_UTILS_H_
29
30 #include <Security/cssmtype.h>
31 #include <security_asn1/SecNssCoder.h>
32 #include <security_pkcs12/pkcs7Templates.h>
33 #include <security_pkcs12/pkcs12Templates.h>
34 #include <Security/cssmerr.h>
35 #include <CoreFoundation/CoreFoundation.h>
36 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
37
38 #ifdef __cplusplus
39 extern "C" {
40 #endif
41
42 /* malloc a NULL-ed array of pointers of size num+1 */
43 void **p12NssNullArray(
44 uint32 num,
45 SecNssCoder &coder);
46
47 /* CSSM_DATA --> uint32. Returns true if OK. */
48 bool p12DataToInt(
49 const CSSM_DATA &cdata,
50 uint32 &u);
51
52 /* uint32 --> CSSM_DATA */
53 void p12IntToData(
54 uint32 num,
55 CSSM_DATA &cdata,
56 SecNssCoder &coder);
57
58 /* CFDataRef <--> CSSM_DATA */
59 CFDataRef p12CssmDataToCf(
60 const CSSM_DATA &c);
61 void p12CfDataToCssm(
62 CFDataRef cf,
63 CSSM_DATA &c,
64 SecNssCoder &coder);
65
66 CSSM_DATA_PTR p12StringToUtf8(
67 CFStringRef cfStr,
68 SecNssCoder &coder);
69
70 const char *p12BagTypeStr(
71 NSS_P12_SB_Type type);
72 const char *p7ContentInfoTypeStr(
73 NSS_P7_CI_Type type);
74
75 /* map an OID to the components */
76
77 typedef enum {
78 PW_None, /* not comprehended */
79 PW_PKCS5_v1_5, /* PKCS5 v1.5 */
80 PW_PKCS5_v2, /* PKCS5 v2.0, not used by this module but parsed here */
81 PW_PKCS12 /* PKCS12 */
82 } PKCS_Which;
83
84 /* returns false if OID not found */
85 bool pkcsOidToParams(
86 const CSSM_OID *oid,
87 CSSM_ALGORITHMS &keyAlg, // e.g., CSSM_ALGID_DES
88 CSSM_ALGORITHMS &encrAlg, // e.g., CSSM_ALGID_3DES_3KEY_EDE
89 CSSM_ALGORITHMS &pbeHashAlg, // SHA1 or MD5
90 uint32 &keySizeInBits,
91 uint32 &blockSizeInBytes, // for IV, optional
92 CSSM_PADDING &padding, // CSSM_PADDING_PKCS7, etc.
93 CSSM_ENCRYPT_MODE &mode, // CSSM_ALGMODE_CBCPadIV8, etc.
94 PKCS_Which &pkcs); // PW_PKCS5_v1_5 or PW_PKCS12
95
96 CSSM_RETURN p12VerifyMac(
97 const NSS_P12_DecodedPFX &pfx,
98 CSSM_CSP_HANDLE cspHand,
99 const CSSM_DATA *pwd, // unicode, double null terminated
100 const CSSM_KEY *passKey,
101 SecNssCoder &coder);// for temp mallocs
102
103 void p12GenSalt(
104 CSSM_DATA &salt,
105 SecNssCoder &coder);
106
107 void p12GenLabel(
108 CSSM_DATA &label,
109 SecNssCoder &coder);
110
111 void p12NullAlgParams(
112 CSSM_X509_ALGORITHM_IDENTIFIER &algId);
113
114 /*
115 * Free memory via specified plugin's app-level allocator
116 */
117 void freeCssmMemory(
118 CSSM_HANDLE hand,
119 void *p);
120
121 /*
122 * Though it pains me to do this, I must. We "happen to know" the
123 * names (in string form) of two of a key's attributes. These
124 * have not been published anywhere, they are hard-coded into
125 * the script (KeySchema.m4) which generates the KeySchema
126 * tables.
127 */
128
129 /*
130 * This one is initially the same as the "label" argument passed
131 * in to the CSP when creating or importing keys; it eventually
132 * gets munged into the hash of the associated public key (
133 * in our case, by p12SetPubKeyHash()).
134 */
135 #define P12_KEY_ATTR_LABEL_AND_HASH "Label"
136
137 /*
138 * This one is the user-friendly name.
139 */
140 #define P12_KEY_ATTR_PRINT_NAME "PrintName"
141
142 /*
143 * Find private key by label, modify its Label attr to be the
144 * hash of the associated public key.
145 */
146 CSSM_RETURN p12SetPubKeyHash(
147 CSSM_CSP_HANDLE cspHand, // where the key lives
148 CSSM_DL_DB_HANDLE dlDbHand, // ditto
149 CSSM_DATA &keyLabel, // for DB lookup
150 CSSM_DATA_PTR newPrintName, // optional
151 SecNssCoder &coder, // for mallocing newLabel
152 CSSM_DATA &newLabel, // RETURNED with label as hash
153 CSSM_KEY_PTR &foundKey); // RETURNED on dup key detect
154
155 CSSM_RETURN p12AddContextAttribute(CSSM_CC_HANDLE CCHandle,
156 uint32 AttributeType,
157 uint32 AttributeLength,
158 const void *AttributePtr);
159
160 /*
161 * Find private key by specified label, delete it.
162 */
163 CSSM_RETURN p12DeleteKey(
164 CSSM_DL_DB_HANDLE dlDbHand,
165 const CSSM_DATA &keyLabel);
166
167 /* convert App passphrase to array of chars used in P12 PBE */
168 void p12ImportPassPhrase(
169 CFStringRef inPhrase,
170 SecNssCoder &coder,
171 CSSM_DATA &outPhrase);
172
173 /*
174 * Standard error throwMes.
175 * P12_ENCODE_ERR only occurs on DER-encode which should never fail.
176 */
177 #define P12_DECODE_ERR errSecUnknownFormat
178 #define P12_ENCODE_ERR internalComponentErr
179 #define P12_THROW_DECODE MacOSError::throwMe(P12_DECODE_ERR)
180 #define P12_THROW_ENCODE MacOSError::throwMe(P12_ENCODE_ERR)
181
182 #ifdef __cplusplus
183 }
184 #endif
185
186 #endif /* _PKCS12_UTILS_H_ */
187
mirror of Security