--- /dev/null
+/*
+ * Copyright (c) 1999-2002,2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ *
+ * cssmtype.h -- Common Security Services Manager Common Data Types
+ */
+
+#ifndef _CSSMTYPE_H_
+#define _CSSMTYPE_H_ 1
+
+#include <Security/cssmconfig.h>
+
+/* ==========================================================================
+ W A R N I N G : CDSA has been deprecated starting with 10.7. While the
+ APIs will continue to work, developers should update their code to use
+ the APIs that are suggested and NOT use the CDSA APIs
+ ========================================================================== */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Handle types. */
+
+typedef CSSM_INTPTR CSSM_HANDLE, *CSSM_HANDLE_PTR;
+
+typedef uint64 CSSM_LONG_HANDLE, *CSSM_LONG_HANDLE_PTR;
+
+typedef CSSM_HANDLE CSSM_MODULE_HANDLE, *CSSM_MODULE_HANDLE_PTR;
+
+typedef CSSM_LONG_HANDLE CSSM_CC_HANDLE; /* Cryptographic Context Handle */
+
+typedef CSSM_MODULE_HANDLE CSSM_CSP_HANDLE; /* Cryptographic Service Provider Handle */
+
+typedef CSSM_MODULE_HANDLE CSSM_TP_HANDLE; /* Trust Policy Handle */
+
+typedef CSSM_MODULE_HANDLE CSSM_AC_HANDLE; /* Authorization Computation Handle */
+
+typedef CSSM_MODULE_HANDLE CSSM_CL_HANDLE; /* Certificate Library Handle */
+
+typedef CSSM_MODULE_HANDLE CSSM_DL_HANDLE; /* Data Storage Library Handle */
+
+typedef CSSM_MODULE_HANDLE CSSM_DB_HANDLE; /* Data Storage Database Handle */
+
+
+/* invalid or NULL value for any CSSM_HANDLE type */
+enum {
+ CSSM_INVALID_HANDLE = 0
+};
+
+
+/* Data Types for Core Services */
+
+typedef sint32 CSSM_BOOL;
+enum {
+ CSSM_FALSE = 0,
+ CSSM_TRUE = !CSSM_FALSE
+};
+
+/* The standard declares this as uint32 but we changed it to sint32 to match OSStatus. */
+typedef sint32 CSSM_RETURN;
+enum {
+ CSSM_OK = 0
+};
+
+enum {
+ CSSM_MODULE_STRING_SIZE = 64
+};
+typedef char CSSM_STRING [CSSM_MODULE_STRING_SIZE + 4];
+
+typedef struct cssm_data {
+ CSSM_SIZE Length; /* in bytes */
+ uint8 *Data;
+} CSSM_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_guid {
+ uint32 Data1;
+ uint16 Data2;
+ uint16 Data3;
+ uint8 Data4[8];
+} CSSM_GUID DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_GUID_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_BITMASK;
+typedef CSSM_BITMASK CSSM_KEY_HIERARCHY;
+enum {
+ CSSM_KEY_HIERARCHY_NONE = 0,
+ CSSM_KEY_HIERARCHY_INTEG = 1,
+ CSSM_KEY_HIERARCHY_EXPORT = 2
+};
+
+typedef CSSM_BITMASK CSSM_PVC_MODE;
+enum {
+ CSSM_PVC_NONE = 0,
+ CSSM_PVC_APP = 1,
+ CSSM_PVC_SP = 2
+};
+
+typedef uint32 CSSM_PRIVILEGE_SCOPE;
+enum {
+ CSSM_PRIVILEGE_SCOPE_NONE = 0,
+ CSSM_PRIVILEGE_SCOPE_PROCESS = 1,
+ CSSM_PRIVILEGE_SCOPE_THREAD = 2
+};
+
+typedef struct cssm_version {
+ uint32 Major;
+ uint32 Minor;
+} CSSM_VERSION DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_VERSION_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_SERVICE_MASK;
+enum {
+ CSSM_SERVICE_CSSM = 0x1,
+ CSSM_SERVICE_CSP = 0x2,
+ CSSM_SERVICE_DL = 0x4,
+ CSSM_SERVICE_CL = 0x8,
+ CSSM_SERVICE_TP = 0x10,
+ CSSM_SERVICE_AC = 0x20,
+ CSSM_SERVICE_KR = 0x40
+};
+
+typedef CSSM_SERVICE_MASK CSSM_SERVICE_TYPE;
+
+typedef struct cssm_subservice_uid {
+ CSSM_GUID Guid;
+ CSSM_VERSION Version;
+ uint32 SubserviceId;
+ CSSM_SERVICE_TYPE SubserviceType;
+} CSSM_SUBSERVICE_UID DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_SUBSERVICE_UID_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_MODULE_EVENT, *CSSM_MODULE_EVENT_PTR;
+enum {
+ CSSM_NOTIFY_INSERT = 1,
+ CSSM_NOTIFY_REMOVE = 2,
+ CSSM_NOTIFY_FAULT = 3
+};
+
+typedef CSSM_RETURN (CSSMAPI *CSSM_API_ModuleEventHandler)
+ (const CSSM_GUID *ModuleGuid,
+ void* AppNotifyCallbackCtx,
+ uint32 SubserviceId,
+ CSSM_SERVICE_TYPE ServiceType,
+ CSSM_MODULE_EVENT EventType);
+
+typedef uint32 CSSM_ATTACH_FLAGS;
+enum {
+ CSSM_ATTACH_READ_ONLY = 0x00000001
+};
+
+/* Non-export privilege range: (0x00000000 - 0x7FFFFFFF) */
+/* Vendor specific range: (0x80000000 - 0xFFFFFFFF) */
+typedef uint64 CSSM_PRIVILEGE;
+typedef CSSM_PRIVILEGE CSSM_USEE_TAG;
+enum {
+ CSSM_USEE_LAST = 0xFF,
+ CSSM_USEE_NONE = 0,
+ CSSM_USEE_DOMESTIC = 1,
+ CSSM_USEE_FINANCIAL = 2,
+ CSSM_USEE_KRLE = 3,
+ CSSM_USEE_KRENT = 4,
+ CSSM_USEE_SSL = 5,
+ CSSM_USEE_AUTHENTICATION = 6,
+ CSSM_USEE_KEYEXCH = 7,
+ CSSM_USEE_MEDICAL = 8,
+ CSSM_USEE_INSURANCE = 9,
+ CSSM_USEE_WEAK = 10
+};
+
+typedef uint32 CSSM_NET_ADDRESS_TYPE;
+enum {
+ CSSM_ADDR_NONE = 0,
+ CSSM_ADDR_CUSTOM = 1,
+ CSSM_ADDR_URL = 2, /* char* */
+ CSSM_ADDR_SOCKADDR = 3,
+ CSSM_ADDR_NAME = 4 /* char* - qualified by access method */
+};
+
+typedef struct cssm_net_address {
+ CSSM_NET_ADDRESS_TYPE AddressType;
+ CSSM_DATA Address;
+} CSSM_NET_ADDRESS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_NET_ADDRESS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_NET_PROTOCOL;
+enum {
+ CSSM_NET_PROTO_NONE = 0, /* local */
+ CSSM_NET_PROTO_CUSTOM = 1, /* proprietary implementation */
+ CSSM_NET_PROTO_UNSPECIFIED = 2, /* implementation default */
+ CSSM_NET_PROTO_LDAP = 3, /* light weight directory access protocol */
+ CSSM_NET_PROTO_LDAPS = 4, /* ldap/ssl where SSL initiates the connection */
+ CSSM_NET_PROTO_LDAPNS = 5, /* ldap where ldap negotiates an SSL session */
+ CSSM_NET_PROTO_X500DAP = 6, /* x.500 Directory access protocol */
+ CSSM_NET_PROTO_FTP = 7, /* ftp for cert/crl fetch */
+ CSSM_NET_PROTO_FTPS = 8, /* ftp/ssl/tls where SSL/TLS initiates the connection */
+ CSSM_NET_PROTO_OCSP = 9, /* online certificate status protocol */
+ CSSM_NET_PROTO_CMP = 10, /* the cert request protocol in PKIX3 */
+ CSSM_NET_PROTO_CMPS = 11 /* The ssl/tls derivative of CMP */
+};
+
+typedef CSSM_RETURN (CSSMAPI *CSSM_CALLBACK)
+ (CSSM_DATA_PTR OutData, void *CallerCtx);
+
+typedef struct cssm_crypto_data {
+ CSSM_DATA Param;
+ CSSM_CALLBACK Callback;
+ void *CallerCtx;
+} CSSM_CRYPTO_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CRYPTO_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef sint32 CSSM_WORDID_TYPE;
+enum {
+ CSSM_WORDID__UNK_ = -1, /* not in dictionary */
+ CSSM_WORDID__NLU_ = 0, /* not yet looked up */
+ CSSM_WORDID__STAR_ = 1,
+ CSSM_WORDID_A = 2,
+ CSSM_WORDID_ACL = 3,
+ CSSM_WORDID_ALPHA = 4,
+ CSSM_WORDID_B = 5,
+ CSSM_WORDID_BER = 6,
+ CSSM_WORDID_BINARY = 7,
+ CSSM_WORDID_BIOMETRIC = 8,
+ CSSM_WORDID_C = 9,
+ CSSM_WORDID_CANCELED = 10,
+ CSSM_WORDID_CERT = 11,
+ CSSM_WORDID_COMMENT = 12,
+ CSSM_WORDID_CRL = 13,
+ CSSM_WORDID_CUSTOM = 14,
+ CSSM_WORDID_D = 15,
+ CSSM_WORDID_DATE = 16,
+ CSSM_WORDID_DB_DELETE = 17,
+ CSSM_WORDID_DB_EXEC_STORED_QUERY = 18,
+ CSSM_WORDID_DB_INSERT = 19,
+ CSSM_WORDID_DB_MODIFY = 20,
+ CSSM_WORDID_DB_READ = 21,
+ CSSM_WORDID_DBS_CREATE = 22,
+ CSSM_WORDID_DBS_DELETE = 23,
+ CSSM_WORDID_DECRYPT = 24,
+ CSSM_WORDID_DELETE = 25,
+ CSSM_WORDID_DELTA_CRL = 26,
+ CSSM_WORDID_DER = 27,
+ CSSM_WORDID_DERIVE = 28,
+ CSSM_WORDID_DISPLAY = 29,
+ CSSM_WORDID_DO = 30,
+ CSSM_WORDID_DSA = 31,
+ CSSM_WORDID_DSA_SHA1 = 32,
+ CSSM_WORDID_E = 33,
+ CSSM_WORDID_ELGAMAL = 34,
+ CSSM_WORDID_ENCRYPT = 35,
+ CSSM_WORDID_ENTRY = 36,
+ CSSM_WORDID_EXPORT_CLEAR = 37,
+ CSSM_WORDID_EXPORT_WRAPPED = 38,
+ CSSM_WORDID_G = 39,
+ CSSM_WORDID_GE = 40,
+ CSSM_WORDID_GENKEY = 41,
+ CSSM_WORDID_HASH = 42,
+ CSSM_WORDID_HASHED_PASSWORD = 43,
+ CSSM_WORDID_HASHED_SUBJECT = 44,
+ CSSM_WORDID_HAVAL = 45,
+ CSSM_WORDID_IBCHASH = 46,
+ CSSM_WORDID_IMPORT_CLEAR = 47,
+ CSSM_WORDID_IMPORT_WRAPPED = 48,
+ CSSM_WORDID_INTEL = 49,
+ CSSM_WORDID_ISSUER = 50,
+ CSSM_WORDID_ISSUER_INFO = 51,
+ CSSM_WORDID_K_OF_N = 52,
+ CSSM_WORDID_KEA = 53,
+ CSSM_WORDID_KEYHOLDER = 54,
+ CSSM_WORDID_L = 55,
+ CSSM_WORDID_LE = 56,
+ CSSM_WORDID_LOGIN = 57,
+ CSSM_WORDID_LOGIN_NAME = 58,
+ CSSM_WORDID_MAC = 59,
+ CSSM_WORDID_MD2 = 60,
+ CSSM_WORDID_MD2WITHRSA = 61,
+ CSSM_WORDID_MD4 = 62,
+ CSSM_WORDID_MD5 = 63,
+ CSSM_WORDID_MD5WITHRSA = 64,
+ CSSM_WORDID_N = 65,
+ CSSM_WORDID_NAME = 66,
+ CSSM_WORDID_NDR = 67,
+ CSSM_WORDID_NHASH = 68,
+ CSSM_WORDID_NOT_AFTER = 69,
+ CSSM_WORDID_NOT_BEFORE = 70,
+ CSSM_WORDID_NULL = 71,
+ CSSM_WORDID_NUMERIC = 72,
+ CSSM_WORDID_OBJECT_HASH = 73,
+ CSSM_WORDID_ONE_TIME = 74,
+ CSSM_WORDID_ONLINE = 75,
+ CSSM_WORDID_OWNER = 76,
+ CSSM_WORDID_P = 77,
+ CSSM_WORDID_PAM_NAME = 78,
+ CSSM_WORDID_PASSWORD = 79,
+ CSSM_WORDID_PGP = 80,
+ CSSM_WORDID_PREFIX = 81,
+ CSSM_WORDID_PRIVATE_KEY = 82,
+ CSSM_WORDID_PROMPTED_BIOMETRIC = 83,
+ CSSM_WORDID_PROMPTED_PASSWORD = 84,
+ CSSM_WORDID_PROPAGATE = 85,
+ CSSM_WORDID_PROTECTED_BIOMETRIC = 86,
+ CSSM_WORDID_PROTECTED_PASSWORD = 87,
+ CSSM_WORDID_PROTECTED_PIN = 88,
+ CSSM_WORDID_PUBLIC_KEY = 89,
+ CSSM_WORDID_PUBLIC_KEY_FROM_CERT = 90,
+ CSSM_WORDID_Q = 91,
+ CSSM_WORDID_RANGE = 92,
+ CSSM_WORDID_REVAL = 93,
+ CSSM_WORDID_RIPEMAC = 94,
+ CSSM_WORDID_RIPEMD = 95,
+ CSSM_WORDID_RIPEMD160 = 96,
+ CSSM_WORDID_RSA = 97,
+ CSSM_WORDID_RSA_ISO9796 = 98,
+ CSSM_WORDID_RSA_PKCS = 99,
+ CSSM_WORDID_RSA_PKCS_MD5 = 100,
+ CSSM_WORDID_RSA_PKCS_SHA1 = 101,
+ CSSM_WORDID_RSA_PKCS1 = 102,
+ CSSM_WORDID_RSA_PKCS1_MD5 = 103,
+ CSSM_WORDID_RSA_PKCS1_SHA1 = 104,
+ CSSM_WORDID_RSA_PKCS1_SIG = 105,
+ CSSM_WORDID_RSA_RAW = 106,
+ CSSM_WORDID_SDSIV1 = 107,
+ CSSM_WORDID_SEQUENCE = 108,
+ CSSM_WORDID_SET = 109,
+ CSSM_WORDID_SEXPR = 110,
+ CSSM_WORDID_SHA1 = 111,
+ CSSM_WORDID_SHA1WITHDSA = 112,
+ CSSM_WORDID_SHA1WITHECDSA = 113,
+ CSSM_WORDID_SHA1WITHRSA = 114,
+ CSSM_WORDID_SIGN = 115,
+ CSSM_WORDID_SIGNATURE = 116,
+ CSSM_WORDID_SIGNED_NONCE = 117,
+ CSSM_WORDID_SIGNED_SECRET = 118,
+ CSSM_WORDID_SPKI = 119,
+ CSSM_WORDID_SUBJECT = 120,
