]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_smime/lib/SecCmsBase.h
Security-57337.40.85.tar.gz
[apple/security.git] / OSX / libsecurity_smime / lib / SecCmsBase.h
1 /*
2 * Copyright (c) 2004,2011-2012,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*!
25 @header SecCmsBase.h
26 @Copyright (c) 2004,2011-2012,2014 Apple Inc. All Rights Reserved.
27
28 @availability 10.4 and later
29 @abstract Interfaces of the CMS implementation.
30 @discussion The functions here implement functions for encoding
31 and decoding Cryptographic Message Syntax (CMS) objects
32 as described in rfc3369.
33 */
34
35 #ifndef _SECURITY_SECCMSBASE_H_
36 #define _SECURITY_SECCMSBASE_H_ 1
37
38 #include <sys/types.h> /* size_t */
39 #include <Security/SecKey.h>
40 #include <Security/x509defs.h>
41
42 #if defined(__cplusplus)
43 extern "C" {
44 #endif
45
46 /*!
47 @typedef
48 @discussion XXX We need to remove these from the API and move them back to secoidt.h.
49 */
50 typedef struct SECOidDataStr SECOidData;
51
52 /*!
53 @typedef
54 @discussion XXX We might want to get rid of this alltogether.
55 */
56 typedef CSSM_X509_ALGORITHM_IDENTIFIER SECAlgorithmID;
57
58 /*!
59 @typedef
60 @discussion XXX This should probably move to SecKey.h
61 */
62 typedef SecKeyRef SecSymmetricKeyRef;
63
64 /*!
65 @typedef
66 @discussion XXX This should probably move to SecKey.h
67 */
68 typedef SecKeyRef SecPublicKeyRef;
69
70 /*!
71 @typedef
72 @discussion XXX This should probably move to SecKey.h
73 */
74 typedef SecKeyRef SecPrivateKeyRef;
75
76 /*!
77 @typedef
78 */
79 typedef void(*PK11PasswordFunc)(void);
80
81 /*!
82 @typedef
83 */
84 typedef struct SecArenaPoolStr *SecArenaPoolRef;
85
86 /*!
87 @typedef
88 */
89 typedef struct SecCmsMessageStr *SecCmsMessageRef;
90
91 /*!
92 @typedef
93 */
94 typedef struct SecCmsContentInfoStr *SecCmsContentInfoRef;
95
96 /*!
97 @typedef
98 */
99 typedef struct SecCmsSignedDataStr *SecCmsSignedDataRef;
100
101 /*!
102 @typedef
103 */
104 typedef struct SecCmsSignerInfoStr *SecCmsSignerInfoRef;
105
106 /*!
107 @typedef
108 */
109 typedef struct SecCmsEnvelopedDataStr *SecCmsEnvelopedDataRef;
110
111 /*!
112 @typedef
113 */
114 typedef struct SecCmsRecipientInfoStr *SecCmsRecipientInfoRef;
115
116 /*!
117 @typedef
118 */
119 typedef struct SecCmsDigestedDataStr *SecCmsDigestedDataRef;
120
121 /*!
122 @typedef
123 */
124 typedef struct SecCmsEncryptedDataStr *SecCmsEncryptedDataRef;
125
126 /*!
127 @typedef
128 */
129 typedef struct SecCmsDecoderStr *SecCmsDecoderRef;
130
131 /*!
132 @typedef
133 */
134 typedef struct SecCmsEncoderStr *SecCmsEncoderRef;
135
136 /*!
137 @typedef
138 */
139 typedef struct SecCmsDigestContextStr *SecCmsDigestContextRef;
140
141
142 /*!
143 @typedef
144 @discussion Type of function passed to SecCmsDecode or SecCmsDecoderStart.
145 If specified, this is where the content bytes (only) will be "sent" as they are recovered during the decoding.
146 And:
147 Type of function passed to SecCmsEncode or SecCmsEncoderStart.
148 This is where the DER-encoded bytes will be "sent".
149
150 XXX Should just combine this with SecCmsEncoderContentCallback type and use a simpler, common name.
151 */
152 typedef void (*SecCmsContentCallback)(void *arg, const char *buf, size_t len);
153
154 /*!
155 @typedef
156 @discussion Type of function passed to SecCmsDecode or SecCmsDecoderStart to retrieve the decryption key. This function is intended to be used for EncryptedData content info's which do not have a key available in a certificate, etc.
157 */
158 typedef SecSymmetricKeyRef(*SecCmsGetDecryptKeyCallback)(void *arg, SECAlgorithmID *algid);
159
160 /*!
