extern const void * kSecCMSHashingAlgorithmSHA384;
extern const void * kSecCMSHashingAlgorithmSHA512;
+extern const void * kSecCMSBulkEncryptionAlgorithm;
+extern const void * kSecCMSEncryptionAlgorithmDESCBC;
+extern const void * kSecCMSEncryptionAlgorithmAESCBC;
+
/* Return an array of certificates contained in message, if message is of the
type SignedData and has no signers, return NULL otherwise. Not that if
the message is properly formed but has no certificates an empty array will
CFDictionaryRef parameters, CFDictionaryRef signed_attributes,
CFMutableDataRef signed_data);
+/*!
+ @function SecCMSCreateEnvelopedData
+ @abstract create a enveloped cms blob for recipients
+ @param recipient_or_cfarray_thereof SecCertificateRef for each recipient
+ @param params CFDictionaryRef with encryption parameters
+ @param data Data to be encrypted
+ @param enveloped_data (output) return enveloped message.
+ @result A result code. See "Security Error Codes" (SecBase.h).
+ errSecParam garbage in, garbage out.
+ */
+OSStatus SecCMSCreateEnvelopedData(CFTypeRef recipient_or_cfarray_thereof,
+ CFDictionaryRef params, CFDataRef data, CFMutableDataRef enveloped_data);
+
+
+/*!
+ @function SecCMSDecryptEnvelopedData
+ @abstract open an enveloped cms blob. expects recipients identity in keychain.
+ @param message Eveloped message
+ @param data (output) return decrypted message.
+ @param recipient (output/optional) return addressed recipient
+ @result A result code. See "Security Error Codes" (SecBase.h).
+ errSecParam garbage in, garbage out.
+ */
+OSStatus SecCMSDecryptEnvelopedData(CFDataRef message,
+ CFMutableDataRef data, SecCertificateRef *recipient);
+
#endif
projects / apple / security.git / blobdiff