+ CSSM_WORDID_SUBJECT_INFO = 121,
+ CSSM_WORDID_TAG = 122,
+ CSSM_WORDID_THRESHOLD = 123,
+ CSSM_WORDID_TIME = 124,
+ CSSM_WORDID_URI = 125,
+ CSSM_WORDID_VERSION = 126,
+ CSSM_WORDID_X509_ATTRIBUTE = 127,
+ CSSM_WORDID_X509V1 = 128,
+ CSSM_WORDID_X509V2 = 129,
+ CSSM_WORDID_X509V3 = 130,
+ CSSM_WORDID_X9_ATTRIBUTE = 131,
+ CSSM_WORDID_VENDOR_START = 0x00010000,
+ CSSM_WORDID_VENDOR_END = 0x7FFF0000
+};
+
+typedef uint32 CSSM_LIST_ELEMENT_TYPE, *CSSM_LIST_ELEMENT_TYPE_PTR;
+enum {
+ CSSM_LIST_ELEMENT_DATUM = 0x00,
+ CSSM_LIST_ELEMENT_SUBLIST = 0x01,
+ CSSM_LIST_ELEMENT_WORDID = 0x02
+};
+
+typedef uint32 CSSM_LIST_TYPE, *CSSM_LIST_TYPE_PTR;
+enum {
+ CSSM_LIST_TYPE_UNKNOWN = 0,
+ CSSM_LIST_TYPE_CUSTOM = 1,
+ CSSM_LIST_TYPE_SEXPR = 2
+};
+
+typedef struct cssm_list_element *CSSM_LIST_ELEMENT_PTR;
+
+typedef struct cssm_list {
+ CSSM_LIST_TYPE ListType; /* type of this list */
+ CSSM_LIST_ELEMENT_PTR Head; /* head of the list */
+ CSSM_LIST_ELEMENT_PTR Tail; /* tail of the list */
+} CSSM_LIST DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_LIST_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_list_element {
+ struct cssm_list_element *NextElement; /* next list element */
+ CSSM_WORDID_TYPE WordID; /* integer identifier associated */
+ /* with a Word value */
+ CSSM_LIST_ELEMENT_TYPE ElementType;
+ union {
+ CSSM_LIST Sublist; /* sublist */
+ CSSM_DATA Word; /* a byte-string */
+ } Element;
+} CSSM_LIST_ELEMENT;
+
+typedef struct { /* 5-tuple definition */
+ CSSM_LIST Issuer; /* issuer, or empty if ACL */
+ CSSM_LIST Subject; /* subject */
+ CSSM_BOOL Delegate; /* permission to delegate */
+ CSSM_LIST AuthorizationTag; /* authorization field */
+ CSSM_LIST ValidityPeriod; /* validity information (dates) */
+} CSSM_TUPLE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TUPLE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_tuplegroup {
+ uint32 NumberOfTuples;
+ CSSM_TUPLE_PTR Tuples;
+} CSSM_TUPLEGROUP DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TUPLEGROUP_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef CSSM_WORDID_TYPE CSSM_SAMPLE_TYPE;
+enum {
+ CSSM_SAMPLE_TYPE_PASSWORD = CSSM_WORDID_PASSWORD,
+ CSSM_SAMPLE_TYPE_HASHED_PASSWORD = CSSM_WORDID_HASHED_PASSWORD,
+ CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD = CSSM_WORDID_PROTECTED_PASSWORD,
+ CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD = CSSM_WORDID_PROMPTED_PASSWORD,
+ CSSM_SAMPLE_TYPE_SIGNED_NONCE = CSSM_WORDID_SIGNED_NONCE,
+ CSSM_SAMPLE_TYPE_SIGNED_SECRET = CSSM_WORDID_SIGNED_SECRET,
+ CSSM_SAMPLE_TYPE_BIOMETRIC = CSSM_WORDID_BIOMETRIC,
+ CSSM_SAMPLE_TYPE_PROTECTED_BIOMETRIC = CSSM_WORDID_PROTECTED_BIOMETRIC,
+ CSSM_SAMPLE_TYPE_PROMPTED_BIOMETRIC = CSSM_WORDID_PROMPTED_BIOMETRIC,
+ CSSM_SAMPLE_TYPE_THRESHOLD = CSSM_WORDID_THRESHOLD
+};
+
+typedef struct cssm_sample {
+ CSSM_LIST TypedSample;
+ const CSSM_SUBSERVICE_UID *Verifier;
+} CSSM_SAMPLE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_SAMPLE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_samplegroup {
+ uint32 NumberOfSamples;
+ const CSSM_SAMPLE *Samples;
+} CSSM_SAMPLEGROUP DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_SAMPLEGROUP_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef void *(CSSMAPI *CSSM_MALLOC)
+ (CSSM_SIZE size,
+ void *allocref);
+
+typedef void (CSSMAPI *CSSM_FREE)
+ (void *memblock,
+ void *allocref);
+
+typedef void *(CSSMAPI *CSSM_REALLOC)
+ (void *memblock,
+ CSSM_SIZE size,
+ void *allocref);
+
+typedef void *(CSSMAPI *CSSM_CALLOC)
+ (uint32 num,
+ CSSM_SIZE size,
+ void *allocref);
+
+typedef struct cssm_memory_funcs {
+ CSSM_MALLOC malloc_func;
+ CSSM_FREE free_func;
+ CSSM_REALLOC realloc_func;
+ CSSM_CALLOC calloc_func;
+ void *AllocRef;
+} CSSM_MEMORY_FUNCS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_MEMORY_FUNCS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef CSSM_MEMORY_FUNCS CSSM_API_MEMORY_FUNCS;
+typedef CSSM_API_MEMORY_FUNCS *CSSM_API_MEMORY_FUNCS_PTR;
+
+typedef CSSM_RETURN (CSSMAPI * CSSM_CHALLENGE_CALLBACK)
+ (const CSSM_LIST *Challenge,
+ CSSM_SAMPLEGROUP_PTR Response,
+ void *CallerCtx,
+ const CSSM_MEMORY_FUNCS *MemFuncs);
+
+typedef uint32 CSSM_CERT_TYPE, *CSSM_CERT_TYPE_PTR;
+enum {
+ CSSM_CERT_UNKNOWN = 0x00,
+ CSSM_CERT_X_509v1 = 0x01,
+ CSSM_CERT_X_509v2 = 0x02,
+ CSSM_CERT_X_509v3 = 0x03,
+ CSSM_CERT_PGP = 0x04,
+ CSSM_CERT_SPKI = 0x05,
+ CSSM_CERT_SDSIv1 = 0x06,
+ CSSM_CERT_Intel = 0x08,
+ CSSM_CERT_X_509_ATTRIBUTE = 0x09, /* X.509 attribute cert */
+ CSSM_CERT_X9_ATTRIBUTE = 0x0A, /* X9 attribute cert */
+ CSSM_CERT_TUPLE = 0x0B,
+ CSSM_CERT_ACL_ENTRY = 0x0C,
+ CSSM_CERT_MULTIPLE = 0x7FFE,
+ CSSM_CERT_LAST = 0x7FFF,
+ /* Applications wishing to define their own custom certificate
+ type should define and publicly document a uint32 value greater
+ than the CSSM_CL_CUSTOM_CERT_TYPE */
+ CSSM_CL_CUSTOM_CERT_TYPE = 0x08000
+};
+
+typedef uint32 CSSM_CERT_ENCODING, *CSSM_CERT_ENCODING_PTR;
+enum {
+ CSSM_CERT_ENCODING_UNKNOWN = 0x00,
+ CSSM_CERT_ENCODING_CUSTOM = 0x01,
+ CSSM_CERT_ENCODING_BER = 0x02,
+ CSSM_CERT_ENCODING_DER = 0x03,
+ CSSM_CERT_ENCODING_NDR = 0x04,
+ CSSM_CERT_ENCODING_SEXPR = 0x05,
+ CSSM_CERT_ENCODING_PGP = 0x06,
+ CSSM_CERT_ENCODING_MULTIPLE = 0x7FFE,
+ CSSM_CERT_ENCODING_LAST = 0x7FFF,
+ /* Applications wishing to define their own custom certificate
+ encoding should create a uint32 value greater than the
+ CSSM_CL_CUSTOM_CERT_ENCODING */
+ CSSM_CL_CUSTOM_CERT_ENCODING = 0x8000
+};
+
+typedef struct cssm_encoded_cert {
+ CSSM_CERT_TYPE CertType; /* type of certificate */
+ CSSM_CERT_ENCODING CertEncoding; /* encoding for this packed cert */
+ CSSM_DATA CertBlob; /* packed cert */
+} CSSM_ENCODED_CERT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ENCODED_CERT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_CERT_PARSE_FORMAT, *CSSM_CERT_PARSE_FORMAT_PTR;
+enum {
+ CSSM_CERT_PARSE_FORMAT_NONE = 0x00,
+ CSSM_CERT_PARSE_FORMAT_CUSTOM = 0x01, /* void* */
+ CSSM_CERT_PARSE_FORMAT_SEXPR = 0x02, /* CSSM_LIST */
+ CSSM_CERT_PARSE_FORMAT_COMPLEX = 0x03, /* void* */
+ CSSM_CERT_PARSE_FORMAT_OID_NAMED = 0x04, /* CSSM_FIELDGROUP */
+ CSSM_CERT_PARSE_FORMAT_TUPLE = 0x05, /* CSSM_TUPLE */
+ CSSM_CERT_PARSE_FORMAT_MULTIPLE = 0x7FFE,
+/* multiple forms, each cert carries a
+ parse format indicator */
+ CSSM_CERT_PARSE_FORMAT_LAST = 0x7FFF,
+/* Applications wishing to define their
+ own custom parse format should create
+ a * uint32 value greater than the
+ CSSM_CL_CUSTOM_CERT_PARSE_FORMAT */
+ CSSM_CL_CUSTOM_CERT_PARSE_FORMAT = 0x8000
+};
+
+typedef struct cssm_parsed_cert {
+ CSSM_CERT_TYPE CertType; /* certificate type */
+ CSSM_CERT_PARSE_FORMAT ParsedCertFormat;
+ /* struct of ParsedCert */
+ void *ParsedCert; /* parsed cert (to be typecast) */
+} CSSM_PARSED_CERT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PARSED_CERT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_cert_pair {
+ CSSM_ENCODED_CERT EncodedCert; /* an encoded certificate blob */
+ CSSM_PARSED_CERT ParsedCert; /* equivalent parsed certificate */
+} CSSM_CERT_PAIR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CERT_PAIR_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_CERTGROUP_TYPE, *CSSM_CERTGROUP_TYPE_PTR;
+enum {
+ CSSM_CERTGROUP_DATA = 0x00,
+ CSSM_CERTGROUP_ENCODED_CERT = 0x01,
+ CSSM_CERTGROUP_PARSED_CERT = 0x02,
+ CSSM_CERTGROUP_CERT_PAIR = 0x03
+};
+
+typedef struct cssm_certgroup {
+ CSSM_CERT_TYPE CertType;
+ CSSM_CERT_ENCODING CertEncoding;
+ uint32 NumCerts; /* # of certificates in this list */
+ union {
+ CSSM_DATA_PTR CertList; /* legacy list of single type certificate blobs */
+ CSSM_ENCODED_CERT_PTR EncodedCertList;
+ /* list of multi-type certificate blobs */
+ CSSM_PARSED_CERT_PTR ParsedCertList;
+ /* list of multi-type parsed certs */
+ CSSM_CERT_PAIR_PTR PairCertList;
+ /*list of single or multi-type certs with two representations: blob and parsed */
+ } GroupList;
+ CSSM_CERTGROUP_TYPE CertGroupType;
+ /* type of structure in the GroupList */
+ void *Reserved; /* reserved for implementation dependent use */
+} CSSM_CERTGROUP, *CSSM_CERTGROUP_PTR;
+
+typedef struct cssm_base_certs {
+ CSSM_TP_HANDLE TPHandle;
+ CSSM_CL_HANDLE CLHandle;
+ CSSM_CERTGROUP Certs;
+} CSSM_BASE_CERTS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_BASE_CERTS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_access_credentials {
+ CSSM_STRING EntryTag;
+ CSSM_BASE_CERTS BaseCerts;
+ CSSM_SAMPLEGROUP Samples;
+ CSSM_CHALLENGE_CALLBACK Callback;
+ void *CallerCtx;
+} CSSM_ACCESS_CREDENTIALS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACCESS_CREDENTIALS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef sint32 CSSM_ACL_SUBJECT_TYPE;
+enum {
+ CSSM_ACL_SUBJECT_TYPE_ANY = CSSM_WORDID__STAR_,
+ CSSM_ACL_SUBJECT_TYPE_THRESHOLD = CSSM_WORDID_THRESHOLD,
+ CSSM_ACL_SUBJECT_TYPE_PASSWORD = CSSM_WORDID_PASSWORD,
+ CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD = CSSM_WORDID_PROTECTED_PASSWORD,
+ CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD = CSSM_WORDID_PROMPTED_PASSWORD,
+ CSSM_ACL_SUBJECT_TYPE_PUBLIC_KEY = CSSM_WORDID_PUBLIC_KEY,
+ CSSM_ACL_SUBJECT_TYPE_HASHED_SUBJECT = CSSM_WORDID_HASHED_SUBJECT,
+ CSSM_ACL_SUBJECT_TYPE_BIOMETRIC = CSSM_WORDID_BIOMETRIC,
+ CSSM_ACL_SUBJECT_TYPE_PROTECTED_BIOMETRIC = CSSM_WORDID_PROTECTED_BIOMETRIC,
+ CSSM_ACL_SUBJECT_TYPE_PROMPTED_BIOMETRIC = CSSM_WORDID_PROMPTED_BIOMETRIC,
+ CSSM_ACL_SUBJECT_TYPE_LOGIN_NAME = CSSM_WORDID_LOGIN_NAME,
+ CSSM_ACL_SUBJECT_TYPE_EXT_PAM_NAME = CSSM_WORDID_PAM_NAME