161 @enum SecCmsVerificationStatus
162 */
163 typedef enum {
164 SecCmsVSUnverified = 0,
165 SecCmsVSGoodSignature = 1,
166 SecCmsVSBadSignature = 2,
167 SecCmsVSDigestMismatch = 3,
168 SecCmsVSSigningCertNotFound = 4,
169 SecCmsVSSigningCertNotTrusted = 5,
170 SecCmsVSSignatureAlgorithmUnknown = 6,
171 SecCmsVSSignatureAlgorithmUnsupported = 7,
172 SecCmsVSMalformedSignature = 8,
173 SecCmsVSProcessingError = 9,
174 SecCmsVSTimestampMissing = 10, /* A timestamp was expected but was not found. */
175 SecCmsVSTimestampInvalid = 11, /* The timestamp was not valid. */
176 SecCmsVSTimestampNotTrusted = 12, /* The timestamp signing chain was not trusted. */
177 } SecCmsVerificationStatus;
178
179 /*!
180 @enum SecCmsCertChainMode
181 */
182 typedef enum {
183 SecCmsCMNone = 0,
184 SecCmsCMCertOnly = 1,
185 SecCmsCMCertChain = 2,
186 SecCmsCMCertChainWithRoot = 3
187 } SecCmsCertChainMode;
188
189 /*!
190 @enum
191 @discussion XXX This should be replaced with SecPolicyRefs
192 */
193 typedef enum SECCertUsageEnum {
194 certUsageSSLClient = 0,
195 certUsageSSLServer = 1,
196 certUsageSSLServerWithStepUp = 2,
197 certUsageSSLCA = 3,
198 certUsageEmailSigner = 4,
199 certUsageEmailRecipient = 5,
200 certUsageObjectSigner = 6,
201 certUsageUserCertImport = 7,
202 certUsageVerifyCA = 8,
203 certUsageProtectedObjectSigner = 9,
204 certUsageStatusResponder = 10,
205 certUsageAnyCA = 11
206 } SECCertUsage;
207
208
209 /*!
210 @enum SECOidTag
211 @abstract Misc object IDs - these numbers are for convenient handling.
212 @discussion They are mapped into real object IDs
213 NOTE: the order of these entries must mach the array "oids" of SECOidData in util/secoid.c.
214 */
215 typedef enum {
216 SEC_OID_UNKNOWN = 0,
217 SEC_OID_MD2 = 1,
218 SEC_OID_MD4 = 2,
219 SEC_OID_MD5 = 3,
220 SEC_OID_SHA1 = 4,
221 SEC_OID_RC2_CBC = 5,
222 SEC_OID_RC4 = 6,
223 SEC_OID_DES_EDE3_CBC = 7,
224 SEC_OID_RC5_CBC_PAD = 8,
225 SEC_OID_DES_ECB = 9,
226 SEC_OID_DES_CBC = 10,
227 SEC_OID_DES_OFB = 11,
228 SEC_OID_DES_CFB = 12,
229 SEC_OID_DES_MAC = 13,
230 SEC_OID_DES_EDE = 14,
231 SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE = 15,
232 SEC_OID_PKCS1_RSA_ENCRYPTION = 16,
233 SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION = 17,
234 SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION = 18,
235 SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION = 19,
236 SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION = 20,
237 SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC = 21,
238 SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC = 22,
239 SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC = 23,
240 SEC_OID_PKCS7 = 24,
241 SEC_OID_PKCS7_DATA = 25,
242 SEC_OID_PKCS7_SIGNED_DATA = 26,
243 SEC_OID_PKCS7_ENVELOPED_DATA = 27,
244 SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA = 28,
245 SEC_OID_PKCS7_DIGESTED_DATA = 29,
246 SEC_OID_PKCS7_ENCRYPTED_DATA = 30,
247 SEC_OID_PKCS9_EMAIL_ADDRESS = 31,
248 SEC_OID_PKCS9_UNSTRUCTURED_NAME = 32,
249 SEC_OID_PKCS9_CONTENT_TYPE = 33,
250 SEC_OID_PKCS9_MESSAGE_DIGEST = 34,
251 SEC_OID_PKCS9_SIGNING_TIME = 35,
252 SEC_OID_PKCS9_COUNTER_SIGNATURE = 36,
253 SEC_OID_PKCS9_CHALLENGE_PASSWORD = 37,
254 SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS = 38,
