X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/fa7225c82381bac4432a6edf16f53b5370238d85..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_smime/lib/SecCMS.h?ds=sidebyside diff --git a/OSX/libsecurity_smime/lib/SecCMS.h b/OSX/libsecurity_smime/lib/SecCMS.h index cb88a9ba..3f6fd394 100644 --- a/OSX/libsecurity_smime/lib/SecCMS.h +++ b/OSX/libsecurity_smime/lib/SecCMS.h @@ -37,12 +37,19 @@ extern const void * kSecCMSAdditionalCerts; extern const void * kSecCMSSignedAttributes; extern const void * kSecCMSSignDate; extern const void * kSecCMSAllCerts; +extern const void * kSecCMSHashAgility; +extern const void * kSecCMSHashAgilityV2; +extern const void * kSecCMSExpirationDate; extern const void * kSecCMSHashingAlgorithmSHA1; extern const void * kSecCMSHashingAlgorithmSHA256; extern const void * kSecCMSHashingAlgorithmSHA384; extern const void * kSecCMSHashingAlgorithmSHA512; +extern const void * kSecCMSBulkEncryptionAlgorithm; +extern const void * kSecCMSEncryptionAlgorithmDESCBC; +extern const void * kSecCMSEncryptionAlgorithmAESCBC; + /* Return an array of certificates contained in message, if message is of the type SignedData and has no signers, return NULL otherwise. Not that if the message is properly formed but has no certificates an empty array will @@ -91,6 +98,35 @@ OSStatus SecCMSVerifySignedData(CFDataRef message, CFDataRef detached_contents, CFTypeRef policy, SecTrustRef *trustref, CFArrayRef additional_certificates, CFDataRef *attached_contents, CFDictionaryRef *message_attributes); +/*! + @function SecCMSSignDataAndAttributes + @abstract create a signed data cms blob. + @param identity signer + @param data message to be signed + @param detached sign detached or not + @param signed_data (output) return signed message. + @param signed_attributes (input/optional) signed attributes to insert + as a CFDictionary from oids (CFData) to value (CFData). + @result A result code. See "Security Error Codes" (SecBase.h). + errSecParam garbage in, garbage out. + */ +OSStatus SecCMSSignDataAndAttributes(SecIdentityRef identity, CFDataRef data, + bool detached, CFMutableDataRef signed_data, CFDictionaryRef signed_attributes); + +/*! + @function SecCMSSignDigestAndAttributes + @abstract create a detached signed data cms blob for a SHA-1 hash. + @param identity signer + @param digest SHA-1 digest of message to be signed + @param signed_data (output) return signed message. + @param signed_attributes (input/optional) signed attributes to insert + as a CFDictionary from oids (CFData) to value (CFData). + @result A result code. See "Security Error Codes" (SecBase.h). + errSecParam garbage in, garbage out. + */ +OSStatus SecCMSSignDigestAndAttributes(SecIdentityRef identity, CFDataRef digest, + CFMutableDataRef signed_data, CFDictionaryRef signed_attributes); + /*! @function SecCMSCreateSignedData @abstract create a signed data cms blob. @@ -107,4 +143,30 @@ OSStatus SecCMSCreateSignedData(SecIdentityRef identity, CFDataRef data, CFDictionaryRef parameters, CFDictionaryRef signed_attributes, CFMutableDataRef signed_data); +/*! + @function SecCMSCreateEnvelopedData + @abstract create a enveloped cms blob for recipients + @param recipient_or_cfarray_thereof SecCertificateRef for each recipient + @param params CFDictionaryRef with encryption parameters + @param data Data to be encrypted + @param enveloped_data (output) return enveloped message. + @result A result code. See "Security Error Codes" (SecBase.h). + errSecParam garbage in, garbage out. + */ +OSStatus SecCMSCreateEnvelopedData(CFTypeRef recipient_or_cfarray_thereof, + CFDictionaryRef params, CFDataRef data, CFMutableDataRef enveloped_data); + + +/*! + @function SecCMSDecryptEnvelopedData + @abstract open an enveloped cms blob. expects recipients identity in keychain. + @param message Eveloped message + @param data (output) return decrypted message. + @param recipient (output/optional) return addressed recipient + @result A result code. See "Security Error Codes" (SecBase.h). + errSecParam garbage in, garbage out. + */ +OSStatus SecCMSDecryptEnvelopedData(CFDataRef message, + CFMutableDataRef data, SecCertificateRef *recipient); + #endif