+};
+
+/* Authorization tag type */
+typedef sint32 CSSM_ACL_AUTHORIZATION_TAG;
+enum {
+ /* All vendor specific constants must be in the number range
+ starting at CSSM_ACL_AUTHORIZATION_TAG_VENDOR_DEFINED_START */
+ CSSM_ACL_AUTHORIZATION_TAG_VENDOR_DEFINED_START = 0x00010000,
+ /* No restrictions. Permission to perform all operations on
+ the resource or available to an ACL owner. */
+ CSSM_ACL_AUTHORIZATION_ANY = CSSM_WORDID__STAR_,
+ /* Defined authorization tag values for CSPs */
+ CSSM_ACL_AUTHORIZATION_LOGIN = CSSM_WORDID_LOGIN,
+ CSSM_ACL_AUTHORIZATION_GENKEY = CSSM_WORDID_GENKEY,
+ CSSM_ACL_AUTHORIZATION_DELETE = CSSM_WORDID_DELETE,
+ CSSM_ACL_AUTHORIZATION_EXPORT_WRAPPED = CSSM_WORDID_EXPORT_WRAPPED,
+ CSSM_ACL_AUTHORIZATION_EXPORT_CLEAR = CSSM_WORDID_EXPORT_CLEAR,
+ CSSM_ACL_AUTHORIZATION_IMPORT_WRAPPED = CSSM_WORDID_IMPORT_WRAPPED,
+ CSSM_ACL_AUTHORIZATION_IMPORT_CLEAR = CSSM_WORDID_IMPORT_CLEAR,
+ CSSM_ACL_AUTHORIZATION_SIGN = CSSM_WORDID_SIGN,
+ CSSM_ACL_AUTHORIZATION_ENCRYPT = CSSM_WORDID_ENCRYPT,
+ CSSM_ACL_AUTHORIZATION_DECRYPT = CSSM_WORDID_DECRYPT,
+ CSSM_ACL_AUTHORIZATION_MAC = CSSM_WORDID_MAC,
+ CSSM_ACL_AUTHORIZATION_DERIVE = CSSM_WORDID_DERIVE,
+ /* Defined authorization tag values for DLs */
+ CSSM_ACL_AUTHORIZATION_DBS_CREATE = CSSM_WORDID_DBS_CREATE,
+ CSSM_ACL_AUTHORIZATION_DBS_DELETE = CSSM_WORDID_DBS_DELETE,
+ CSSM_ACL_AUTHORIZATION_DB_READ = CSSM_WORDID_DB_READ,
+ CSSM_ACL_AUTHORIZATION_DB_INSERT = CSSM_WORDID_DB_INSERT,
+ CSSM_ACL_AUTHORIZATION_DB_MODIFY = CSSM_WORDID_DB_MODIFY,
+ CSSM_ACL_AUTHORIZATION_DB_DELETE = CSSM_WORDID_DB_DELETE
+};
+
+typedef struct cssm_authorizationgroup {
+ uint32 NumberOfAuthTags;
+ CSSM_ACL_AUTHORIZATION_TAG *AuthTags;
+} CSSM_AUTHORIZATIONGROUP DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_AUTHORIZATIONGROUP_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_acl_validity_period {
+ CSSM_DATA StartDate;
+ CSSM_DATA EndDate;
+} CSSM_ACL_VALIDITY_PERIOD DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_VALIDITY_PERIOD_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_acl_entry_prototype {
+ CSSM_LIST TypedSubject;
+ CSSM_BOOL Delegate;
+ CSSM_AUTHORIZATIONGROUP Authorization;
+ CSSM_ACL_VALIDITY_PERIOD TimeRange;
+ CSSM_STRING EntryTag;
+} CSSM_ACL_ENTRY_PROTOTYPE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_ENTRY_PROTOTYPE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_acl_owner_prototype {
+ CSSM_LIST TypedSubject;
+ CSSM_BOOL Delegate;
+} CSSM_ACL_OWNER_PROTOTYPE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_OWNER_PROTOTYPE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef CSSM_RETURN (CSSMAPI * CSSM_ACL_SUBJECT_CALLBACK)
+ (const CSSM_LIST *SubjectRequest,
+ CSSM_LIST_PTR SubjectResponse,
+ void *CallerContext,
+ const CSSM_MEMORY_FUNCS *MemFuncs);
+
+typedef struct cssm_acl_entry_input {
+ CSSM_ACL_ENTRY_PROTOTYPE Prototype;
+ CSSM_ACL_SUBJECT_CALLBACK Callback;
+ void *CallerContext;
+} CSSM_ACL_ENTRY_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_ENTRY_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_resource_control_context {
+ CSSM_ACCESS_CREDENTIALS_PTR AccessCred;
+ CSSM_ACL_ENTRY_INPUT InitialAclEntry;
+} CSSM_RESOURCE_CONTROL_CONTEXT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_RESOURCE_CONTROL_CONTEXT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef CSSM_HANDLE CSSM_ACL_HANDLE;
+
+typedef struct cssm_acl_entry_info {
+ CSSM_ACL_ENTRY_PROTOTYPE EntryPublicInfo;
+ CSSM_ACL_HANDLE EntryHandle;
+} CSSM_ACL_ENTRY_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_ENTRY_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_ACL_EDIT_MODE;
+enum {
+ CSSM_ACL_EDIT_MODE_ADD = 1,
+ CSSM_ACL_EDIT_MODE_DELETE = 2,
+ CSSM_ACL_EDIT_MODE_REPLACE = 3
+};
+
+typedef struct cssm_acl_edit {
+ CSSM_ACL_EDIT_MODE EditMode;
+ CSSM_ACL_HANDLE OldEntryHandle;
+ const CSSM_ACL_ENTRY_INPUT *NewEntry;
+} CSSM_ACL_EDIT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ACL_EDIT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+#if defined(WIN32)
+typedef FARPROC CSSM_PROC_ADDR;
+#else
+typedef void (CSSMAPI *CSSM_PROC_ADDR) ();
+#endif
+typedef CSSM_PROC_ADDR *CSSM_PROC_ADDR_PTR;
+
+typedef struct cssm_func_name_addr {
+ CSSM_STRING Name;
+ CSSM_PROC_ADDR Address;
+} CSSM_FUNC_NAME_ADDR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_FUNC_NAME_ADDR_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+
+/* Data Types for Cryptographic Services */
+
+typedef struct cssm_date {
+ uint8 Year[4];
+ uint8 Month[2];
+ uint8 Day[2];
+} CSSM_DATE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DATE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_range {
+ uint32 Min; /* inclusive minimum value */
+ uint32 Max; /* inclusive maximum value */
+} CSSM_RANGE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_RANGE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_query_size_data {
+ uint32 SizeInputBlock; /* size of input data block */
+ uint32 SizeOutputBlock; /* size of resulting output data block */
+} CSSM_QUERY_SIZE_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_QUERY_SIZE_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_HEADERVERSION;
+enum {
+ CSSM_KEYHEADER_VERSION = 2
+};
+
+typedef struct cssm_key_size {
+ uint32 LogicalKeySizeInBits; /* Logical key size in bits */
+ uint32 EffectiveKeySizeInBits; /* Effective key size in bits */
+} CSSM_KEY_SIZE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_KEY_SIZE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_KEYBLOB_TYPE;
+enum {
+ CSSM_KEYBLOB_RAW = 0, /* The blob is a clear, raw key */
+ CSSM_KEYBLOB_REFERENCE = 2, /* The blob is a reference to a key */
+ CSSM_KEYBLOB_WRAPPED = 3, /* The blob is a wrapped RAW key */
+ CSSM_KEYBLOB_OTHER = 0xFFFFFFFF
+};
+
+typedef uint32 CSSM_KEYBLOB_FORMAT;
+enum {
+ /* Raw Format */
+ CSSM_KEYBLOB_RAW_FORMAT_NONE = 0,
+ /* No further conversion need to be done */
+ CSSM_KEYBLOB_RAW_FORMAT_PKCS1 = 1, /* RSA PKCS1 V1.5 */
+ CSSM_KEYBLOB_RAW_FORMAT_PKCS3 = 2, /* RSA PKCS3 V1.5 */
+ CSSM_KEYBLOB_RAW_FORMAT_MSCAPI = 3, /* Microsoft CAPI V2.0 */
+ CSSM_KEYBLOB_RAW_FORMAT_PGP = 4, /* PGP V */
+ CSSM_KEYBLOB_RAW_FORMAT_FIPS186 = 5, /* US Gov. FIPS 186 - DSS V */
+ CSSM_KEYBLOB_RAW_FORMAT_BSAFE = 6, /* RSA Bsafe V3.0 */
+ CSSM_KEYBLOB_RAW_FORMAT_CCA = 9, /* CCA clear public key blob */
+ CSSM_KEYBLOB_RAW_FORMAT_PKCS8 = 10, /* RSA PKCS8 V1.2 */
+ CSSM_KEYBLOB_RAW_FORMAT_SPKI = 11, /* SPKI Specification */
+ CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING = 12,
+ CSSM_KEYBLOB_RAW_FORMAT_OTHER = 0xFFFFFFFF /* Other, CSP defined */
+};
+enum {
+ /* Wrapped Format */
+ CSSM_KEYBLOB_WRAPPED_FORMAT_NONE = 0,
+ /* No further conversion need to be done */
+ CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS8 = 1, /* RSA PKCS8 V1.2 */
+ CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS7 = 2,
+ CSSM_KEYBLOB_WRAPPED_FORMAT_MSCAPI = 3,
+ CSSM_KEYBLOB_WRAPPED_FORMAT_OTHER = 0xFFFFFFFF /* Other, CSP defined */
+};
+enum {
+ /* Reference Format */
+ CSSM_KEYBLOB_REF_FORMAT_INTEGER = 0, /* Reference is a number or handle */
+ CSSM_KEYBLOB_REF_FORMAT_STRING = 1, /* Reference is a string or label */
+ CSSM_KEYBLOB_REF_FORMAT_SPKI = 2, /* Reference is an SPKI S-expression */
+ /* to be evaluated to locate the key */
+ CSSM_KEYBLOB_REF_FORMAT_OTHER = 0xFFFFFFFF /* Other, CSP defined */
+};
+
+typedef uint32 CSSM_KEYCLASS;
+enum {
+ CSSM_KEYCLASS_PUBLIC_KEY = 0, /* Key is public key */
+ CSSM_KEYCLASS_PRIVATE_KEY = 1, /* Key is private key */
+ CSSM_KEYCLASS_SESSION_KEY = 2, /* Key is session or symmetric key */
+ CSSM_KEYCLASS_SECRET_PART = 3, /* Key is part of secret key */
+ CSSM_KEYCLASS_OTHER = 0xFFFFFFFF /* Other */
+};
+
+typedef uint32 CSSM_KEYATTR_FLAGS;
+enum {
+ /* Valid only during call to an API. Will never be valid when set in a key header */
+ CSSM_KEYATTR_RETURN_DEFAULT = 0x00000000,
+ CSSM_KEYATTR_RETURN_DATA = 0x10000000,
+ CSSM_KEYATTR_RETURN_REF = 0x20000000,
+ CSSM_KEYATTR_RETURN_NONE = 0x40000000,
+ /* Valid during an API call and in a key header */
+ CSSM_KEYATTR_PERMANENT = 0x00000001,
+ CSSM_KEYATTR_PRIVATE = 0x00000002,
+ CSSM_KEYATTR_MODIFIABLE = 0x00000004,
+ CSSM_KEYATTR_SENSITIVE = 0x00000008,
+ CSSM_KEYATTR_EXTRACTABLE = 0x00000020,
+ /* Valid only in a key header generated by a CSP, not valid during an API call */
+ CSSM_KEYATTR_ALWAYS_SENSITIVE = 0x00000010,
+ CSSM_KEYATTR_NEVER_EXTRACTABLE = 0x00000040
+};
+
+typedef uint32 CSSM_KEYUSE;
+enum {
+ CSSM_KEYUSE_ANY = 0x80000000,
+ CSSM_KEYUSE_ENCRYPT = 0x00000001,
+ CSSM_KEYUSE_DECRYPT = 0x00000002,
+ CSSM_KEYUSE_SIGN = 0x00000004,
+ CSSM_KEYUSE_VERIFY = 0x00000008,
+ CSSM_KEYUSE_SIGN_RECOVER = 0x00000010,
+ CSSM_KEYUSE_VERIFY_RECOVER = 0x00000020,
+ CSSM_KEYUSE_WRAP = 0x00000040,
+ CSSM_KEYUSE_UNWRAP = 0x00000080,
+ CSSM_KEYUSE_DERIVE = 0x00000100
+};
+
+typedef uint32 CSSM_ALGORITHMS;
+enum {
+ CSSM_ALGID_NONE = 0,
+ CSSM_ALGID_CUSTOM = CSSM_ALGID_NONE + 1,
+ CSSM_ALGID_DH = CSSM_ALGID_NONE + 2,
+ CSSM_ALGID_PH = CSSM_ALGID_NONE + 3,
+ CSSM_ALGID_KEA = CSSM_ALGID_NONE + 4,
+ CSSM_ALGID_MD2 = CSSM_ALGID_NONE + 5,
+ CSSM_ALGID_MD4 = CSSM_ALGID_NONE + 6,
+ CSSM_ALGID_MD5 = CSSM_ALGID_NONE + 7,
+ CSSM_ALGID_SHA1 = CSSM_ALGID_NONE + 8,
+ CSSM_ALGID_NHASH = CSSM_ALGID_NONE + 9,
+ CSSM_ALGID_HAVAL = CSSM_ALGID_NONE + 10,
+ CSSM_ALGID_RIPEMD = CSSM_ALGID_NONE + 11,
+ CSSM_ALGID_IBCHASH = CSSM_ALGID_NONE + 12,
+ CSSM_ALGID_RIPEMAC = CSSM_ALGID_NONE + 13,
+ CSSM_ALGID_DES = CSSM_ALGID_NONE + 14,
