X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_smime/lib/SecCmsSignerInfo.h?ds=sidebyside diff --git a/OSX/libsecurity_smime/lib/SecCmsSignerInfo.h b/OSX/libsecurity_smime/lib/SecCmsSignerInfo.h index ebacbf12..da7117e9 100644 --- a/OSX/libsecurity_smime/lib/SecCmsSignerInfo.h +++ b/OSX/libsecurity_smime/lib/SecCmsSignerInfo.h @@ -38,6 +38,7 @@ #include #include +#include #if defined(__cplusplus) @@ -54,7 +55,7 @@ SecCmsSignerInfoCreate(SecCmsMessageRef cmsg, SecIdentityRef identity, SECOidTag @function */ extern SecCmsSignerInfoRef -SecCmsSignerInfoCreateWithSubjKeyID(SecCmsMessageRef cmsg, CSSM_DATA_PTR subjKeyID, SecPublicKeyRef pubKey, SecPrivateKeyRef signingKey, SECOidTag digestalgtag); +SecCmsSignerInfoCreateWithSubjKeyID(SecCmsMessageRef cmsg, CSSM_DATA_PTR subjKeyID, SecPublicKeyRef pubKey, SecPrivateKeyRef signingKey, SECOidTag digestalgtag) DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER; /*! @function @@ -85,7 +86,7 @@ SecCmsSignerInfoVerifyUnAuthAttrsWithPolicy(SecCmsSignerInfoRef signerinfo,CFTyp @function */ extern CSSM_DATA * -SecCmsSignerInfoGetEncDigest(SecCmsSignerInfoRef signerinfo); +SecCmsSignerInfoGetEncDigest(SecCmsSignerInfoRef signerinfo) DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER; /*! @function @@ -111,6 +112,12 @@ SecCmsSignerInfoGetCertList(SecCmsSignerInfoRef signerinfo); extern CFArrayRef SecCmsSignerInfoGetTimestampCertList(SecCmsSignerInfoRef signerinfo); +/*! + @function + */ +extern SecCertificateRef +SecCmsSignerInfoGetTimestampSigningCert(SecCmsSignerInfoRef signerinfo); + /*! @function @abstract Return the signing time, in UTCTime format, of a CMS signerInfo. @@ -141,6 +148,37 @@ SecCmsSignerInfoGetTimestampTime(SecCmsSignerInfoRef sinfo, CFAbsoluteTime *stim OSStatus SecCmsSignerInfoGetTimestampTimeWithPolicy(SecCmsSignerInfoRef sinfo, CFTypeRef timeStampPolicy, CFAbsoluteTime *stime); +/*! + @function + @abstract Return the data in the signed Codesigning Hash Agility attribute. + @param sinfo SignerInfo data for this signer, pointer to a CFDataRef for attribute value + @discussion Returns a CFDataRef containing the value of the attribute + @result A return value of SECFailure is an error. + */ +OSStatus +SecCmsSignerInfoGetAppleCodesigningHashAgility(SecCmsSignerInfoRef sinfo, CFDataRef *sdata); + +/*! + @function + @abstract Return the data in the signed Codesigning Hash Agility V2 attribute. + @param sinfo SignerInfo data for this signer, pointer to a CFDictionaryRef for attribute values + @discussion Returns a CFDictionaryRef containing the values of the attribute. V2 encodes the hash + agility values using DER. + @result A return value of SECFailure is an error. + */ +extern OSStatus +SecCmsSignerInfoGetAppleCodesigningHashAgilityV2(SecCmsSignerInfoRef sinfo, CFDictionaryRef *sdict); + +/*! + @function SecCmsSignerInfoGetAppleExpirationTime + @abstract Return the expriation time, in CFAbsoluteTime, of a CMS signerInfo. + @param sinfo SignerInfo data for this signer. + @discussion Returns a CFAbsoluteTime + @result A return value of SECFailure is an error. + */ +extern OSStatus +SecCmsSignerInfoGetAppleExpirationTime(SecCmsSignerInfoRef sinfo, CFAbsoluteTime *etime); + /*! @function @abstract Return the signing cert of a CMS signerInfo. @@ -213,7 +251,7 @@ SecCmsSignerInfoAddMSSMIMEEncKeyPrefs(SecCmsSignerInfoRef signerinfo, SecCertifi @abstract Create a timestamp unsigned attribute with a TimeStampToken. */ OSStatus -SecCmsSignerInfoAddTimeStamp(SecCmsSignerInfoRef signerinfo, CSSM_DATA *tstoken); +SecCmsSignerInfoAddTimeStamp(SecCmsSignerInfoRef signerinfo, CSSM_DATA *tstoken) DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER; /*! @function @@ -223,6 +261,34 @@ extern OSStatus SecCmsSignerInfoAddCounterSignature(SecCmsSignerInfoRef signerinfo, SECOidTag digestalg, SecIdentityRef identity); +/*! + @function + @abstract Add the Apple Codesigning Hash Agility attribute to the authenticated (i.e. signed) attributes of "signerinfo". + @discussion This is expected to be included in outgoing Apple code signatures. + */ + OSStatus + SecCmsSignerInfoAddAppleCodesigningHashAgility(SecCmsSignerInfoRef signerinfo, CFDataRef attrValue); + +/*! + @function + @abstract Add the Apple Codesigning Hash Agility V2 attribute to the authenticated (i.e. signed) attributes of "signerinfo". + @discussion This is expected to be included in outgoing Apple code signatures. V2 encodes the hash agility values using DER. + The dictionary should have CFNumberRef keys, corresponding to SECOidTags for digest algorithms, and CFDataRef values, + corresponding to the digest value for that digest algorithm. + */ +OSStatus +SecCmsSignerInfoAddAppleCodesigningHashAgilityV2(SecCmsSignerInfoRef signerinfo, CFDictionaryRef attrValues); + +/*! + @function SecCmsSignerInfoAddAppleExpirationTime + @abstract Add the expiration time to the authenticated (i.e. signed) attributes of "signerinfo". + @discussion This is expected to be included in outgoing signed messages for Asset Receipts but is likely + useful in other situations. This should only be added once; a second call will do nothing. + @result A result of SECFailure indicates an error adding the attribute. + */ +extern OSStatus +SecCmsSignerInfoAddAppleExpirationTime(SecCmsSignerInfoRef signerinfo, CFAbsoluteTime t); + /*! @function @abstract The following needs to be done in the S/MIME layer code after signature of a signerinfo has been verified. @@ -256,6 +322,15 @@ SecCmsUtilVerificationStatusToString(SecCmsVerificationStatus vs); #define kMSCompatibilityDomain "com.apple.security.smime" #define kMSCompatibilityMode CFSTR("MSCompatibilityMode") +/*! + @function SecCmsSignerInfoCopyCertFromEncryptionKeyPreference + @abstract Copy the certificate specified in the encryption key preference. + @param signerinfo The SecCmsSignerInfo object for which we verified the signature. + @result The preferred encryption certificate of the user who signed this message, if found. + @discussion This function should be called after the signer info has been verified. + */ +SecCertificateRef SecCmsSignerInfoCopyCertFromEncryptionKeyPreference(SecCmsSignerInfoRef signerinfo); + #if defined(__cplusplus) } #endif