Security-54.1.3.tar.gz

[apple/security.git] / Keychain / SecKey.cpp

diff --git a/Keychain/SecKey.cpp b/Keychain/SecKey.cpp
index 8349e7cf7dadd4fd12166c39c0ae3e5e6007f3f0..f7a4de545e7658e9eb2d81a65e9d37fb56e1353d 100644 (file)
--- a/Keychain/SecKey.cpp
+++ b/Keychain/SecKey.cpp
@@ -19,6 +19,10 @@
 
 #include "SecBridge.h"
 
+#include <Security/Access.h>
+#include <Security/Keychains.h>
+#include <Security/KeyItem.h>
+
 CFTypeID
 SecKeyGetTypeID(void)
 {
@@ -29,23 +33,43 @@ SecKeyGetTypeID(void)
        END_SECAPI1(_kCFRuntimeNotATypeID)
 }
 
-
 OSStatus
 SecKeyCreatePair(
-       SecKeychainRef keychain,
+       SecKeychainRef keychainRef,
        CSSM_ALGORITHMS algorithm,
-       UInt32 keySizeInBits,
-       CSSM_KEYUSE publicKeyUsage, 
-       uint32 publicKeyAttr, 
-       SecKeychainItemRef* publicKeyItemRef, 
-       CSSM_KEYUSE privateKeyUsage, 
-       uint32 privateKeyAttr, 
-       SecKeychainItemRef* privateKeyItemRef,
-       SecAccessRef initialAccess)
+       uint32 keySizeInBits,
+       CSSM_CC_HANDLE contextHandle,
+       CSSM_KEYUSE publicKeyUsage,
+       uint32 publicKeyAttr,
+       CSSM_KEYUSE privateKeyUsage,
+       uint32 privateKeyAttr,
+       SecAccessRef initialAccess,
+       SecKeyRef* publicKeyRef, 
+       SecKeyRef* privateKeyRef)
 {
        BEGIN_SECAPI
 
-       MacOSError::throwMe(unimpErr);//%%%for now
+       Keychain keychain = Keychain::optional(keychainRef);
+       RefPointer<Access> theAccess(initialAccess ? gTypes().access.required(initialAccess) : new Access("<key>"));
+       RefPointer<KeyItem> pubItem, privItem;
+
+       KeyItem::createPair(keychain,
+        algorithm,
+        keySizeInBits,
+        contextHandle,
+        publicKeyUsage,
+        publicKeyAttr,
+        privateKeyUsage,
+        privateKeyAttr,
+        theAccess,
+        pubItem,
+        privItem);
+
+       // Return the generated keys.
+       if (publicKeyRef)
+               *publicKeyRef = gTypes().keyItem.handle(*pubItem);
+       if (privateKeyRef)
+               *privateKeyRef = gTypes().keyItem.handle(*privItem);
 
        END_SECAPI
 }
@@ -59,3 +83,54 @@ SecKeyGetCSSMKey(SecKeyRef key, const CSSM_KEY **cssmKey)
 
        END_SECAPI
 }
+
+
+//
+// Private APIs
+//
+
+OSStatus
+SecKeyGetCredentials(
+       SecKeyRef keyRef,
+       CSSM_ACL_AUTHORIZATION_TAG operation,
+       SecCredentialType credentialType,
+       const CSSM_ACCESS_CREDENTIALS **outCredentials)
+{
+       BEGIN_SECAPI
+
+       RefPointer<KeyItem> keyItem(gTypes().keyItem.required(keyRef));
+       Required(outCredentials) = keyItem->getCredentials(operation, credentialType);
+
+       END_SECAPI
+}
+
+OSStatus
+SecKeyImportPair(
+       SecKeychainRef keychainRef,
+       const CssmKey *publicCssmKey,
+       const CssmKey *privateCssmKey,
+       SecAccessRef initialAccess,
+       SecKeyRef* publicKeyRef,
+       SecKeyRef* privateKeyRef)
+{
+       BEGIN_SECAPI
+
+       Keychain keychain = Keychain::optional(keychainRef);
+       RefPointer<Access> theAccess(initialAccess ? gTypes().access.required(initialAccess) : new Access("<key>"));
+       RefPointer<KeyItem> pubItem, privItem;
+
+       KeyItem::importPair(keychain,
+               Required(publicCssmKey),
+               Required(privateCssmKey),
+        theAccess,
+        pubItem,
+        privItem);
+
+       // Return the generated keys.
+       if (publicKeyRef)
+               *publicKeyRef = gTypes().keyItem.handle(*pubItem);
+       if (privateKeyRef)
+               *privateKeyRef = gTypes().keyItem.handle(*privItem);
+
+       END_SECAPI
+}