+ CSSM_ALGID_DESX = CSSM_ALGID_NONE + 15,
+ CSSM_ALGID_RDES = CSSM_ALGID_NONE + 16,
+ CSSM_ALGID_3DES_3KEY_EDE = CSSM_ALGID_NONE + 17,
+ CSSM_ALGID_3DES_2KEY_EDE = CSSM_ALGID_NONE + 18,
+ CSSM_ALGID_3DES_1KEY_EEE = CSSM_ALGID_NONE + 19,
+ CSSM_ALGID_3DES_3KEY = CSSM_ALGID_3DES_3KEY_EDE,
+ CSSM_ALGID_3DES_3KEY_EEE = CSSM_ALGID_NONE + 20,
+ CSSM_ALGID_3DES_2KEY = CSSM_ALGID_3DES_2KEY_EDE,
+ CSSM_ALGID_3DES_2KEY_EEE = CSSM_ALGID_NONE + 21,
+ CSSM_ALGID_3DES_1KEY = CSSM_ALGID_3DES_3KEY_EEE,
+ CSSM_ALGID_IDEA = CSSM_ALGID_NONE + 22,
+ CSSM_ALGID_RC2 = CSSM_ALGID_NONE + 23,
+ CSSM_ALGID_RC5 = CSSM_ALGID_NONE + 24,
+ CSSM_ALGID_RC4 = CSSM_ALGID_NONE + 25,
+ CSSM_ALGID_SEAL = CSSM_ALGID_NONE + 26,
+ CSSM_ALGID_CAST = CSSM_ALGID_NONE + 27,
+ CSSM_ALGID_BLOWFISH = CSSM_ALGID_NONE + 28,
+ CSSM_ALGID_SKIPJACK = CSSM_ALGID_NONE + 29,
+ CSSM_ALGID_LUCIFER = CSSM_ALGID_NONE + 30,
+ CSSM_ALGID_MADRYGA = CSSM_ALGID_NONE + 31,
+ CSSM_ALGID_FEAL = CSSM_ALGID_NONE + 32,
+ CSSM_ALGID_REDOC = CSSM_ALGID_NONE + 33,
+ CSSM_ALGID_REDOC3 = CSSM_ALGID_NONE + 34,
+ CSSM_ALGID_LOKI = CSSM_ALGID_NONE + 35,
+ CSSM_ALGID_KHUFU = CSSM_ALGID_NONE + 36,
+ CSSM_ALGID_KHAFRE = CSSM_ALGID_NONE + 37,
+ CSSM_ALGID_MMB = CSSM_ALGID_NONE + 38,
+ CSSM_ALGID_GOST = CSSM_ALGID_NONE + 39,
+ CSSM_ALGID_SAFER = CSSM_ALGID_NONE + 40,
+ CSSM_ALGID_CRAB = CSSM_ALGID_NONE + 41,
+ CSSM_ALGID_RSA = CSSM_ALGID_NONE + 42,
+ CSSM_ALGID_DSA = CSSM_ALGID_NONE + 43,
+ CSSM_ALGID_MD5WithRSA = CSSM_ALGID_NONE + 44,
+ CSSM_ALGID_MD2WithRSA = CSSM_ALGID_NONE + 45,
+ CSSM_ALGID_ElGamal = CSSM_ALGID_NONE + 46,
+ CSSM_ALGID_MD2Random = CSSM_ALGID_NONE + 47,
+ CSSM_ALGID_MD5Random = CSSM_ALGID_NONE + 48,
+ CSSM_ALGID_SHARandom = CSSM_ALGID_NONE + 49,
+ CSSM_ALGID_DESRandom = CSSM_ALGID_NONE + 50,
+ CSSM_ALGID_SHA1WithRSA = CSSM_ALGID_NONE + 51,
+ CSSM_ALGID_CDMF = CSSM_ALGID_NONE + 52,
+ CSSM_ALGID_CAST3 = CSSM_ALGID_NONE + 53,
+ CSSM_ALGID_CAST5 = CSSM_ALGID_NONE + 54,
+ CSSM_ALGID_GenericSecret = CSSM_ALGID_NONE + 55,
+ CSSM_ALGID_ConcatBaseAndKey = CSSM_ALGID_NONE + 56,
+ CSSM_ALGID_ConcatKeyAndBase = CSSM_ALGID_NONE + 57,
+ CSSM_ALGID_ConcatBaseAndData = CSSM_ALGID_NONE + 58,
+ CSSM_ALGID_ConcatDataAndBase = CSSM_ALGID_NONE + 59,
+ CSSM_ALGID_XORBaseAndData = CSSM_ALGID_NONE + 60,
+ CSSM_ALGID_ExtractFromKey = CSSM_ALGID_NONE + 61,
+ CSSM_ALGID_SSL3PreMasterGen = CSSM_ALGID_NONE + 62,
+ CSSM_ALGID_SSL3MasterDerive = CSSM_ALGID_NONE + 63,
+ CSSM_ALGID_SSL3KeyAndMacDerive = CSSM_ALGID_NONE + 64,
+ CSSM_ALGID_SSL3MD5_MAC = CSSM_ALGID_NONE + 65,
+ CSSM_ALGID_SSL3SHA1_MAC = CSSM_ALGID_NONE + 66,
+ CSSM_ALGID_PKCS5_PBKDF1_MD5 = CSSM_ALGID_NONE + 67,
+ CSSM_ALGID_PKCS5_PBKDF1_MD2 = CSSM_ALGID_NONE + 68,
+ CSSM_ALGID_PKCS5_PBKDF1_SHA1 = CSSM_ALGID_NONE + 69,
+ CSSM_ALGID_WrapLynks = CSSM_ALGID_NONE + 70,
+ CSSM_ALGID_WrapSET_OAEP = CSSM_ALGID_NONE + 71,
+ CSSM_ALGID_BATON = CSSM_ALGID_NONE + 72,
+ CSSM_ALGID_ECDSA = CSSM_ALGID_NONE + 73,
+ CSSM_ALGID_MAYFLY = CSSM_ALGID_NONE + 74,
+ CSSM_ALGID_JUNIPER = CSSM_ALGID_NONE + 75,
+ CSSM_ALGID_FASTHASH = CSSM_ALGID_NONE + 76,
+ CSSM_ALGID_3DES = CSSM_ALGID_NONE + 77,
+ CSSM_ALGID_SSL3MD5 = CSSM_ALGID_NONE + 78,
+ CSSM_ALGID_SSL3SHA1 = CSSM_ALGID_NONE + 79,
+ CSSM_ALGID_FortezzaTimestamp = CSSM_ALGID_NONE + 80,
+ CSSM_ALGID_SHA1WithDSA = CSSM_ALGID_NONE + 81,
+ CSSM_ALGID_SHA1WithECDSA = CSSM_ALGID_NONE + 82,
+ CSSM_ALGID_DSA_BSAFE = CSSM_ALGID_NONE + 83,
+ CSSM_ALGID_ECDH = CSSM_ALGID_NONE + 84,
+ CSSM_ALGID_ECMQV = CSSM_ALGID_NONE + 85,
+ CSSM_ALGID_PKCS12_SHA1_PBE = CSSM_ALGID_NONE + 86,
+ CSSM_ALGID_ECNRA = CSSM_ALGID_NONE + 87,
+ CSSM_ALGID_SHA1WithECNRA = CSSM_ALGID_NONE + 88,
+ CSSM_ALGID_ECES = CSSM_ALGID_NONE + 89,
+ CSSM_ALGID_ECAES = CSSM_ALGID_NONE + 90,
+ CSSM_ALGID_SHA1HMAC = CSSM_ALGID_NONE + 91,
+ CSSM_ALGID_FIPS186Random = CSSM_ALGID_NONE + 92,
+ CSSM_ALGID_ECC = CSSM_ALGID_NONE + 93,
+ CSSM_ALGID_MQV = CSSM_ALGID_NONE + 94,
+ CSSM_ALGID_NRA = CSSM_ALGID_NONE + 95,
+ CSSM_ALGID_IntelPlatformRandom = CSSM_ALGID_NONE + 96,
+ CSSM_ALGID_UTC = CSSM_ALGID_NONE + 97,
+ CSSM_ALGID_HAVAL3 = CSSM_ALGID_NONE + 98,
+ CSSM_ALGID_HAVAL4 = CSSM_ALGID_NONE + 99,
+ CSSM_ALGID_HAVAL5 = CSSM_ALGID_NONE + 100,
+ CSSM_ALGID_TIGER = CSSM_ALGID_NONE + 101,
+ CSSM_ALGID_MD5HMAC = CSSM_ALGID_NONE + 102,
+ CSSM_ALGID_PKCS5_PBKDF2 = CSSM_ALGID_NONE + 103,
+ CSSM_ALGID_RUNNING_COUNTER = CSSM_ALGID_NONE + 104,
+ CSSM_ALGID_LAST = CSSM_ALGID_NONE + 0x7FFFFFFF,
+/* All algorithms IDs that are vendor specific, and not
+ part of the CSSM specification should be defined relative
+ to CSSM_ALGID_VENDOR_DEFINED. */
+ CSSM_ALGID_VENDOR_DEFINED = CSSM_ALGID_NONE + 0x80000000
+};
+
+typedef uint32 CSSM_ENCRYPT_MODE;
+enum {
+ CSSM_ALGMODE_NONE = 0,
+ CSSM_ALGMODE_CUSTOM = CSSM_ALGMODE_NONE + 1,
+ CSSM_ALGMODE_ECB = CSSM_ALGMODE_NONE + 2,
+ CSSM_ALGMODE_ECBPad = CSSM_ALGMODE_NONE + 3,
+ CSSM_ALGMODE_CBC = CSSM_ALGMODE_NONE + 4,
+ CSSM_ALGMODE_CBC_IV8 = CSSM_ALGMODE_NONE + 5,
+ CSSM_ALGMODE_CBCPadIV8 = CSSM_ALGMODE_NONE + 6,
+ CSSM_ALGMODE_CFB = CSSM_ALGMODE_NONE + 7,
+ CSSM_ALGMODE_CFB_IV8 = CSSM_ALGMODE_NONE + 8,
+ CSSM_ALGMODE_CFBPadIV8 = CSSM_ALGMODE_NONE + 9,
+ CSSM_ALGMODE_OFB = CSSM_ALGMODE_NONE + 10,
+ CSSM_ALGMODE_OFB_IV8 = CSSM_ALGMODE_NONE + 11,
+ CSSM_ALGMODE_OFBPadIV8 = CSSM_ALGMODE_NONE + 12,
+ CSSM_ALGMODE_COUNTER = CSSM_ALGMODE_NONE + 13,
+ CSSM_ALGMODE_BC = CSSM_ALGMODE_NONE + 14,
+ CSSM_ALGMODE_PCBC = CSSM_ALGMODE_NONE + 15,
+ CSSM_ALGMODE_CBCC = CSSM_ALGMODE_NONE + 16,
+ CSSM_ALGMODE_OFBNLF = CSSM_ALGMODE_NONE + 17,
+ CSSM_ALGMODE_PBC = CSSM_ALGMODE_NONE + 18,
+ CSSM_ALGMODE_PFB = CSSM_ALGMODE_NONE + 19,
+ CSSM_ALGMODE_CBCPD = CSSM_ALGMODE_NONE + 20,
+ CSSM_ALGMODE_PUBLIC_KEY = CSSM_ALGMODE_NONE + 21,
+ CSSM_ALGMODE_PRIVATE_KEY = CSSM_ALGMODE_NONE + 22,
+ CSSM_ALGMODE_SHUFFLE = CSSM_ALGMODE_NONE + 23,
+ CSSM_ALGMODE_ECB64 = CSSM_ALGMODE_NONE + 24,
+ CSSM_ALGMODE_CBC64 = CSSM_ALGMODE_NONE + 25,
+ CSSM_ALGMODE_OFB64 = CSSM_ALGMODE_NONE + 26,
+ CSSM_ALGMODE_CFB32 = CSSM_ALGMODE_NONE + 28,
+ CSSM_ALGMODE_CFB16 = CSSM_ALGMODE_NONE + 29,
+ CSSM_ALGMODE_CFB8 = CSSM_ALGMODE_NONE + 30,
+ CSSM_ALGMODE_WRAP = CSSM_ALGMODE_NONE + 31,
+ CSSM_ALGMODE_PRIVATE_WRAP = CSSM_ALGMODE_NONE + 32,
+ CSSM_ALGMODE_RELAYX = CSSM_ALGMODE_NONE + 33,
+ CSSM_ALGMODE_ECB128 = CSSM_ALGMODE_NONE + 34,
+ CSSM_ALGMODE_ECB96 = CSSM_ALGMODE_NONE + 35,
+ CSSM_ALGMODE_CBC128 = CSSM_ALGMODE_NONE + 36,
+ CSSM_ALGMODE_OAEP_HASH = CSSM_ALGMODE_NONE + 37,
+ CSSM_ALGMODE_PKCS1_EME_V15 = CSSM_ALGMODE_NONE + 38,
+ CSSM_ALGMODE_PKCS1_EME_OAEP = CSSM_ALGMODE_NONE + 39,
+ CSSM_ALGMODE_PKCS1_EMSA_V15 = CSSM_ALGMODE_NONE + 40,
+ CSSM_ALGMODE_ISO_9796 = CSSM_ALGMODE_NONE + 41,
+ CSSM_ALGMODE_X9_31 = CSSM_ALGMODE_NONE + 42,
+ CSSM_ALGMODE_LAST = CSSM_ALGMODE_NONE + 0x7FFFFFFF,
+/* All algorithms modes that are vendor specific, and
+ not part of the CSSM specification should be defined
+ relative to CSSM_ALGMODE_VENDOR_DEFINED. */
+ CSSM_ALGMODE_VENDOR_DEFINED = CSSM_ALGMODE_NONE + 0x80000000
+};
+
+typedef struct cssm_keyheader {
+ CSSM_HEADERVERSION HeaderVersion; /* Key header version */
+ CSSM_GUID CspId; /* GUID of CSP generating the key */
+ CSSM_KEYBLOB_TYPE BlobType; /* See BlobType enum */
+ CSSM_KEYBLOB_FORMAT Format; /* Raw or Reference format */
+ CSSM_ALGORITHMS AlgorithmId; /* Algorithm ID of key */
+ CSSM_KEYCLASS KeyClass; /* Public/Private/Secret, etc. */
+ uint32 LogicalKeySizeInBits; /* Logical key size in bits */
+ CSSM_KEYATTR_FLAGS KeyAttr; /* Attribute flags */
+ CSSM_KEYUSE KeyUsage; /* Key use flags */
+ CSSM_DATE StartDate; /* Effective date of key */
+ CSSM_DATE EndDate; /* Expiration date of key */
+ CSSM_ALGORITHMS WrapAlgorithmId; /* == CSSM_ALGID_NONE if clear key */
+ CSSM_ENCRYPT_MODE WrapMode; /* if alg supports multiple wrapping modes */
+ uint32 Reserved;
+} CSSM_KEYHEADER DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_KEYHEADER_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_key {
+ CSSM_KEYHEADER KeyHeader; /* Fixed length key header */
+ CSSM_DATA KeyData; /* Variable length key data */
+} CSSM_KEY DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_KEY_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef CSSM_KEY CSSM_WRAP_KEY, *CSSM_WRAP_KEY_PTR;
+
+typedef uint32 CSSM_CSPTYPE;
+enum {
+ CSSM_CSP_SOFTWARE = 1,
+ CSSM_CSP_HARDWARE = CSSM_CSP_SOFTWARE + 1,
+ CSSM_CSP_HYBRID = CSSM_CSP_SOFTWARE + 2
+};
+
+/* From DL. */
+typedef struct cssm_dl_db_handle {
+ CSSM_DL_HANDLE DLHandle;
+ CSSM_DB_HANDLE DBHandle;
+} CSSM_DL_DB_HANDLE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DL_DB_HANDLE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_CONTEXT_TYPE;
+enum {
+ CSSM_ALGCLASS_NONE = 0,
+ CSSM_ALGCLASS_CUSTOM = CSSM_ALGCLASS_NONE + 1,
+ CSSM_ALGCLASS_SIGNATURE = CSSM_ALGCLASS_NONE + 2,
+ CSSM_ALGCLASS_SYMMETRIC = CSSM_ALGCLASS_NONE + 3,
+ CSSM_ALGCLASS_DIGEST = CSSM_ALGCLASS_NONE + 4,
+ CSSM_ALGCLASS_RANDOMGEN = CSSM_ALGCLASS_NONE + 5,
+ CSSM_ALGCLASS_UNIQUEGEN = CSSM_ALGCLASS_NONE + 6,
+ CSSM_ALGCLASS_MAC = CSSM_ALGCLASS_NONE + 7,
+ CSSM_ALGCLASS_ASYMMETRIC = CSSM_ALGCLASS_NONE + 8,
+ CSSM_ALGCLASS_KEYGEN = CSSM_ALGCLASS_NONE + 9,
+ CSSM_ALGCLASS_DERIVEKEY = CSSM_ALGCLASS_NONE + 10
+};
+
+/* Attribute data type tags */
+enum {
+ CSSM_ATTRIBUTE_DATA_NONE = 0x00000000,
+ CSSM_ATTRIBUTE_DATA_UINT32 = 0x10000000,
+ CSSM_ATTRIBUTE_DATA_CSSM_DATA = 0x20000000,
+ CSSM_ATTRIBUTE_DATA_CRYPTO_DATA = 0x30000000,
+ CSSM_ATTRIBUTE_DATA_KEY = 0x40000000,
+ CSSM_ATTRIBUTE_DATA_STRING = 0x50000000,
+ CSSM_ATTRIBUTE_DATA_DATE = 0x60000000,
