#ifndef _CSPWRAP_H_
#define _CSPWRAP_H_
#include <Security/cssm.h>
#ifdef __cplusplus
extern "C" {
#endif
#define WRAP_KEY_REQUIRES_CREDS 1
CSSM_CC_HANDLE genCryptHandle(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, uint32 mode, CSSM_PADDING padding, const CSSM_KEY *key0,
const CSSM_KEY *key1, const CSSM_DATA *iv, uint32 effectiveKeySizeInBits, uint32 rounds);
#define CSP_KEY_SIZE_DEFAULT 0
#define CSP_ASC_KEY_SIZE_DEFAULT (16 * 8)
#define CSP_DES_KEY_SIZE_DEFAULT (8 * 8)
#define CSP_DES3_KEY_SIZE_DEFAULT (24 * 8)
#define CSP_RC2_KEY_SIZE_DEFAULT (10 * 8)
#define CSP_RC4_KEY_SIZE_DEFAULT (10 * 8)
#define CSP_RC5_KEY_SIZE_DEFAULT (10 * 8)
#define CSP_AES_KEY_SIZE_DEFAULT 128
#define CSP_BFISH_KEY_SIZE_DEFAULT 128
#define CSP_CAST_KEY_SIZE_DEFAULT 128
#define CSP_IDEA_KEY_SIZE_DEFAULT 128
#define CSP_HMAC_SHA_KEY_SIZE_DEFAULT (20 * 8)
#define CSP_HMAC_MD5_KEY_SIZE_DEFAULT (16 * 8)
#define CSP_NULL_CRYPT_KEY_SIZE_DEF (16 * 8)
#define CSP_FEE_KEY_SIZE_DEFAULT 128
#define CSP_RSA_KEY_SIZE_DEFAULT 1024
#define CSP_DSA_KEY_SIZE_DEFAULT 512
extern CSSM_RETURN cspGenKeyPair(CSSM_CSP_HANDLE cspHand,
uint32 algorithm,
const char *keyLabel,
unsigned keyLabelLen,
uint32 keySizeInBits,
CSSM_KEY_PTR pubKey, CSSM_BOOL pubIsRef, uint32 pubKeyUsage, CSSM_KEYBLOB_FORMAT pubFormat, CSSM_KEY_PTR privKey, CSSM_BOOL privIsRef, uint32 privKeyUsage, CSSM_KEYBLOB_FORMAT privFormat, CSSM_BOOL genSeed);
extern CSSM_RETURN cspGenFEEKeyPair(CSSM_CSP_HANDLE cspHand,
const char *keyLabel,
unsigned keyLabelLen,
uint32 keySize, uint32 primeType, uint32 curveType, CSSM_KEY_PTR pubKey, CSSM_BOOL pubIsRef, uint32 pubKeyUsage, CSSM_KEYBLOB_FORMAT pubFormat, CSSM_KEY_PTR privKey, CSSM_BOOL privIsRef, uint32 privKeyUsage, CSSM_KEYBLOB_FORMAT privFormat, const CSSM_DATA *seedData);
extern CSSM_RETURN cspGenDSAKeyPair(CSSM_CSP_HANDLE cspHand,
const char *keyLabel,
unsigned keyLabelLen,
uint32 keySize, CSSM_KEY_PTR pubKey, CSSM_BOOL pubIsRef, uint32 pubKeyUsage, CSSM_KEYBLOB_FORMAT pubFormat, CSSM_KEY_PTR privKey, CSSM_BOOL privIsRef, uint32 privKeyUsage, CSSM_KEYBLOB_FORMAT privFormat, CSSM_BOOL genParams,
CSSM_DATA_PTR paramData);
extern CSSM_KEY_PTR cspGenSymKey(CSSM_CSP_HANDLE cspHand,
uint32 alg,
const char *keyLabel,
unsigned keyLabelLen,
uint32 keyUsage, uint32 keySizeInBits,
CSSM_BOOL refKey);
CSSM_KEY_PTR cspDeriveKey(CSSM_CSP_HANDLE cspHand,
uint32 deriveAlg, uint32 keyAlg, const char *keyLabel,
unsigned keyLabelLen,
uint32 keyUsage, uint32 keySizeInBits,
CSSM_BOOL isRefKey,
CSSM_DATA_PTR password, CSSM_DATA_PTR salt, uint32 iterationCnt, CSSM_DATA_PTR initVector);
CSSM_RETURN cspEncrypt(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, uint32 mode, CSSM_PADDING padding, const CSSM_KEY *key, const CSSM_KEY *pubKey, uint32 effectiveKeySizeInBits, uint32 rounds, const CSSM_DATA *iv, const CSSM_DATA *ptext,
CSSM_DATA_PTR ctext, CSSM_BOOL mallocCtext);
CSSM_RETURN cspStagedEncrypt(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, uint32 mode, CSSM_PADDING padding, const CSSM_KEY *key, const CSSM_KEY *pubKey, uint32 effectiveKeySizeInBits, uint32 cipherBlockSize, uint32 rounds, const CSSM_DATA *iv, const CSSM_DATA *ptext,
CSSM_DATA_PTR ctext, CSSM_BOOL multiUpdates);
CSSM_RETURN cspDecrypt(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, uint32 mode, CSSM_PADDING padding, const CSSM_KEY *key, const CSSM_KEY *pubKey, uint32 effectiveKeySizeInBits, uint32 rounds, const CSSM_DATA *iv, const CSSM_DATA *ctext,