255 SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES = 39,
256 SEC_OID_PKCS9_SMIME_CAPABILITIES = 40,
257 SEC_OID_AVA_COMMON_NAME = 41,
258 SEC_OID_AVA_COUNTRY_NAME = 42,
259 SEC_OID_AVA_LOCALITY = 43,
260 SEC_OID_AVA_STATE_OR_PROVINCE = 44,
261 SEC_OID_AVA_ORGANIZATION_NAME = 45,
262 SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME = 46,
263 SEC_OID_AVA_DN_QUALIFIER = 47,
264 SEC_OID_AVA_DC = 48,
265
266 SEC_OID_NS_TYPE_GIF = 49,
267 SEC_OID_NS_TYPE_JPEG = 50,
268 SEC_OID_NS_TYPE_URL = 51,
269 SEC_OID_NS_TYPE_HTML = 52,
270 SEC_OID_NS_TYPE_CERT_SEQUENCE = 53,
271 SEC_OID_MISSI_KEA_DSS_OLD = 54,
272 SEC_OID_MISSI_DSS_OLD = 55,
273 SEC_OID_MISSI_KEA_DSS = 56,
274 SEC_OID_MISSI_DSS = 57,
275 SEC_OID_MISSI_KEA = 58,
276 SEC_OID_MISSI_ALT_KEA = 59,
277
278 /* Netscape private certificate extensions */
279 SEC_OID_NS_CERT_EXT_NETSCAPE_OK = 60,
280 SEC_OID_NS_CERT_EXT_ISSUER_LOGO = 61,
281 SEC_OID_NS_CERT_EXT_SUBJECT_LOGO = 62,
282 SEC_OID_NS_CERT_EXT_CERT_TYPE = 63,
283 SEC_OID_NS_CERT_EXT_BASE_URL = 64,
284 SEC_OID_NS_CERT_EXT_REVOCATION_URL = 65,
285 SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL = 66,
286 SEC_OID_NS_CERT_EXT_CA_CRL_URL = 67,
287 SEC_OID_NS_CERT_EXT_CA_CERT_URL = 68,
288 SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL = 69,
289 SEC_OID_NS_CERT_EXT_CA_POLICY_URL = 70,
290 SEC_OID_NS_CERT_EXT_HOMEPAGE_URL = 71,
291 SEC_OID_NS_CERT_EXT_ENTITY_LOGO = 72,
292 SEC_OID_NS_CERT_EXT_USER_PICTURE = 73,
293 SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME = 74,
294 SEC_OID_NS_CERT_EXT_COMMENT = 75,
295 SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL = 76,
296 SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME = 77,
297 SEC_OID_NS_KEY_USAGE_GOVT_APPROVED = 78,
298
299 /* x.509 v3 Extensions */
300 SEC_OID_X509_SUBJECT_DIRECTORY_ATTR = 79,
301 SEC_OID_X509_SUBJECT_KEY_ID = 80,
302 SEC_OID_X509_KEY_USAGE = 81,
303 SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD = 82,
304 SEC_OID_X509_SUBJECT_ALT_NAME = 83,
305 SEC_OID_X509_ISSUER_ALT_NAME = 84,
306 SEC_OID_X509_BASIC_CONSTRAINTS = 85,
307 SEC_OID_X509_NAME_CONSTRAINTS = 86,
308 SEC_OID_X509_CRL_DIST_POINTS = 87,
309 SEC_OID_X509_CERTIFICATE_POLICIES = 88,
310 SEC_OID_X509_POLICY_MAPPINGS = 89,
311 SEC_OID_X509_POLICY_CONSTRAINTS = 90,
312 SEC_OID_X509_AUTH_KEY_ID = 91,
313 SEC_OID_X509_EXT_KEY_USAGE = 92,
314 SEC_OID_X509_AUTH_INFO_ACCESS = 93,
315
316 SEC_OID_X509_CRL_NUMBER = 94,
317 SEC_OID_X509_REASON_CODE = 95,
318 SEC_OID_X509_INVALID_DATE = 96,
319 /* End of x.509 v3 Extensions */
320
321 SEC_OID_X500_RSA_ENCRYPTION = 97,
322
323 /* alg 1485 additions */
324 SEC_OID_RFC1274_UID = 98,
325 SEC_OID_RFC1274_MAIL = 99,
326
327 /* PKCS 12 additions */
328 SEC_OID_PKCS12 = 100,
329 SEC_OID_PKCS12_MODE_IDS = 101,
330 SEC_OID_PKCS12_ESPVK_IDS = 102,
331 SEC_OID_PKCS12_BAG_IDS = 103,
332 SEC_OID_PKCS12_CERT_BAG_IDS = 104,
333 SEC_OID_PKCS12_OIDS = 105,
334 SEC_OID_PKCS12_PBE_IDS = 106,
335 SEC_OID_PKCS12_SIGNATURE_IDS = 107,
336 SEC_OID_PKCS12_ENVELOPING_IDS = 108,
337 /* SEC_OID_PKCS12_OFFLINE_TRANSPORT_MODE,
338 SEC_OID_PKCS12_ONLINE_TRANSPORT_MODE, */
339 SEC_OID_PKCS12_PKCS8_KEY_SHROUDING = 109,
340 SEC_OID_PKCS12_KEY_BAG_ID = 110,
341 SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID = 111,
342 SEC_OID_PKCS12_SECRET_BAG_ID = 112,