+ CSSM_ATTRIBUTE_DATA_RANGE = 0x70000000,
+ CSSM_ATTRIBUTE_DATA_ACCESS_CREDENTIALS = 0x80000000,
+ CSSM_ATTRIBUTE_DATA_VERSION = 0x01000000,
+ CSSM_ATTRIBUTE_DATA_DL_DB_HANDLE = 0x02000000,
+ CSSM_ATTRIBUTE_DATA_KR_PROFILE = 0x03000000,
+ CSSM_ATTRIBUTE_TYPE_MASK = 0xFF000000
+};
+
+typedef uint32 CSSM_ATTRIBUTE_TYPE;
+enum {
+ CSSM_ATTRIBUTE_NONE = 0,
+ CSSM_ATTRIBUTE_CUSTOM = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 1,
+ CSSM_ATTRIBUTE_DESCRIPTION = CSSM_ATTRIBUTE_DATA_STRING | 2,
+ CSSM_ATTRIBUTE_KEY = CSSM_ATTRIBUTE_DATA_KEY | 3,
+ CSSM_ATTRIBUTE_INIT_VECTOR = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 4,
+ CSSM_ATTRIBUTE_SALT = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 5,
+ CSSM_ATTRIBUTE_PADDING = CSSM_ATTRIBUTE_DATA_UINT32 | 6,
+ CSSM_ATTRIBUTE_RANDOM = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 7,
+ CSSM_ATTRIBUTE_SEED = CSSM_ATTRIBUTE_DATA_CRYPTO_DATA | 8,
+ CSSM_ATTRIBUTE_PASSPHRASE = CSSM_ATTRIBUTE_DATA_CRYPTO_DATA | 9,
+ CSSM_ATTRIBUTE_KEY_LENGTH = CSSM_ATTRIBUTE_DATA_UINT32 | 10,
+ CSSM_ATTRIBUTE_KEY_LENGTH_RANGE = CSSM_ATTRIBUTE_DATA_RANGE | 11,
+ CSSM_ATTRIBUTE_BLOCK_SIZE = CSSM_ATTRIBUTE_DATA_UINT32 | 12,
+ CSSM_ATTRIBUTE_OUTPUT_SIZE = CSSM_ATTRIBUTE_DATA_UINT32 | 13,
+ CSSM_ATTRIBUTE_ROUNDS = CSSM_ATTRIBUTE_DATA_UINT32 | 14,
+ CSSM_ATTRIBUTE_IV_SIZE = CSSM_ATTRIBUTE_DATA_UINT32 | 15,
+ CSSM_ATTRIBUTE_ALG_PARAMS = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 16,
+ CSSM_ATTRIBUTE_LABEL = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 17,
+ CSSM_ATTRIBUTE_KEY_TYPE = CSSM_ATTRIBUTE_DATA_UINT32 | 18,
+ CSSM_ATTRIBUTE_MODE = CSSM_ATTRIBUTE_DATA_UINT32 | 19,
+ CSSM_ATTRIBUTE_EFFECTIVE_BITS = CSSM_ATTRIBUTE_DATA_UINT32 | 20,
+ CSSM_ATTRIBUTE_START_DATE = CSSM_ATTRIBUTE_DATA_DATE | 21,
+ CSSM_ATTRIBUTE_END_DATE = CSSM_ATTRIBUTE_DATA_DATE | 22,
+ CSSM_ATTRIBUTE_KEYUSAGE = CSSM_ATTRIBUTE_DATA_UINT32 | 23,
+ CSSM_ATTRIBUTE_KEYATTR = CSSM_ATTRIBUTE_DATA_UINT32 | 24,
+ CSSM_ATTRIBUTE_VERSION = CSSM_ATTRIBUTE_DATA_VERSION | 25,
+ CSSM_ATTRIBUTE_PRIME = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 26,
+ CSSM_ATTRIBUTE_BASE = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 27,
+ CSSM_ATTRIBUTE_SUBPRIME = CSSM_ATTRIBUTE_DATA_CSSM_DATA | 28,
+ CSSM_ATTRIBUTE_ALG_ID = CSSM_ATTRIBUTE_DATA_UINT32 | 29,
+ CSSM_ATTRIBUTE_ITERATION_COUNT = CSSM_ATTRIBUTE_DATA_UINT32 | 30,
+ CSSM_ATTRIBUTE_ROUNDS_RANGE = CSSM_ATTRIBUTE_DATA_RANGE | 31,
+ CSSM_ATTRIBUTE_KRPROFILE_LOCAL = CSSM_ATTRIBUTE_DATA_KR_PROFILE | 32,
+ CSSM_ATTRIBUTE_KRPROFILE_REMOTE = CSSM_ATTRIBUTE_DATA_KR_PROFILE | 33,
+ CSSM_ATTRIBUTE_CSP_HANDLE = CSSM_ATTRIBUTE_DATA_UINT32 | 34,
+ CSSM_ATTRIBUTE_DL_DB_HANDLE = CSSM_ATTRIBUTE_DATA_DL_DB_HANDLE | 35,
+ CSSM_ATTRIBUTE_ACCESS_CREDENTIALS = CSSM_ATTRIBUTE_DATA_ACCESS_CREDENTIALS | 36,
+ CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT = CSSM_ATTRIBUTE_DATA_UINT32 | 37,
+ CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT = CSSM_ATTRIBUTE_DATA_UINT32 | 38,
+ CSSM_ATTRIBUTE_SYMMETRIC_KEY_FORMAT=CSSM_ATTRIBUTE_DATA_UINT32 | 39,
+ CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT = CSSM_ATTRIBUTE_DATA_UINT32 | 40
+};
+
+typedef uint32 CSSM_PADDING;
+enum {
+ CSSM_PADDING_NONE = 0,
+ CSSM_PADDING_CUSTOM = CSSM_PADDING_NONE + 1,
+ CSSM_PADDING_ZERO = CSSM_PADDING_NONE + 2,
+ CSSM_PADDING_ONE = CSSM_PADDING_NONE + 3,
+ CSSM_PADDING_ALTERNATE = CSSM_PADDING_NONE + 4,
+ CSSM_PADDING_FF = CSSM_PADDING_NONE + 5,
+ CSSM_PADDING_PKCS5 = CSSM_PADDING_NONE + 6,
+ CSSM_PADDING_PKCS7 = CSSM_PADDING_NONE + 7,
+ CSSM_PADDING_CIPHERSTEALING = CSSM_PADDING_NONE + 8,
+ CSSM_PADDING_RANDOM = CSSM_PADDING_NONE + 9,
+ CSSM_PADDING_PKCS1 = CSSM_PADDING_NONE + 10,
+/* All padding types that are vendor specific, and not
+ part of the CSSM specification should be defined
+ relative to CSSM_PADDING_VENDOR_DEFINED. */
+ CSSM_PADDING_VENDOR_DEFINED = CSSM_PADDING_NONE + 0x80000000
+};
+
+typedef CSSM_ALGORITHMS CSSM_KEY_TYPE;
+
+typedef struct cssm_context_attribute {
+ CSSM_ATTRIBUTE_TYPE AttributeType;
+ uint32 AttributeLength;
+ union cssm_context_attribute_value {
+ char *String;
+ uint32 Uint32;
+ CSSM_ACCESS_CREDENTIALS_PTR AccessCredentials;
+ CSSM_KEY_PTR Key;
+ CSSM_DATA_PTR Data;
+ CSSM_PADDING Padding;
+ CSSM_DATE_PTR Date;
+ CSSM_RANGE_PTR Range;
+ CSSM_CRYPTO_DATA_PTR CryptoData;
+ CSSM_VERSION_PTR Version;
+ CSSM_DL_DB_HANDLE_PTR DLDBHandle;
+ struct cssm_kr_profile *KRProfile;
+ } Attribute;
+} CSSM_CONTEXT_ATTRIBUTE, *CSSM_CONTEXT_ATTRIBUTE_PTR;
+
+typedef struct cssm_context {
+ CSSM_CONTEXT_TYPE ContextType;
+ CSSM_ALGORITHMS AlgorithmType;
+ uint32 NumberOfAttributes;
+ CSSM_CONTEXT_ATTRIBUTE_PTR ContextAttributes;
+ CSSM_CSP_HANDLE CSPHandle;
+ CSSM_BOOL Privileged;
+ uint32 /*CSSM_KR_POLICY_FLAGS*/ EncryptionProhibited;
+ uint32 WorkFactor;
+ uint32 Reserved; /* reserved for future use */
+} CSSM_CONTEXT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CONTEXT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_SC_FLAGS;
+enum {
+ CSSM_CSP_TOK_RNG = 0x00000001,
+ CSSM_CSP_TOK_CLOCK_EXISTS = 0x00000040
+};
+
+typedef uint32 CSSM_CSP_READER_FLAGS;
+enum {
+ CSSM_CSP_RDR_TOKENPRESENT = 0x00000001,
+ /* Token is present in reader/slot */
+ CSSM_CSP_RDR_EXISTS = 0x00000002,
+ /* Device is a reader with a
+ removable token */
+ CSSM_CSP_RDR_HW = 0x00000004
+ /* Slot is a hardware slot */
+};
+
+typedef uint32 CSSM_CSP_FLAGS;
+enum {
+ CSSM_CSP_TOK_WRITE_PROTECTED = 0x00000002,
+ CSSM_CSP_TOK_LOGIN_REQUIRED = 0x00000004,
+ CSSM_CSP_TOK_USER_PIN_INITIALIZED = 0x00000008,
+ CSSM_CSP_TOK_PROT_AUTHENTICATION = 0x00000100,
+ CSSM_CSP_TOK_USER_PIN_EXPIRED = 0x00100000,
+ CSSM_CSP_TOK_SESSION_KEY_PASSWORD = 0x00200000,
+ CSSM_CSP_TOK_PRIVATE_KEY_PASSWORD = 0x00400000,
+ CSSM_CSP_STORES_PRIVATE_KEYS = 0x01000000,
+ CSSM_CSP_STORES_PUBLIC_KEYS = 0x02000000,
+ CSSM_CSP_STORES_SESSION_KEYS = 0x04000000,
+ CSSM_CSP_STORES_CERTIFICATES = 0x08000000,
+ CSSM_CSP_STORES_GENERIC = 0x10000000
+};
+
+typedef uint32 CSSM_PKCS_OAEP_MGF;
+enum {
+ CSSM_PKCS_OAEP_MGF_NONE = 0,
+ CSSM_PKCS_OAEP_MGF1_SHA1 = CSSM_PKCS_OAEP_MGF_NONE + 1,
+ CSSM_PKCS_OAEP_MGF1_MD5 = CSSM_PKCS_OAEP_MGF_NONE + 2
+};
+
+typedef uint32 CSSM_PKCS_OAEP_PSOURCE;
+enum {
+ CSSM_PKCS_OAEP_PSOURCE_NONE = 0,
+ CSSM_PKCS_OAEP_PSOURCE_Pspecified = CSSM_PKCS_OAEP_PSOURCE_NONE + 1
+};
+
+typedef struct cssm_pkcs1_oaep_params {
+ uint32 HashAlgorithm;
+ CSSM_DATA HashParams;
+ CSSM_PKCS_OAEP_MGF MGF;
+ CSSM_DATA MGFParams;
+ CSSM_PKCS_OAEP_PSOURCE PSource;
+ CSSM_DATA PSourceParams;
+} CSSM_PKCS1_OAEP_PARAMS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PKCS1_OAEP_PARAMS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_csp_operational_statistics {
+ CSSM_BOOL UserAuthenticated;
+ /* CSSM_TRUE if the user is logged in to the token, CSSM_FALSE otherwise. */
+ CSSM_CSP_FLAGS DeviceFlags;
+ uint32 TokenMaxSessionCount; /* Exported by Cryptoki modules. */
+ uint32 TokenOpenedSessionCount;
+ uint32 TokenMaxRWSessionCount;
+ uint32 TokenOpenedRWSessionCount;
+ uint32 TokenTotalPublicMem; /* Storage space statistics. */
+ uint32 TokenFreePublicMem;
+ uint32 TokenTotalPrivateMem;
+ uint32 TokenFreePrivateMem;
+} CSSM_CSP_OPERATIONAL_STATISTICS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CSP_OPERATIONAL_STATISTICS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+/* Indicates that the statistical value can not be revealed or is not
+ relevant for a CSP */
+enum {
+ CSSM_VALUE_NOT_AVAILABLE = (uint32)(~0)
+};
+
+typedef struct cssm_pkcs5_pbkdf1_params {
+ CSSM_DATA Passphrase;
+ CSSM_DATA InitVector;
+} CSSM_PKCS5_PBKDF1_PARAMS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PKCS5_PBKDF1_PARAMS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_PKCS5_PBKDF2_PRF;
+enum {
+ CSSM_PKCS5_PBKDF2_PRF_HMAC_SHA1 = 0
+};
+
+typedef struct cssm_pkcs5_pbkdf2_params {
+ CSSM_DATA Passphrase;
+ CSSM_PKCS5_PBKDF2_PRF PseudoRandomFunction;
+} CSSM_PKCS5_PBKDF2_PARAMS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PKCS5_PBKDF2_PARAMS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_kea_derive_params {
+ CSSM_DATA Rb;
+ CSSM_DATA Yb;
+} CSSM_KEA_DERIVE_PARAMS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_KEA_DERIVE_PARAMS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+
+/* Data Types for Trust Policy Services */
+
+typedef struct cssm_tp_authority_id {
+ CSSM_DATA *AuthorityCert;
+ CSSM_NET_ADDRESS_PTR AuthorityLocation;
+} CSSM_TP_AUTHORITY_ID DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_AUTHORITY_ID_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_AUTHORITY_REQUEST_TYPE, *CSSM_TP_AUTHORITY_REQUEST_TYPE_PTR;
+enum {
+ CSSM_TP_AUTHORITY_REQUEST_CERTISSUE = 0x01,
+ CSSM_TP_AUTHORITY_REQUEST_CERTREVOKE = 0x02,
+ CSSM_TP_AUTHORITY_REQUEST_CERTSUSPEND = 0x03,
+ CSSM_TP_AUTHORITY_REQUEST_CERTRESUME = 0x04,
+ CSSM_TP_AUTHORITY_REQUEST_CERTVERIFY = 0x05,
+ CSSM_TP_AUTHORITY_REQUEST_CERTNOTARIZE = 0x06,
+ CSSM_TP_AUTHORITY_REQUEST_CERTUSERECOVER = 0x07,
+ CSSM_TP_AUTHORITY_REQUEST_CRLISSUE = 0x100
+};
+
+typedef CSSM_RETURN (CSSMAPI * CSSM_TP_VERIFICATION_RESULTS_CALLBACK)
+ (CSSM_MODULE_HANDLE ModuleHandle,
+ void *CallerCtx,
+ CSSM_DATA_PTR VerifiedCert);
+
+/* From CL */
+typedef CSSM_DATA CSSM_OID, *CSSM_OID_PTR;
+
+typedef struct cssm_field {
+ CSSM_OID FieldOid;
+ CSSM_DATA FieldValue;
+} CSSM_FIELD DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_FIELD_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+/* TP Again. */
+typedef struct cssm_tp_policyinfo {
