X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_cms/lib/CMSPrivate.h diff --git a/OSX/libsecurity_cms/lib/CMSPrivate.h b/OSX/libsecurity_cms/lib/CMSPrivate.h index 3b90d51a..d951d912 100644 --- a/OSX/libsecurity_cms/lib/CMSPrivate.h +++ b/OSX/libsecurity_cms/lib/CMSPrivate.h @@ -32,6 +32,7 @@ #include #include #include +#include #ifdef __cplusplus extern "C" { @@ -82,6 +83,35 @@ OSStatus CMSEncoderSetSigningTime( CMSEncoderRef cmsEncoder, CFAbsoluteTime time); +/* + * Set the hash agility attribute for a CMSEncoder. + * This is only used if the kCMSAttrAppleCodesigningHashAgility attribute + * is included. + */ +OSStatus CMSEncoderSetAppleCodesigningHashAgility( + CMSEncoderRef cmsEncoder, + CFDataRef hashAgilityAttrValue); + +/* + * Set the hash agility attribute for a CMSEncoder. + * This is only used if the kCMSAttrAppleCodesigningHashAgilityV2 attribute + * is included. V2 encodes the hash agility values using DER. + * The dictionary should have CFNumberRef keys, corresponding to SECOidTags + * (from SecCmsBase.h) for digest algorithms, and CFDataRef values, + * corresponding to the digest value for that digest algorithm. + */ +OSStatus CMSEncoderSetAppleCodesigningHashAgilityV2( + CMSEncoderRef cmsEncoder, + CFDictionaryRef hashAgilityV2AttrValues); + +/* + * Set the expiration time for a CMSEncoder. + * This is only used if the kCMSAttrAppleExpirationTime attribute is included. + */ +OSStatus CMSEncoderSetAppleExpirationTime( + CMSEncoderRef cmsEncoder, + CFAbsoluteTime time); + void CmsMessageSetTSAContext(CMSEncoderRef cmsEncoder, CFTypeRef tsaContext); @@ -123,6 +153,48 @@ OSStatus CMSDecoderSetDecoder( OSStatus CMSDecoderGetDecoder( CMSDecoderRef cmsDecoder, SecCmsDecoderRef *decoder); /* RETURNED */ + +/* + * Obtain the Hash Agility attribute value of signer 'signerIndex' + * of a CMS message, if present. + * + * Returns errSecParam if the CMS message was not signed or if signerIndex + * is greater than the number of signers of the message minus one. + * + * This cannot be called until after CMSDecoderFinalizeMessage() is called. + */ +OSStatus CMSDecoderCopySignerAppleCodesigningHashAgility( + CMSDecoderRef cmsDecoder, + size_t signerIndex, /* usually 0 */ + CFDataRef CF_RETURNS_RETAINED *hashAgilityAttrValue); /* RETURNED */ + +/* + * Obtain the Hash Agility v2 attribute value of signer 'signerIndex' + * of a CMS message, if present. V2 encodes the hash agility values using DER. + * + * Returns errSecParam if the CMS message was not signed or if signerIndex + * is greater than the number of signers of the message minus one. + * + * This cannot be called until after CMSDecoderFinalizeMessage() is called. + */ +OSStatus CMSDecoderCopySignerAppleCodesigningHashAgilityV2( + CMSDecoderRef cmsDecoder, + size_t signerIndex, /* usually 0 */ + CFDictionaryRef CF_RETURNS_RETAINED * hashAgilityAttrValues); /* RETURNED */ + +/* + * Obtain the expiration time of signer 'signerIndex' of a CMS message, if + * present. This is part of the signed attributes of the message. + * + * Returns errSecParam if the CMS message was not signed or if signerIndex + * is greater than the number of signers of the message minus one. + * + * This cannot be called until after CMSDecoderFinalizeMessage() is called. + */ +OSStatus CMSDecoderCopySignerAppleExpirationTime( + CMSDecoderRef cmsDecoder, + size_t signerIndex, + CFAbsoluteTime *expirationTime); /* RETURNED */ #ifdef __cplusplus }