343 SEC_OID_PKCS12_X509_CERT_CRL_BAG = 113,
344 SEC_OID_PKCS12_SDSI_CERT_BAG = 114,
345 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 = 115,
346 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 = 116,
347 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC = 117,
348 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 118,
349 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 119,
350 SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4 = 120,
351 SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4 = 121,
352 SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES = 122,
353 SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST = 123,
354 /* end of PKCS 12 additions */
355
356 /* DSA signatures */
357 SEC_OID_ANSIX9_DSA_SIGNATURE = 124,
358 SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST = 125,
359 SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST = 126,
360
361 /* Verisign OIDs */
362 SEC_OID_VERISIGN_USER_NOTICES = 127,
363
364 /* PKIX OIDs */
365 SEC_OID_PKIX_CPS_POINTER_QUALIFIER = 128,
366 SEC_OID_PKIX_USER_NOTICE_QUALIFIER = 129,
367 SEC_OID_PKIX_OCSP = 130,
368 SEC_OID_PKIX_OCSP_BASIC_RESPONSE = 131,
369 SEC_OID_PKIX_OCSP_NONCE = 132,
370 SEC_OID_PKIX_OCSP_CRL = 133,
371 SEC_OID_PKIX_OCSP_RESPONSE = 134,
372 SEC_OID_PKIX_OCSP_NO_CHECK = 135,
373 SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF = 136,
374 SEC_OID_PKIX_OCSP_SERVICE_LOCATOR = 137,
375 SEC_OID_PKIX_REGCTRL_REGTOKEN = 138,
376 SEC_OID_PKIX_REGCTRL_AUTHENTICATOR = 139,
377 SEC_OID_PKIX_REGCTRL_PKIPUBINFO = 140,
378 SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS = 141,
379 SEC_OID_PKIX_REGCTRL_OLD_CERT_ID = 142,
380 SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY = 143,
381 SEC_OID_PKIX_REGINFO_UTF8_PAIRS = 144,
382 SEC_OID_PKIX_REGINFO_CERT_REQUEST = 145,
383 SEC_OID_EXT_KEY_USAGE_SERVER_AUTH = 146,
384 SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH = 147,
385 SEC_OID_EXT_KEY_USAGE_CODE_SIGN = 148,
386 SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT = 149,
387 SEC_OID_EXT_KEY_USAGE_TIME_STAMP = 150,
388 SEC_OID_OCSP_RESPONDER = 151,
389
390 /* Netscape Algorithm OIDs */
391 SEC_OID_NETSCAPE_SMIME_KEA = 152,
392
393 /* Skipjack OID -- ### mwelch temporary */
394 SEC_OID_FORTEZZA_SKIPJACK = 153,
395
396 /* PKCS 12 V2 oids */
397 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4 = 154,
398 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4 = 155,
399 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC = 156,
400 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC = 157,
401 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 158,
402 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 159,
403 SEC_OID_PKCS12_SAFE_CONTENTS_ID = 160,
404 SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID = 161,
405
406 SEC_OID_PKCS12_V1_KEY_BAG_ID = 162,
407 SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID = 163,
408 SEC_OID_PKCS12_V1_CERT_BAG_ID = 164,
409 SEC_OID_PKCS12_V1_CRL_BAG_ID = 165,
410 SEC_OID_PKCS12_V1_SECRET_BAG_ID = 166,
411 SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID = 167,
412 SEC_OID_PKCS9_X509_CERT = 168,
413 SEC_OID_PKCS9_SDSI_CERT = 169,
414 SEC_OID_PKCS9_X509_CRL = 170,
415 SEC_OID_PKCS9_FRIENDLY_NAME = 171,