+ uint32 NumberOfPolicyIds;
+ CSSM_FIELD_PTR PolicyIds;
+ void *PolicyControl;
+} CSSM_TP_POLICYINFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_POLICYINFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_SERVICES;
+enum {
+ /* bit masks for additional Authority services available through TP */
+ CSSM_TP_KEY_ARCHIVE = 0x0001, /* archive cert & keys */
+ CSSM_TP_CERT_PUBLISH = 0x0002, /* register cert in directory */
+ CSSM_TP_CERT_NOTIFY_RENEW = 0x0004, /* notify at renewal time */
+ CSSM_TP_CERT_DIR_UPDATE = 0x0008, /* update cert registry entry */
+ CSSM_TP_CRL_DISTRIBUTE = 0x0010 /* push CRL to everyone */
+};
+
+typedef uint32 CSSM_TP_ACTION;
+enum {
+ CSSM_TP_ACTION_DEFAULT = 0
+};
+
+typedef uint32 CSSM_TP_STOP_ON;
+enum {
+ CSSM_TP_STOP_ON_POLICY = 0, /* use the pre-defined stopping criteria */
+ CSSM_TP_STOP_ON_NONE = 1, /* evaluate all condition whether TRUE or FALSE */
+ CSSM_TP_STOP_ON_FIRST_PASS = 2, /* stop evaluation at first TRUE */
+ CSSM_TP_STOP_ON_FIRST_FAIL = 3 /* stop evaluation at first FALSE */
+};
+
+typedef char *CSSM_TIMESTRING;
+
+/* From DL. */
+typedef struct cssm_dl_db_list {
+ uint32 NumHandles;
+ CSSM_DL_DB_HANDLE_PTR DLDBHandle;
+} CSSM_DL_DB_LIST DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DL_DB_LIST_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+/* TP Again. */
+typedef struct cssm_tp_callerauth_context {
+ CSSM_TP_POLICYINFO Policy;
+ CSSM_TIMESTRING VerifyTime;
+ CSSM_TP_STOP_ON VerificationAbortOn;
+ CSSM_TP_VERIFICATION_RESULTS_CALLBACK CallbackWithVerifiedCert;
+ uint32 NumberOfAnchorCerts;
+ CSSM_DATA_PTR AnchorCerts;
+ CSSM_DL_DB_LIST_PTR DBList;
+ CSSM_ACCESS_CREDENTIALS_PTR CallerCredentials;
+} CSSM_TP_CALLERAUTH_CONTEXT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CALLERAUTH_CONTEXT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_CRL_PARSE_FORMAT, * CSSM_CRL_PARSE_FORMAT_PTR;
+enum {
+ CSSM_CRL_PARSE_FORMAT_NONE = 0x00,
+ CSSM_CRL_PARSE_FORMAT_CUSTOM = 0x01,
+ CSSM_CRL_PARSE_FORMAT_SEXPR = 0x02,
+ CSSM_CRL_PARSE_FORMAT_COMPLEX = 0x03,
+ CSSM_CRL_PARSE_FORMAT_OID_NAMED = 0x04,
+ CSSM_CRL_PARSE_FORMAT_TUPLE = 0x05,
+ CSSM_CRL_PARSE_FORMAT_MULTIPLE = 0x7FFE,
+ CSSM_CRL_PARSE_FORMAT_LAST = 0x7FFF,
+ /* Applications wishing to define their own custom parse
+ format should create a uint32 value greater than the
+ CSSM_CL_CUSTOM_CRL_PARSE_FORMAT */
+ CSSM_CL_CUSTOM_CRL_PARSE_FORMAT = 0x8000
+};
+
+/* From CL. */
+typedef uint32 CSSM_CRL_TYPE, *CSSM_CRL_TYPE_PTR;
+enum {
+ CSSM_CRL_TYPE_UNKNOWN = 0x00,
+ CSSM_CRL_TYPE_X_509v1 = 0x01,
+ CSSM_CRL_TYPE_X_509v2 = 0x02,
+ CSSM_CRL_TYPE_SPKI = 0x03,
+ CSSM_CRL_TYPE_MULTIPLE = 0x7FFE
+};
+
+typedef uint32 CSSM_CRL_ENCODING, *CSSM_CRL_ENCODING_PTR;
+enum {
+ CSSM_CRL_ENCODING_UNKNOWN = 0x00,
+ CSSM_CRL_ENCODING_CUSTOM = 0x01,
+ CSSM_CRL_ENCODING_BER = 0x02,
+ CSSM_CRL_ENCODING_DER = 0x03,
+ CSSM_CRL_ENCODING_BLOOM = 0x04,
+ CSSM_CRL_ENCODING_SEXPR = 0x05,
+ CSSM_CRL_ENCODING_MULTIPLE = 0x7FFE
+};
+
+typedef struct cssm_encoded_crl {
+ CSSM_CRL_TYPE CrlType; /* type of CRL */
+ CSSM_CRL_ENCODING CrlEncoding; /* encoding for this packed CRL */
+ CSSM_DATA CrlBlob; /* packed CRL */
+} CSSM_ENCODED_CRL DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_ENCODED_CRL_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+/* TP Again. */
+typedef struct cssm_parsed_crl {
+ CSSM_CRL_TYPE CrlType; /* CRL type */
+ CSSM_CRL_PARSE_FORMAT ParsedCrlFormat;
+ /* struct of ParsedCrl */
+ void *ParsedCrl; /* parsed CRL (to be typecast) */
+} CSSM_PARSED_CRL DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_PARSED_CRL_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_crl_pair {
+ CSSM_ENCODED_CRL EncodedCrl; /* an encoded CRL blob */
+ CSSM_PARSED_CRL ParsedCrl; /* equivalent parsed CRL */
+} CSSM_CRL_PAIR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CRL_PAIR_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_CRLGROUP_TYPE, * CSSM_CRLGROUP_TYPE_PTR;
+enum {
+ CSSM_CRLGROUP_DATA = 0x00,
+ CSSM_CRLGROUP_ENCODED_CRL = 0x01,
+ CSSM_CRLGROUP_PARSED_CRL = 0x02,
+ CSSM_CRLGROUP_CRL_PAIR = 0x03
+};
+
+typedef struct cssm_crlgroup {
+ CSSM_CRL_TYPE CrlType;
+ CSSM_CRL_ENCODING CrlEncoding;
+ uint32 NumberOfCrls;
+ union {
+ CSSM_DATA_PTR CrlList; /* CRL blob */
+ CSSM_ENCODED_CRL_PTR EncodedCrlList; /* CRL blob w/ separate type */
+ CSSM_PARSED_CRL_PTR ParsedCrlList; /* bushy, parsed CRL */
+ CSSM_CRL_PAIR_PTR PairCrlList;
+ } GroupCrlList;
+ CSSM_CRLGROUP_TYPE CrlGroupType;
+} CSSM_CRLGROUP, *CSSM_CRLGROUP_PTR;
+
+typedef struct cssm_fieldgroup {
+ int NumberOfFields; /* number of fields in the array */
+ CSSM_FIELD_PTR Fields; /* array of fields */
+} CSSM_FIELDGROUP DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_FIELDGROUP_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_EVIDENCE_FORM;
+enum {
+ CSSM_EVIDENCE_FORM_UNSPECIFIC = 0x0,
+ CSSM_EVIDENCE_FORM_CERT = 0x1,
+ CSSM_EVIDENCE_FORM_CRL = 0x2,
+ CSSM_EVIDENCE_FORM_CERT_ID = 0x3,
+ CSSM_EVIDENCE_FORM_CRL_ID = 0x4,
+ CSSM_EVIDENCE_FORM_VERIFIER_TIME = 0x5,
+ CSSM_EVIDENCE_FORM_CRL_THISTIME = 0x6,
+ CSSM_EVIDENCE_FORM_CRL_NEXTTIME = 0x7,
+ CSSM_EVIDENCE_FORM_POLICYINFO = 0x8,
+ CSSM_EVIDENCE_FORM_TUPLEGROUP = 0x9
+};
+
+typedef struct cssm_evidence {
+ CSSM_EVIDENCE_FORM EvidenceForm;
+ void *Evidence; /* Evidence content */
+} CSSM_EVIDENCE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_EVIDENCE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_tp_verify_context {
+ CSSM_TP_ACTION Action;
+ CSSM_DATA ActionData;
+ CSSM_CRLGROUP Crls;
+ CSSM_TP_CALLERAUTH_CONTEXT_PTR Cred;
+} CSSM_TP_VERIFY_CONTEXT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_VERIFY_CONTEXT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_tp_verify_context_result {
+ uint32 NumberOfEvidences;
+ CSSM_EVIDENCE_PTR Evidence;
+} CSSM_TP_VERIFY_CONTEXT_RESULT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_VERIFY_CONTEXT_RESULT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_tp_request_set {
+ uint32 NumberOfRequests;
+ void *Requests;
+} CSSM_TP_REQUEST_SET DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_REQUEST_SET_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_tp_result_set {
+ uint32 NumberOfResults;
+ void *Results;
+} CSSM_TP_RESULT_SET DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_RESULT_SET_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_CONFIRM_STATUS, *CSSM_TP_CONFIRM_STATUS_PTR;
+enum {
+ CSSM_TP_CONFIRM_STATUS_UNKNOWN = 0x0,
+ /* indeterminate */
+ CSSM_TP_CONFIRM_ACCEPT = 0x1,
+ /* accept results of executing a
+ submit-retrieve function pair */
+ CSSM_TP_CONFIRM_REJECT = 0x2
+ /* reject results of executing a
+ submit-retrieve function pair */
+};
+
+typedef struct cssm_tp_confirm_response {
+ uint32 NumberOfResponses;
+ CSSM_TP_CONFIRM_STATUS_PTR Responses;
+} CSSM_TP_CONFIRM_RESPONSE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CONFIRM_RESPONSE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+enum {
+ CSSM_ESTIMATED_TIME_UNKNOWN = -1
+};
+
+enum {
+ CSSM_ELAPSED_TIME_UNKNOWN = -1,
+ CSSM_ELAPSED_TIME_COMPLETE = -2
+};
+
+typedef struct cssm_tp_certissue_input {
+ CSSM_SUBSERVICE_UID CSPSubserviceUid;
+ CSSM_CL_HANDLE CLHandle;
+ uint32 NumberOfTemplateFields;
+ CSSM_FIELD_PTR SubjectCertFields;
+ CSSM_TP_SERVICES MoreServiceRequests;
+ uint32 NumberOfServiceControls;
+ CSSM_FIELD_PTR ServiceControls;
+ CSSM_ACCESS_CREDENTIALS_PTR UserCredentials;
+} CSSM_TP_CERTISSUE_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTISSUE_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_CERTISSUE_STATUS;
+enum {
+ CSSM_TP_CERTISSUE_STATUS_UNKNOWN = 0x0,
+ /* indeterminate */
+ CSSM_TP_CERTISSUE_OK = 0x1,
+ /* cert issued as requested */
+ CSSM_TP_CERTISSUE_OKWITHCERTMODS = 0x2,
+ /* cert issued but cert contents were
+ updated by the issuing authority */
+ CSSM_TP_CERTISSUE_OKWITHSERVICEMODS = 0x3,
+ /* cert issued but some requested backend
+ services were not performed by the
+ issuing authority */
+ CSSM_TP_CERTISSUE_REJECTED = 0x4,
+ /* cert was not issued due to some error
+ condition */
+ CSSM_TP_CERTISSUE_NOT_AUTHORIZED = 0x5,
+ /* cert was not issued, the request was
+ not authorized */
+ CSSM_TP_CERTISSUE_WILL_BE_REVOKED = 0x6
+ /* cert was issued, but TP has initiated
+ a revocation of the certificate */
+};
+
+typedef struct cssm_tp_certissue_output {
+ CSSM_TP_CERTISSUE_STATUS IssueStatus;
+ CSSM_CERTGROUP_PTR CertGroup;
+ CSSM_TP_SERVICES PerformedServiceRequests;
+} CSSM_TP_CERTISSUE_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTISSUE_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_CERTCHANGE_ACTION;
+enum {
+ CSSM_TP_CERTCHANGE_NONE = 0x0, /* no change */
+ CSSM_TP_CERTCHANGE_REVOKE = 0x1, /* Revoke the certificate */
+/* This action type indicates a request to revoke a single
+ certificate. Notice of the revocation operation remains
+ in affect until the certificate itself expires. Revocation
+ should be used to permanently remove a certificate from use. */
+ CSSM_TP_CERTCHANGE_HOLD = 0x2, /* Hold/suspend the certificate */
+/* This action type indicates a request to suspend a
+ single certificate. A suspension operation implies
+ that the requester intends, at some time in the future,
+ to request that the certificate be released from hold,
+ making it available for use again. Placing a hold on
+ a certificate does not obligate the requester to
+ request a release. In practice, a certificate may
+ remain on hold until the certificate itself expires.
