+/*
+ * Copyright (c) 2008-2009,2011-2014,2016 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*!
+ @header SecBasePriv
+ SecBasePriv contains private error codes from the Security framework.
+*/
+
+#ifndef _SECURITY_SECBASEPRIV_H_
+#define _SECURITY_SECBASEPRIV_H_
+
+#include <Security/SecBase.h>
+#include <AvailabilityMacros.h>
+#include <Availability.h>
+
+
+// Macros for allowing use of availability for internal functions without digging for when
+// they first existed.
+// When publishing any API publicly, don't use these.
+#define __SEC_MAC_ONLY_UNKNOWN __OSX_AVAILABLE_STARTING(__MAC_10_12, __IPHONE_NA);
+#define __SEC_IOS_ONLY_UNKNOWN __OSX_AVAILABLE_STARTING(__MAC_NA, __IPHONE_10_0);
+#define __SEC_MAC_AND_IOS_UNKNOWN __OSX_AVAILABLE_STARTING(__MAC_10_12, __IPHONE_10_0);
+
+#if SEC_OS_OSX
+#include <Security/cssmtype.h>
+#endif /* SEC_OS_OSX */
+
+__BEGIN_DECLS
+
+/*******************************************************
+ *** Private OSStatus values unique to Security APIs ***
+ *******************************************************/
+
+/*
+ Note: the comments that appear after these errors are used to create SecErrorMessages.strings.
+ The comments must not be multi-line, and should be in a form meaningful to an end user. If
+ a different or additional comment is needed, it can be put in the header doc format, or on a
+ line that does not start with errZZZ.
+*/
+
+enum
+{
+ errSecInvalidCertificate = errSecDecode, // -26265, /* This certificate could not be decoded. */
+ errSecPolicyDenied = -26270, /* The certificate chain was not trusted due to a policy not accepting it. */
+ errSecInvalidKey = errSecDecode, // -26274, /* The provided key material was not valid. */
+ errSecInternal = -26276, /* An internal error occured in the Security framework. */
+ errSecUnsupportedAlgorithm = errSecUnimplemented, // -26268, /* An unsupported algorithm was encountered. */
+ errSecUnsupportedOperation = errSecUnimplemented, // -26271, /* The operation you requested is not supported by this key. */
+ errSecUnsupportedPadding = errSecParam, // -26273, /* The padding you requested is not supported. */
+ errSecItemInvalidKey = errSecParam, // -34000, /* A string key in dictionary is not one of the supported keys. */
+ errSecItemInvalidKeyType = errSecParam, // -34001, /* A key in a dictionary is neither a CFStringRef nor a CFNumberRef. */
+ errSecItemInvalidValue = errSecParam, // -34002, /* A value in a dictionary is an invalid (or unsupported) CF type. */
+ errSecItemClassMissing = errSecParam, // -34003, /* No kSecItemClass key was specified in a dictionary. */
+ errSecItemMatchUnsupported = errSecParam, // -34004, /* The caller passed one or more kSecMatch keys to a function which does not support matches. */
+ errSecUseItemListUnsupported = errSecParam, // -34005, /* The caller passed in a kSecUseItemList key to a function which does not support it. */
+ errSecUseKeychainUnsupported = errSecParam, // -34006, /* The caller passed in a kSecUseKeychain key to a function which does not support it. */
+ errSecUseKeychainListUnsupported = errSecParam, // -34007, /* The caller passed in a kSecUseKeychainList key to a function which does not support it. */
+ errSecReturnDataUnsupported = errSecParam, // -34008, /* The caller passed in a kSecReturnData key to a function which does not support it. */
+ errSecReturnAttributesUnsupported = errSecParam, // -34009, /* The caller passed in a kSecReturnAttributes key to a function which does not support it. */
+ errSecReturnRefUnsupported = errSecParam, // -34010, /* The caller passed in a kSecReturnRef key to a function which does not support it. */
+ errSecReturnPersistentRefUnsupported = errSecParam, // -34010, /* The caller passed in a kSecReturnPersistentRef key to a function which does not support it. */
+ errSecValueRefUnsupported = errSecParam, // -34012, /* The caller passed in a kSecValueRef key to a function which does not support it. */
+ errSecValuePersistentRefUnsupported = errSecParam, // -34013, /* The caller passed in a kSecValuePersistentRef key to a function which does not support it. */
+ errSecReturnMissingPointer = errSecParam, // -34014, /* The caller passed asked for something to be returned but did not pass in a result pointer. */
+ errSecMatchLimitUnsupported = errSecParam, // -34015, /* The caller passed in a kSecMatchLimit key to a call which does not support limits. */
+ errSecItemIllegalQuery = errSecParam, // -34016, /* The caller passed in a query which contained too many keys. */
+ errSecWaitForCallback = -34017, /* This operation is incomplete, until the callback is invoked (not an error). */
+ errSecMissingEntitlement = -34018, /* Internal error when a required entitlement isn't present. */
+ errSecUpgradePending = -34019, /* Error returned if keychain database needs a schema migration but the device is locked, clients should wait for a device unlock notification and retry the command. */
+
+ errSecMPSignatureInvalid = -25327, /* Signature invalid on MP message */
+ errSecOTRTooOld = -25328, /* Message is too old to use */
+ errSecOTRIDTooNew = -25329, /* Key ID is too new to use! Message from the future? */
+ errSecOTRNotReady = -25331, /* Can't process packets because the session hasn't finished negotiating */
+
+ errSecAuthNeeded = -25330, /* Auth is needed before the requested action can be performed. An array of
+ constraints to be fulfilled is passed inside error.userInfo's 'cons' key. */
+ errSecDeviceIDNeeded = -25332, /* Cannot send IDS messages without having our own IDS ID. */
+ errSecIDSNotRegistered = -25333, /* IDS is not set up or devices are not registered/available within an IDS account. */
+ errSecFailedToSendIDSMessage = -25334, /* Failed to send IDS message. */
+ errSecDeviceIDNoMatch = -25335, /* The provided device ID does not match any device IDs in the ids account. */
+ errSecPeersNotAvailable = -25336, /* No peers in the circle are available/online. */
+};
+
+// Guard for CFNetwork
+#define SECURITY_PROVIDES_INVALIDTRUSTSETTINGS
+
+#if SEC_OS_OSX
+const char *cssmErrorString(CSSM_RETURN error)
+ __SEC_MAC_ONLY_UNKNOWN;
+#endif
+
+OSStatus SecKeychainErrFromOSStatus(OSStatus osStatus)
+ __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_NA);
+
+__END_DECLS
+
+#endif /* !_SECURITY_SECBASEPRIV_H_ */
projects / apple / security.git / blobdiff