416 SEC_OID_PKCS9_LOCAL_KEY_ID = 172,
417 SEC_OID_PKCS12_KEY_USAGE = 173,
418
419 /*Diffe Helman OIDS */
420 SEC_OID_X942_DIFFIE_HELMAN_KEY = 174,
421
422 /* Netscape other name types */
423 SEC_OID_NETSCAPE_NICKNAME = 175,
424
425 /* Cert Server OIDS */
426 SEC_OID_NETSCAPE_RECOVERY_REQUEST = 176,
427
428 /* New PSM certificate management OIDs */
429 SEC_OID_CERT_RENEWAL_LOCATOR = 177,
430 SEC_OID_NS_CERT_EXT_SCOPE_OF_USE = 178,
431
432 /* CMS (RFC2630) OIDs */
433 SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN = 179,
434 SEC_OID_CMS_3DES_KEY_WRAP = 180,
435 SEC_OID_CMS_RC2_KEY_WRAP = 181,
436
437 /* SMIME attributes */
438 SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE = 182,
439
440 /* AES OIDs */
441 SEC_OID_AES_128_ECB = 183,
442 SEC_OID_AES_128_CBC = 184,
443 SEC_OID_AES_192_ECB = 185,
444 SEC_OID_AES_192_CBC = 186,
445 SEC_OID_AES_256_ECB = 187,
446 SEC_OID_AES_256_CBC = 188,
447
448 SEC_OID_SDN702_DSA_SIGNATURE = 189,
449
450 SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE = 190,
451
452 SEC_OID_SHA224 = 191,
453 SEC_OID_SHA256 = 192,
454 SEC_OID_SHA384 = 193,
455 SEC_OID_SHA512 = 194,
456
457 SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION = 195,
458 SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION = 196,
459 SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION = 197,
460
461 SEC_OID_AES_128_KEY_WRAP = 198,
462 SEC_OID_AES_192_KEY_WRAP = 199,
463 SEC_OID_AES_256_KEY_WRAP = 200,
464
465 /* eContentType set by client and not understood by this library; treated
466 * like SEC_OID_PKCS7_DATA, except the caller's OID is encoded. */
467 SEC_OID_OTHER = 201,
468
469 /* ECDSA */
470 SEC_OID_EC_PUBLIC_KEY = 202,
471 SEC_OID_ECDSA_WithSHA1 = 203,
472 SEC_OID_DH_SINGLE_STD_SHA1KDF = 204,
473 SEC_OID_SECP_256_R1 = 205,
474 SEC_OID_SECP_384_R1 = 206,
475 SEC_OID_SECP_521_R1 = 207,
476
477 /* RFC 3161 Timestamping OIDs */
478 SEC_OID_PKCS9_ID_CT_TSTInfo = 208,
479 SEC_OID_PKCS9_TIMESTAMP_TOKEN = 209,
480 SEC_OID_PKCS9_SIGNING_CERTIFICATE = 210,
481
482 /* ECDSA with SHA2 */
483 SEC_OID_ECDSA_WITH_SHA256 = 211,
484 SEC_OID_ECDSA_WITH_SHA384 = 212,
485 SEC_OID_ECDSA_WITH_SHA512 = 213,
486
487 /* Apple CMS Attribute */
488 SEC_OID_APPLE_HASH_AGILITY = 214,
489
490 SEC_OID_TOTAL
491 } SECOidTag;
492
493 /*!
494 @function
495 @abstract Create a new SecArenaPool object.
496 @param chunksize Size of the chunks the pool will use to allocate its underlying storage.
497 @param outArena pointer to a SecArenaPoolRef to be created.
498 @result On success return 0 and outArena will contain a newly created SecArenaPoolRef.
499 @availability 10.4 and later
500 @updated 2004-04-23
501 */
502 OSStatus SecArenaPoolCreate(size_t chunksize, SecArenaPoolRef *outArena);
503
504 /*!
505 @function
506 @abstract Free a SecArenaPool object and everything in it.
507 @param arena The SecArenaPool object to free.
508 @param zero If this is true the arena's memory will be zero filled before it is freed.
509 @result arena will no longer be valid and the memory used by it is returned to the malloc heap.
510 @availability 10.4 and later
511 @updated 2004-04-23
512 */
513 void SecArenaPoolFree(SecArenaPoolRef arena, Boolean zero);
514
515
516 #if defined(__cplusplus)
517 }
518 #endif
519
520 #endif /* _SECURITY_SECCMSBASE_H_ */