+ Revocation should be used to permanently remove a
+ certificate from use. */
+ CSSM_TP_CERTCHANGE_RELEASE = 0x3 /* Release the held certificate */
+/* This action type indicates a request to release a
+ single certificate currently on hold. A release
+ operation makes a certificate available for use again.
+ Revocation should be used to permanently remove a
+ certificate from use. */
+};
+
+typedef uint32 CSSM_TP_CERTCHANGE_REASON;
+enum {
+ CSSM_TP_CERTCHANGE_REASON_UNKNOWN = 0x0,
+ /* unspecified */
+ CSSM_TP_CERTCHANGE_REASON_KEYCOMPROMISE = 0x1,
+ /* Subject key believed to be compromised */
+ CSSM_TP_CERTCHANGE_REASON_CACOMPROMISE = 0x2,
+ /* CA\92s key believed to be compromised */
+ CSSM_TP_CERTCHANGE_REASON_CEASEOPERATION = 0x3,
+ /* certificate holder ceases operation under
+ the jurisdiction of this certificate */
+ CSSM_TP_CERTCHANGE_REASON_AFFILIATIONCHANGE = 0x4,
+ /* certificate holder has moved from this
+ jurisdiction */
+ CSSM_TP_CERTCHANGE_REASON_SUPERCEDED = 0x5,
+ /* certificate holder as issued a new, superceding
+ certificate */
+ CSSM_TP_CERTCHANGE_REASON_SUSPECTEDCOMPROMISE = 0x6,
+ /* certificate could be compromised */
+ CSSM_TP_CERTCHANGE_REASON_HOLDRELEASE = 0x7
+ /* certificate holder resumes operation under the
+ jurisdiction of this certificate */
+};
+
+typedef struct cssm_tp_certchange_input {
+ CSSM_TP_CERTCHANGE_ACTION Action;
+ CSSM_TP_CERTCHANGE_REASON Reason;
+ CSSM_CL_HANDLE CLHandle;
+ CSSM_DATA_PTR Cert;
+ CSSM_FIELD_PTR ChangeInfo;
+ CSSM_TIMESTRING StartTime;
+ CSSM_ACCESS_CREDENTIALS_PTR CallerCredentials;
+} CSSM_TP_CERTCHANGE_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTCHANGE_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_CERTCHANGE_STATUS;
+enum {
+ CSSM_TP_CERTCHANGE_STATUS_UNKNOWN = 0x0,
+ /* indeterminate */
+ CSSM_TP_CERTCHANGE_OK = 0x1,
+ /* cert state was successfully changed
+ beginning at the specified time */
+ CSSM_TP_CERTCHANGE_OKWITHNEWTIME = 0x2,
+ /* cert state was successfully changed,
+ at a modified effective time */
+ CSSM_TP_CERTCHANGE_WRONGCA = 0x3,
+ /* cert state was not changed, the
+ selected CA is not authorized to
+ change the cert state */
+ CSSM_TP_CERTCHANGE_REJECTED = 0x4,
+ /* cert state was not changed due to some
+ error condition */
+ CSSM_TP_CERTCHANGE_NOT_AUTHORIZED = 0x5
+ /* cert state was not changed, the
+ requester is not authorized to change
+ the cert state */
+};
+
+typedef struct cssm_tp_certchange_output {
+ CSSM_TP_CERTCHANGE_STATUS ActionStatus;
+ CSSM_FIELD RevokeInfo;
+} CSSM_TP_CERTCHANGE_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTCHANGE_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_tp_certverify_input {
+ CSSM_CL_HANDLE CLHandle;
+ CSSM_DATA_PTR Cert;
+ CSSM_TP_VERIFY_CONTEXT_PTR VerifyContext;
+} CSSM_TP_CERTVERIFY_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTVERIFY_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_CERTVERIFY_STATUS;
+enum {
+ CSSM_TP_CERTVERIFY_UNKNOWN = 0x0,
+ CSSM_TP_CERTVERIFY_VALID = 0x1,
+ CSSM_TP_CERTVERIFY_INVALID = 0x2,
+ CSSM_TP_CERTVERIFY_REVOKED = 0x3,
+ CSSM_TP_CERTVERIFY_SUSPENDED = 0x4,
+ CSSM_TP_CERTVERIFY_EXPIRED = 0x5,
+ CSSM_TP_CERTVERIFY_NOT_VALID_YET = 0x6,
+ CSSM_TP_CERTVERIFY_INVALID_AUTHORITY = 0x7,
+ CSSM_TP_CERTVERIFY_INVALID_SIGNATURE = 0x8,
+ CSSM_TP_CERTVERIFY_INVALID_CERT_VALUE = 0x9,
+ CSSM_TP_CERTVERIFY_INVALID_CERTGROUP = 0xA,
+ CSSM_TP_CERTVERIFY_INVALID_POLICY = 0xB,
+ CSSM_TP_CERTVERIFY_INVALID_POLICY_IDS = 0xC,
+ CSSM_TP_CERTVERIFY_INVALID_BASIC_CONSTRAINTS = 0xD,
+ CSSM_TP_CERTVERIFY_INVALID_CRL_DIST_PT = 0xE,
+ CSSM_TP_CERTVERIFY_INVALID_NAME_TREE = 0xF,
+ CSSM_TP_CERTVERIFY_UNKNOWN_CRITICAL_EXT = 0x10
+};
+
+typedef struct cssm_tp_certverify_output {
+ CSSM_TP_CERTVERIFY_STATUS VerifyStatus;
+ uint32 NumberOfEvidence;
+ CSSM_EVIDENCE_PTR Evidence;
+} CSSM_TP_CERTVERIFY_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTVERIFY_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_tp_certnotarize_input {
+ CSSM_CL_HANDLE CLHandle;
+ uint32 NumberOfFields;
+ CSSM_FIELD_PTR MoreFields;
+ CSSM_FIELD_PTR SignScope;
+ uint32 ScopeSize;
+ CSSM_TP_SERVICES MoreServiceRequests;
+ uint32 NumberOfServiceControls;
+ CSSM_FIELD_PTR ServiceControls;
+ CSSM_ACCESS_CREDENTIALS_PTR UserCredentials;
+} CSSM_TP_CERTNOTARIZE_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTNOTARIZE_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_CERTNOTARIZE_STATUS;
+enum {
+ CSSM_TP_CERTNOTARIZE_STATUS_UNKNOWN = 0x0,
+ /* indeterminate */
+ CSSM_TP_CERTNOTARIZE_OK = 0x1,
+ /* cert fields were added and the result was
+ notarized as requested */
+ CSSM_TP_CERTNOTARIZE_OKWITHOUTFIELDS = 0x2,
+ /* non-conflicting cert fields were added,
+ conflicting cert fields were ignored,
+ and the result was notarized as requested */
+ CSSM_TP_CERTNOTARIZE_OKWITHSERVICEMODS = 0x3,
+ /* cert fields were added and the result was
+ notarized as requested, but some requested
+ backend services were not performed by the
+ notary */
+ CSSM_TP_CERTNOTARIZE_REJECTED = 0x4,
+ /* cert was not notarized due to some error
+ condition */
+ CSSM_TP_CERTNOTARIZE_NOT_AUTHORIZED = 0x5
+ /* cert was not notarized, the request was
+ not authorized */
+};
+
+typedef struct cssm_tp_certnotarize_output {
+ CSSM_TP_CERTNOTARIZE_STATUS NotarizeStatus;
+ CSSM_CERTGROUP_PTR NotarizedCertGroup;
+ CSSM_TP_SERVICES PerformedServiceRequests;
+} CSSM_TP_CERTNOTARIZE_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTNOTARIZE_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_tp_certreclaim_input {
+ CSSM_CL_HANDLE CLHandle;
+ uint32 NumberOfSelectionFields;
+ CSSM_FIELD_PTR SelectionFields;
+ CSSM_ACCESS_CREDENTIALS_PTR UserCredentials;
+} CSSM_TP_CERTRECLAIM_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTRECLAIM_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_CERTRECLAIM_STATUS;
+enum {
+ CSSM_TP_CERTRECLAIM_STATUS_UNKNOWN = 0x0,
+ /* indeterminate */
+ CSSM_TP_CERTRECLAIM_OK = 0x1,
+ /* a set of one or more certificates were
+ returned by the CA for local recovery
+ of the associated private key */
+ CSSM_TP_CERTRECLAIM_NOMATCH = 0x2,
+ /* no certificates owned by the requester
+ were found matching the specified
+ selection fields */
+ CSSM_TP_CERTRECLAIM_REJECTED = 0x3,
+ /* certificate reclamation failed due
+ to some error condition */
+ CSSM_TP_CERTRECLAIM_NOT_AUTHORIZED = 0x4
+ /* certificate reclamation was not
+ performed, the request was not
+ authorized */
+};
+
+typedef struct cssm_tp_certreclaim_output {
+ CSSM_TP_CERTRECLAIM_STATUS ReclaimStatus;
+ CSSM_CERTGROUP_PTR ReclaimedCertGroup;
+ CSSM_LONG_HANDLE KeyCacheHandle;
+} CSSM_TP_CERTRECLAIM_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CERTRECLAIM_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_tp_crlissue_input {
+ CSSM_CL_HANDLE CLHandle;
+ uint32 CrlIdentifier;
+ CSSM_TIMESTRING CrlThisTime;
+ CSSM_FIELD_PTR PolicyIdentifier;
+ CSSM_ACCESS_CREDENTIALS_PTR CallerCredentials;
+} CSSM_TP_CRLISSUE_INPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CRLISSUE_INPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_CRLISSUE_STATUS;
+enum {
+ CSSM_TP_CRLISSUE_STATUS_UNKNOWN = 0x0,
+ /* indeterminate */
+ CSSM_TP_CRLISSUE_OK = 0x1,
+ /* a copy of the most current CRL was
+ issued as requested and the time for
+ issuing the next CRL is also returned */
+ CSSM_TP_CRLISSUE_NOT_CURRENT = 0x2,
+ /* either no CRL has been issued since
+ the CRL identified in the request, or
+ it is not time to issue an updated CRL.
