X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/libsecurity_ssl/lib/sslCrypto.h diff --git a/libsecurity_ssl/lib/sslCrypto.h b/libsecurity_ssl/lib/sslCrypto.h deleted file mode 100644 index fc4beaf1..00000000 --- a/libsecurity_ssl/lib/sslCrypto.h +++ /dev/null @@ -1,232 +0,0 @@ -/* - * Copyright (c) 2006-2008,2010-2012 Apple Inc. All Rights Reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - -/* - * sslCrypto.h - interface between SSL and crypto libraries - */ - -#ifndef _SSL_CRYPTO_H_ -#define _SSL_CRYPTO_H_ 1 - -#include "ssl.h" -#include "sslContext.h" -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef NDEBUG -extern void stPrintCdsaError(const char *op, OSStatus crtn); -#else -#define stPrintCdsaError(o, cr) -#endif - -/* - * Free a pubKey object. - */ -extern OSStatus sslFreePubKey(SSLPubKey **pubKey); - -/* - * Free a privKey object. - */ -extern OSStatus sslFreePrivKey(SSLPrivKey **privKey); - -extern CFIndex sslPubKeyGetAlgorithmID(SSLPubKey *pubKey); -extern CFIndex sslPrivKeyGetAlgorithmID(SSLPrivKey *privKey); - -/* - * Create a new SecTrust object and return it. - */ -OSStatus -sslCreateSecTrust( - SSLContext *ctx, - CFArrayRef certChain, - bool arePeerCerts, - SecTrustRef *trust); /* RETURNED */ - - -/* - * Verify a cert chain. - */ -extern OSStatus sslVerifyCertChain( - SSLContext *ctx, -#ifdef USE_SSLCERTIFICATE - const SSLCertificate *certChain, -#else /* !USE_SSLCERTIFICATE */ - CFArrayRef certChain, -#endif /* !USE_SSLCERTIFICATE */ - bool arePeerCerts); - -/* - * Get the peer's public key from the certificate chain. - */ -extern OSStatus sslCopyPeerPubKey( - SSLContext *ctx, - SSLPubKey **pubKey); - - -/* - * Raw RSA/DSA sign/verify. - */ -OSStatus sslRawSign( - SSLContext *ctx, - SSLPrivKey *privKey, - const uint8_t *plainText, - size_t plainTextLen, - uint8_t *sig, // mallocd by caller; RETURNED - size_t sigLen, // available - size_t *actualBytes); // RETURNED - -OSStatus sslRawVerify( - SSLContext *ctx, - SSLPubKey *pubKey, - const uint8_t *plainText, - size_t plainTextLen, - const uint8_t *sig, - size_t sigLen); // available - -/* TLS 1.2 style RSA sign */ -OSStatus sslRsaSign( - SSLContext *ctx, - SSLPrivKey *privKey, - const SecAsn1AlgId *algId, - const uint8_t *plainText, - size_t plainTextLen, - uint8_t *sig, // mallocd by caller; RETURNED - size_t sigLen, // available - size_t *actualBytes); // RETURNED - -/* TLS 1.2 style RSA verify */ -OSStatus sslRsaVerify( - SSLContext *ctx, - SSLPubKey *pubKey, - const SecAsn1AlgId *algId, - const uint8_t *plainText, - size_t plainTextLen, - const uint8_t *sig, - size_t sigLen); // available - -/* - * Encrypt/Decrypt - */ -OSStatus sslRsaEncrypt( - SSLContext *ctx, - SSLPubKey *pubKey, -#ifdef USE_CDSA_CRYPTO - CSSM_CSP_HANDLE cspHand, -#endif - const uint32_t padding, - const uint8_t *plainText, - size_t plainTextLen, - uint8_t *cipherText, // mallocd by caller; RETURNED - size_t cipherTextLen, // available - size_t *actualBytes); // RETURNED -OSStatus sslRsaDecrypt( - SSLContext *ctx, - SSLPrivKey *privKey, - const uint32_t padding, - const uint8_t *cipherText, - size_t cipherTextLen, - uint8_t *plainText, // mallocd by caller; RETURNED - size_t plainTextLen, // available - size_t *actualBytes); // RETURNED - -/* - * Obtain size of key in bytes. - */ -extern size_t sslPrivKeyLengthInBytes( - SSLPrivKey *sslKey); - -extern size_t sslPubKeyLengthInBytes( - SSLPubKey *sslKey); - -/* Obtain max signature size in bytes. */ -extern OSStatus sslGetMaxSigSize( - SSLPrivKey *privKey, - size_t *maxSigSize); - -#if 0 -/* - * Get raw key bits from an RSA public key. - */ -OSStatus sslGetPubKeyBits( - SSLContext *ctx, - SSLPubKey *pubKey, - SSLBuffer *modulus, // data mallocd and RETURNED - SSLBuffer *exponent); // data mallocd and RETURNED -#endif - -/* - * Given raw RSA key bits, cook up a SSLPubKey. Used in - * Server-initiated key exchange. - */ -OSStatus sslGetPubKeyFromBits( - SSLContext *ctx, - const SSLBuffer *modulus, - const SSLBuffer *exponent, - SSLPubKey **pubKey); // mallocd and RETURNED - -OSStatus sslVerifySelectedCipher( - SSLContext *ctx); - -#if APPLE_DH -int sslDhGenerateParams(SSLContext *ctx, uint32_t g, size_t prime_size, - SSLBuffer *params, SSLBuffer *generator, SSLBuffer *prime); - -OSStatus sslDhCreateKey(SSLContext *ctx); -OSStatus sslDhGenerateKeyPair(SSLContext *ctx); -OSStatus sslDhKeyExchange(SSLContext *ctx); - -OSStatus sslDecodeDhParams( - const SSLBuffer *blob, /* Input - PKCS-3 encoded */ - SSLBuffer *prime, /* Output - wire format */ - SSLBuffer *generator); /* Output - wire format */ - -OSStatus sslEncodeDhParams( - SSLBuffer *blob, /* data mallocd and RETURNED - PKCS-3 encoded */ - const SSLBuffer *prime, /* Input - wire format */ - const SSLBuffer *generator); /* Input - wire format */ - -#endif /* APPLE_DH */ - -/* - * Given an ECDSA public key in CSSM format, extract the SSL_ECDSA_NamedCurve - * from its algorithm parameters. - */ -OSStatus sslEcdsaPeerCurve( - SSLPubKey *pubKey, - SSL_ECDSA_NamedCurve *namedCurve); -OSStatus sslEcdhGenerateKeyPair( - SSLContext *ctx, - SSL_ECDSA_NamedCurve namedCurve); -OSStatus sslEcdhKeyExchange( - SSLContext *ctx, - SSLBuffer *exchanged); - -#ifdef __cplusplus -} -#endif - - -#endif /* _SSL_CRYPTO_H_ */