+++ /dev/null
-/*
- * Copyright (c) 2010 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-/*!
- @header keystore
- The functions provided in keystore.h provide an interface to
- the AppleKeyStore kext.
-*/
-
-#ifndef _SECURITYD_KEYSTORE_H_
-#define _SECURITYD_KEYSTORE_H_
-
-#include <IOKit/IOKitLib.h>
-
-#ifdef __cplusplus
-/*
- * ks objects are NOT C++ objects. Nevertheless, we can at least keep C++
- * aware of type compatibility.
- */
-typedef struct ks_object_s {
-private:
- ks_object_s();
- ~ks_object_s();
- ks_object_s(const ks_object_s &);
- void operator=(const ks_object_s &);
-} *ks_object_t;
-#else
-typedef union {
- struct ks_object_s *_kso;
- struct ks_key_s *_ksk;
- struct ks_buffer_s *_ksb;
- struct ks_stream_s *_kss;
-} ks_object_t __attribute__((transparent_union));
-#endif
-
-#ifdef __cplusplus
-#define KS_DECL(name) typedef struct name##_s : public ks_object_s {} *name##_t;
-#else
-/*! @parseOnly */
-#define KS_DECL(name) typedef struct name##_s *name##_t;
-#endif
-
-KS_DECL(ks_buffer);
-KS_DECL(ks_key);
-KS_DECL(ks_stream);
-
-#if defined(__cplusplus)
-extern "C" {
-#endif
-
-enum {
- KS_KEY_SIZE_128 = 16,
- KS_KEY_SIZE_192 = 24,
- KS_KEY_SIZE_256 = 32,
-};
-
-ks_key_t ks_generate_key(long size);
-void ks_encrypt(ks_key_t key, ks_object_t data_in, ks_object_t data_out);
-void ks_decrypt(ks_key_t key, ks_object_t data_in, ks_object_t data_out);
-
-ks_buffer_t ks_buffer(size_t capacity);
-size_t ks_get_length(ks_buffer_t buffer);
-void ks_set_length(ks_buffer_t buffer, size_t length);
-uint8_t *ks_bytes(ks_buffer_t buffer);
-ks_buffer_t ks_append(size_t capacity);
-
-
-/* TODO: Move to iokitutils or something since this is generic. */
-io_connect_t ks_connect_to_service(const char *className);
-
-io_connect_t ks_get_connect(void);
-
-
-/*!
- @function ks_available
- @abstract Check if the AppleKeyStore.kext is available, you must call
- this function before using any other library function.
- @result true, unless for some reason ks isn't available then false.
- */
-bool ks_available(void);
-
-/*!
- @function ks_free
- @abstract free something allocated by a ks_ function.
- @param ks_object buffer allocated by the
- */
-void ks_free(ks_object_t ks_object);
-
-/*!
- @function ks_unwrap
- @abstract unwrap a key using the specified keyclass.
- @param keybag the keybag handle containing the class key which will be
- doing the wrapping.
- @param keyclass handle for the wrapping key.
- @param bufferSize number of bytes available in array pointed to by buffer
- @param buffer pointer to a buffer.
- @param wrappedKeySize (output) size of the wrappedKey if it had been
- written to buffer.
- @param error (optional) pointer to a CFErrorRef who's value will only be
- changed if it is NULL, in which case the caller is responsible for
- calling CFRelease on it.
- @result Returns pointer to the wrappedKey, or
- NULL if an error occured. Pass in a pointer to a CFErrorRef who's value
- is NULL to obtain an error object.
- @discussion If and only if NULL is passed for the buffer parameter, this
- function will allocate a buffer to which it writes the wrappedKey.
- */
-uint8_t *ks_unwrap(uint64_t keybag, uint64_t keyclass,
- const uint8_t *wrappedKey, size_t wrappedKeySize,
- uint8_t *buffer, size_t bufferSize, size_t *keySize);
-
-/*!
- @function ks_wrap
- @abstract wrap a 128 bit (16 byte), 192 bit (24 byte) or 256 bit (32 byte)
- key using the specified keyclass.
- @param keybag the keybag handle containing the class key which will be
- doing the wrapping.
- @param keyclass handle for the wrapping key.
- @param bufferSize number of bytes available in array pointed to by buffer
- @param buffer pointer to a buffer.
- @param wrappedKeySize (output) size of the wrappedKey if it had been
- written to buffer.
- @param error (optional) pointer to a CFErrorRef who's value will only be
- changed if it is NULL, in which case the caller is responsible for
- calling CFRelease on it.
- @result Returns pointer to the wrappedKey, or
- NULL if an error occured. Pass in a pointer to a CFErrorRef who's value
- is NULL to obtain an error object.
- @discussion If and only if NULL is passed for the buffer parameter, this
- function will allocate a buffer to which it writes the wrappedKey.
- */
-uint8_t *ks_wrap(uint64_t keybag, uint64_t keyclass,
- const uint8_t *key, size_t keyByteSize,
- uint8_t *buffer, size_t bufferSize, size_t *wrappedKeySize);
-
-#if defined(__cplusplus)
-}
-#endif
-
-#endif /* _SECURITYD_KEYSTORE_H_ */
projects / apple / security.git / blobdiff