+ no CRL has been returned, but the time
+ for issuing the next CRL is included
+ in the results */
+ CSSM_TP_CRLISSUE_INVALID_DOMAIN = 0x3,
+ /* CRL domain was not recognized or was
+ outside the CA jurisdiction, no CRL or
+ time for the next CRL has been
+ returned. */
+ CSSM_TP_CRLISSUE_UNKNOWN_IDENTIFIER = 0x4,
+ /* unrecognized CRL identifier, no CRL or
+ time for the next CRL has been
+ returned. */
+ CSSM_TP_CRLISSUE_REJECTED = 0x5,
+ /* CRL was not issued due to some error
+ condition, no CRL or time for the next
+ CRL has been returned. */
+ CSSM_TP_CRLISSUE_NOT_AUTHORIZED = 0x6
+ /* CRL was not issued, the request was
+ not authorized, no CRL or time for the
+ next CRL has been returned. */
+};
+
+typedef struct cssm_tp_crlissue_output {
+ CSSM_TP_CRLISSUE_STATUS IssueStatus;
+ CSSM_ENCODED_CRL_PTR Crl;
+ CSSM_TIMESTRING CrlNextTime;
+} CSSM_TP_CRLISSUE_OUTPUT DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_TP_CRLISSUE_OUTPUT_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_TP_FORM_TYPE;
+enum {
+ CSSM_TP_FORM_TYPE_GENERIC = 0x0,
+ CSSM_TP_FORM_TYPE_REGISTRATION = 0x1
+};
+
+/* Data Types for Certificate Library Services */
+
+typedef uint32 CSSM_CL_TEMPLATE_TYPE;
+enum {
+ CSSM_CL_TEMPLATE_INTERMEDIATE_CERT = 1,
+ /* for X509 certificates, a fully-formed
+ encoded certificate with empty signature field */
+ CSSM_CL_TEMPLATE_PKIX_CERTTEMPLATE = 2
+ /* as defined in RFC2511, section 5 CertTemplate */
+};
+
+typedef uint32 CSSM_CERT_BUNDLE_TYPE;
+enum {
+ CSSM_CERT_BUNDLE_UNKNOWN = 0x00,
+ CSSM_CERT_BUNDLE_CUSTOM = 0x01,
+ CSSM_CERT_BUNDLE_PKCS7_SIGNED_DATA = 0x02,
+ CSSM_CERT_BUNDLE_PKCS7_SIGNED_ENVELOPED_DATA = 0x03,
+ CSSM_CERT_BUNDLE_PKCS12 = 0x04,
+ CSSM_CERT_BUNDLE_PFX = 0x05,
+ CSSM_CERT_BUNDLE_SPKI_SEQUENCE = 0x06,
+ CSSM_CERT_BUNDLE_PGP_KEYRING = 0x07,
+ CSSM_CERT_BUNDLE_LAST = 0x7FFF,
+ /* Applications wishing to define their own custom certificate
+ bundle type should define and publicly document a uint32
+ value greater than CSSM_CL_CUSTOM_CERT_BUNDLE_TYPE */
+ CSSM_CL_CUSTOM_CERT_BUNDLE_TYPE = 0x8000
+};
+
+typedef uint32 CSSM_CERT_BUNDLE_ENCODING;
+enum {
+ CSSM_CERT_BUNDLE_ENCODING_UNKNOWN = 0x00,
+ CSSM_CERT_BUNDLE_ENCODING_CUSTOM = 0x01,
+ CSSM_CERT_BUNDLE_ENCODING_BER = 0x02,
+ CSSM_CERT_BUNDLE_ENCODING_DER = 0x03,
+ CSSM_CERT_BUNDLE_ENCODING_SEXPR = 0x04,
+ CSSM_CERT_BUNDLE_ENCODING_PGP = 0x05
+};
+
+typedef struct cssm_cert_bundle_header {
+ CSSM_CERT_BUNDLE_TYPE BundleType;
+ CSSM_CERT_BUNDLE_ENCODING BundleEncoding;
+} CSSM_CERT_BUNDLE_HEADER DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CERT_BUNDLE_HEADER_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_cert_bundle {
+ CSSM_CERT_BUNDLE_HEADER BundleHeader;
+ CSSM_DATA Bundle;
+} CSSM_CERT_BUNDLE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_CERT_BUNDLE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+enum {
+ CSSM_FIELDVALUE_COMPLEX_DATA_TYPE = 0xFFFFFFFF
+};
+
+/* Data Types for Data Storage Library Services */
+
+typedef uint32 CSSM_DB_ATTRIBUTE_NAME_FORMAT, *CSSM_DB_ATTRIBUTE_NAME_FORMAT_PTR;
+enum {
+ CSSM_DB_ATTRIBUTE_NAME_AS_STRING = 0,
+ CSSM_DB_ATTRIBUTE_NAME_AS_OID = 1,
+ CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER = 2
+};
+
+typedef uint32 CSSM_DB_ATTRIBUTE_FORMAT, *CSSM_DB_ATTRIBUTE_FORMAT_PTR;
+enum {
+ CSSM_DB_ATTRIBUTE_FORMAT_STRING = 0,
+ CSSM_DB_ATTRIBUTE_FORMAT_SINT32 = 1,
+ CSSM_DB_ATTRIBUTE_FORMAT_UINT32 = 2,
+ CSSM_DB_ATTRIBUTE_FORMAT_BIG_NUM = 3,
+ CSSM_DB_ATTRIBUTE_FORMAT_REAL = 4,
+ CSSM_DB_ATTRIBUTE_FORMAT_TIME_DATE = 5,
+ CSSM_DB_ATTRIBUTE_FORMAT_BLOB = 6,
+ CSSM_DB_ATTRIBUTE_FORMAT_MULTI_UINT32 = 7,
+ CSSM_DB_ATTRIBUTE_FORMAT_COMPLEX = 8
+};
+
+typedef struct cssm_db_attribute_info {
+ CSSM_DB_ATTRIBUTE_NAME_FORMAT AttributeNameFormat;
+ union cssm_db_attribute_label {
+ char *AttributeName; /* e.g., "record label" */
+ CSSM_OID AttributeOID; /* e.g., CSSMOID_RECORDLABEL */
+ uint32 AttributeID; /* e.g., FOUR_CHAR_CODE('recl') */
+ } Label;
+ CSSM_DB_ATTRIBUTE_FORMAT AttributeFormat;
+} CSSM_DB_ATTRIBUTE_INFO, *CSSM_DB_ATTRIBUTE_INFO_PTR;
+
+typedef struct cssm_db_attribute_data {
+ CSSM_DB_ATTRIBUTE_INFO Info;
+ uint32 NumberOfValues;
+ CSSM_DATA_PTR Value;
+} CSSM_DB_ATTRIBUTE_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_ATTRIBUTE_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_DB_RECORDTYPE;
+enum {
+ /* Schema Management Name Space Range Definition*/
+ CSSM_DB_RECORDTYPE_SCHEMA_START = 0x00000000,
+ CSSM_DB_RECORDTYPE_SCHEMA_END = CSSM_DB_RECORDTYPE_SCHEMA_START + 4,
+ /* Open Group Application Name Space Range Definition*/
+ CSSM_DB_RECORDTYPE_OPEN_GROUP_START = 0x0000000A,
+ CSSM_DB_RECORDTYPE_OPEN_GROUP_END = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 8,
+ /* Industry At Large Application Name Space Range Definition */
+ CSSM_DB_RECORDTYPE_APP_DEFINED_START = 0x80000000,
+ CSSM_DB_RECORDTYPE_APP_DEFINED_END = 0xffffffff,
+ /* Record Types defined in the Schema Management Name Space */
+ CSSM_DL_DB_SCHEMA_INFO = CSSM_DB_RECORDTYPE_SCHEMA_START + 0,
+ CSSM_DL_DB_SCHEMA_INDEXES = CSSM_DB_RECORDTYPE_SCHEMA_START + 1,
+ CSSM_DL_DB_SCHEMA_ATTRIBUTES = CSSM_DB_RECORDTYPE_SCHEMA_START + 2,
+ CSSM_DL_DB_SCHEMA_PARSING_MODULE = CSSM_DB_RECORDTYPE_SCHEMA_START + 3,
+ /* Record Types defined in the Open Group Application Name Space */
+ CSSM_DL_DB_RECORD_ANY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 0,
+ CSSM_DL_DB_RECORD_CERT = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 1,
+ CSSM_DL_DB_RECORD_CRL = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 2,
+ CSSM_DL_DB_RECORD_POLICY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 3,
+ CSSM_DL_DB_RECORD_GENERIC = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 4,
+ CSSM_DL_DB_RECORD_PUBLIC_KEY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 5,
+ CSSM_DL_DB_RECORD_PRIVATE_KEY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 6,
+ CSSM_DL_DB_RECORD_SYMMETRIC_KEY = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 7,
+ CSSM_DL_DB_RECORD_ALL_KEYS = CSSM_DB_RECORDTYPE_OPEN_GROUP_START + 8
+};
+
+enum {
+ CSSM_DB_CERT_USE_TRUSTED = 0x00000001, /* application-defined as trusted */
+ CSSM_DB_CERT_USE_SYSTEM = 0x00000002, /* the CSSM system cert */
+ CSSM_DB_CERT_USE_OWNER = 0x00000004, /* private key owned by system user*/
+ CSSM_DB_CERT_USE_REVOKED = 0x00000008, /* revoked cert -15913 used w CRL APIs */
+ CSSM_DB_CERT_USE_SIGNING = 0x00000010, /* use cert for signing only */
+ CSSM_DB_CERT_USE_PRIVACY = 0x00000020 /* use cert for confidentiality only */
+};
+
+typedef struct cssm_db_record_attribute_info {
+ CSSM_DB_RECORDTYPE DataRecordType;
+ uint32 NumberOfAttributes;
+ CSSM_DB_ATTRIBUTE_INFO_PTR AttributeInfo;
+} CSSM_DB_RECORD_ATTRIBUTE_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_RECORD_ATTRIBUTE_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_db_record_attribute_data {
+ CSSM_DB_RECORDTYPE DataRecordType;
+ uint32 SemanticInformation;
+ uint32 NumberOfAttributes;
+ CSSM_DB_ATTRIBUTE_DATA_PTR AttributeData;
+} CSSM_DB_RECORD_ATTRIBUTE_DATA DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_RECORD_ATTRIBUTE_DATA_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_db_parsing_module_info {
+ CSSM_DB_RECORDTYPE RecordType;
+ CSSM_SUBSERVICE_UID ModuleSubserviceUid;
+} CSSM_DB_PARSING_MODULE_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_PARSING_MODULE_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_DB_INDEX_TYPE;
+enum {
+ CSSM_DB_INDEX_UNIQUE = 0,
+ CSSM_DB_INDEX_NONUNIQUE = 1
+};
+
+typedef uint32 CSSM_DB_INDEXED_DATA_LOCATION;
+enum {
+ CSSM_DB_INDEX_ON_UNKNOWN = 0,
+ CSSM_DB_INDEX_ON_ATTRIBUTE = 1,
+ CSSM_DB_INDEX_ON_RECORD = 2
+};
+
+typedef struct cssm_db_index_info {
+ CSSM_DB_INDEX_TYPE IndexType;
+ CSSM_DB_INDEXED_DATA_LOCATION IndexedDataLocation;
+ CSSM_DB_ATTRIBUTE_INFO Info;
+} CSSM_DB_INDEX_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_INDEX_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_db_unique_record {
+ CSSM_DB_INDEX_INFO RecordLocator;
+ CSSM_DATA RecordIdentifier;
+} CSSM_DB_UNIQUE_RECORD DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_UNIQUE_RECORD_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_db_record_index_info {
+ CSSM_DB_RECORDTYPE DataRecordType;
+ uint32 NumberOfIndexes;
+ CSSM_DB_INDEX_INFO_PTR IndexInfo;
+} CSSM_DB_RECORD_INDEX_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_RECORD_INDEX_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_DB_ACCESS_TYPE, *CSSM_DB_ACCESS_TYPE_PTR;
+enum {
+ CSSM_DB_ACCESS_READ = 0x00001,
+ CSSM_DB_ACCESS_WRITE = 0x00002,
+ CSSM_DB_ACCESS_PRIVILEGED = 0x00004 /* versus user mode */
+};
+
+typedef uint32 CSSM_DB_MODIFY_MODE;
+enum {
+ CSSM_DB_MODIFY_ATTRIBUTE_NONE = 0,
+ CSSM_DB_MODIFY_ATTRIBUTE_ADD = CSSM_DB_MODIFY_ATTRIBUTE_NONE + 1,
+ CSSM_DB_MODIFY_ATTRIBUTE_DELETE = CSSM_DB_MODIFY_ATTRIBUTE_NONE + 2,
+ CSSM_DB_MODIFY_ATTRIBUTE_REPLACE = CSSM_DB_MODIFY_ATTRIBUTE_NONE + 3
+};
+
+typedef struct cssm_dbinfo {
+ /* meta information about each record type stored in this
+ data store including meta information about record
+ attributes and indexes */
+ uint32 NumberOfRecordTypes;
+ CSSM_DB_PARSING_MODULE_INFO_PTR DefaultParsingModules;
+ CSSM_DB_RECORD_ATTRIBUTE_INFO_PTR RecordAttributeNames;
+ CSSM_DB_RECORD_INDEX_INFO_PTR RecordIndexes;
+ /* access restrictions for opening this data store */
+ CSSM_BOOL IsLocal;
+ char *AccessPath; /* URL, dir path, etc. */
+ void *Reserved;
+} CSSM_DBINFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DBINFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_DB_OPERATOR, *CSSM_DB_OPERATOR_PTR;
+enum {
+ CSSM_DB_EQUAL = 0,
+ CSSM_DB_NOT_EQUAL = 1,
+ CSSM_DB_LESS_THAN = 2,
+ CSSM_DB_GREATER_THAN = 3,
+ CSSM_DB_CONTAINS = 4,
+ CSSM_DB_CONTAINS_INITIAL_SUBSTRING = 5,
+ CSSM_DB_CONTAINS_FINAL_SUBSTRING = 6
+};
+
+typedef uint32 CSSM_DB_CONJUNCTIVE, *CSSM_DB_CONJUNCTIVE_PTR;
+enum {
+ CSSM_DB_NONE = 0,
+ CSSM_DB_AND = 1,
+ CSSM_DB_OR = 2
+};
+
+typedef struct cssm_selection_predicate {
+ CSSM_DB_OPERATOR DbOperator;
+ CSSM_DB_ATTRIBUTE_DATA Attribute;
+} CSSM_SELECTION_PREDICATE DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_SELECTION_PREDICATE_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+enum {
+ CSSM_QUERY_TIMELIMIT_NONE = 0
+};
+
+enum {
+ CSSM_QUERY_SIZELIMIT_NONE = 0
+};
+
+typedef struct cssm_query_limits {
+ uint32 TimeLimit; /* in seconds */
+ uint32 SizeLimit; /* max. number of records to return */
+} CSSM_QUERY_LIMITS DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_QUERY_LIMITS_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_QUERY_FLAGS;
+enum {
+ CSSM_QUERY_RETURN_DATA = 0x01
+};
+
+typedef struct cssm_query {
+ CSSM_DB_RECORDTYPE RecordType;
+ CSSM_DB_CONJUNCTIVE Conjunctive;
+ uint32 NumSelectionPredicates;
+ CSSM_SELECTION_PREDICATE_PTR SelectionPredicate;
+ CSSM_QUERY_LIMITS QueryLimits;
+ CSSM_QUERY_FLAGS QueryFlags;
+} CSSM_QUERY DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_QUERY_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_DLTYPE, *CSSM_DLTYPE_PTR;
+enum {
+ CSSM_DL_UNKNOWN = 0,
+ CSSM_DL_CUSTOM = 1,
+ CSSM_DL_LDAP = 2,
+ CSSM_DL_ODBC = 3,
+ CSSM_DL_PKCS11 = 4,
+ CSSM_DL_FFS = 5, /* flat file system */
+ CSSM_DL_MEMORY = 6,
+ CSSM_DL_REMOTEDIR = 7
+};
+
+typedef void *CSSM_DL_CUSTOM_ATTRIBUTES;
+typedef void *CSSM_DL_LDAP_ATTRIBUTES;
+typedef void *CSSM_DL_ODBC_ATTRIBUTES;
+typedef void *CSSM_DL_FFS_ATTRIBUTES;
+
+typedef struct cssm_dl_pkcs11_attributes {
+ uint32 DeviceAccessFlags;
+} *CSSM_DL_PKCS11_ATTRIBUTE, *CSSM_DL_PKCS11_ATTRIBUTE_PTR;
+
+enum {
+ CSSM_DB_DATASTORES_UNKNOWN = 0xFFFFFFFF
+};
+
+typedef struct cssm_name_list {
+ uint32 NumStrings;
+ char **String;
+} CSSM_NAME_LIST DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_NAME_LIST_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef uint32 CSSM_DB_RETRIEVAL_MODES;
+enum {
+ CSSM_DB_TRANSACTIONAL_MODE = 0,
+ CSSM_DB_FILESYSTEMSCAN_MODE = 1
+};
+
+typedef struct cssm_db_schema_attribute_info {
+ uint32 AttributeId;
+ char *AttributeName;
+ CSSM_OID AttributeNameID;
+ CSSM_DB_ATTRIBUTE_FORMAT DataType;
+} CSSM_DB_SCHEMA_ATTRIBUTE_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_SCHEMA_ATTRIBUTE_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+typedef struct cssm_db_schema_index_info {
+ uint32 AttributeId;
+ uint32 IndexId;
+ CSSM_DB_INDEX_TYPE IndexType;
+ CSSM_DB_INDEXED_DATA_LOCATION IndexedDataLocation;
+} CSSM_DB_SCHEMA_INDEX_INFO DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER, *CSSM_DB_SCHEMA_INDEX_INFO_PTR DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _CSSMTYPE_H_ */
projects / apple / security.git / blobdiff