CSSM_DATA_PTR ptext, CSSM_BOOL mallocPtext);
CSSM_RETURN cspStagedDecrypt(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, uint32 mode, CSSM_PADDING padding, const CSSM_KEY *key, const CSSM_KEY *pubKey, uint32 effectiveKeySizeInBits, uint32 cipherBlockSize, uint32 rounds, const CSSM_DATA *iv, const CSSM_DATA *ctext,
CSSM_DATA_PTR ptext, CSSM_BOOL multiUpdates);
CSSM_RETURN cspSign(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, CSSM_KEY_PTR key, const CSSM_DATA *text,
CSSM_DATA_PTR sig); CSSM_RETURN cspStagedSign(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, CSSM_KEY_PTR key, const CSSM_DATA *text,
CSSM_BOOL multiUpdates, CSSM_DATA_PTR sig); CSSM_RETURN cspSigVerify(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, CSSM_KEY_PTR key, const CSSM_DATA *text,
const CSSM_DATA *sig,
CSSM_RETURN expectResult); CSSM_RETURN cspStagedSigVerify(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, CSSM_KEY_PTR key, const CSSM_DATA *text,
const CSSM_DATA *sig,
CSSM_BOOL multiUpdates, CSSM_RETURN expectResult);
CSSM_RETURN cspGenMac(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, CSSM_KEY_PTR key, const CSSM_DATA *text,
CSSM_DATA_PTR mac); CSSM_RETURN cspStagedGenMac(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, CSSM_KEY_PTR key, const CSSM_DATA *text,
CSSM_BOOL mallocMac, CSSM_BOOL multiUpdates, CSSM_DATA_PTR mac); CSSM_RETURN cspMacVerify(CSSM_CSP_HANDLE cspHand,
uint32 algorithm,
CSSM_KEY_PTR key, const CSSM_DATA *text,
const CSSM_DATA_PTR mac,
CSSM_RETURN expectResult);
CSSM_RETURN cspStagedMacVerify(CSSM_CSP_HANDLE cspHand,
uint32 algorithm,
CSSM_KEY_PTR key, const CSSM_DATA *text,
const CSSM_DATA_PTR mac,
CSSM_BOOL multiUpdates, CSSM_RETURN expectResult);
CSSM_RETURN cspDigest(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, CSSM_BOOL mallocDigest, const CSSM_DATA *text,
CSSM_DATA_PTR digest);
CSSM_RETURN cspStagedDigest(CSSM_CSP_HANDLE cspHand,
uint32 algorithm, CSSM_BOOL mallocDigest, CSSM_BOOL multiUpdates, const CSSM_DATA *text,
CSSM_DATA_PTR digest);
CSSM_RETURN cspFreeKey(CSSM_CSP_HANDLE cspHand,
CSSM_KEY_PTR key);
CSSM_RETURN cspFeeKeyExchange(CSSM_CSP_HANDLE cspHand,
CSSM_KEY_PTR privKey,
CSSM_KEY_PTR pubKey,
CSSM_KEY_PTR derivedKey,
uint32 keyAlg,
const char *keyLabel,
unsigned keyLabelLen,
uint32 keyUsage, uint32 keySizeInBits);
CSSM_RETURN cspWrapKey(CSSM_CSP_HANDLE cspHand,
const CSSM_KEY *unwrappedKey,
const CSSM_KEY *wrappingKey,
CSSM_ALGORITHMS wrapAlg,
CSSM_ENCRYPT_MODE wrapMode,
CSSM_KEYBLOB_FORMAT wrapFormat, CSSM_PADDING wrapPad,
CSSM_DATA_PTR initVector, CSSM_DATA_PTR descrData, CSSM_KEY_PTR wrappedKey); CSSM_RETURN cspUnwrapKey(CSSM_CSP_HANDLE cspHand,
const CSSM_KEY *wrappedKey,
const CSSM_KEY *unwrappingKey,
CSSM_ALGORITHMS unwrapAlg,
CSSM_ENCRYPT_MODE unwrapMode,
CSSM_PADDING unwrapPad,
CSSM_DATA_PTR initVector, CSSM_KEY_PTR unwrappedKey, CSSM_DATA_PTR descrData, const char *keyLabel,
unsigned keyLabelLen);
typedef enum {
OT_Sign,
OT_Encrypt,
OT_KeyExch
} opType;
#define MAX_KEY_SIZE_RC245_BYTES 64
uint32 randKeySizeBits(uint32 alg, opType op);
uint32 cspDefaultKeySize(uint32 alg);
void randFeeKeyParams(
CSSM_ALGORITHMS alg, uint32 *keySizeInBits, uint32 *primeType, uint32 *curveType);
const char *primeTypeStr(uint32 primeType);
const char *curveTypeStr(uint32 curveType);
CSSM_RETURN cspKeyHash(
CSSM_CSP_HANDLE cspHand,
const CSSM_KEY_PTR key,
CSSM_DATA_PTR *hashData);
CSSM_RETURN cspRefKeyToRaw(
CSSM_CSP_HANDLE cspHand,
const CSSM_KEY *refKey,
CSSM_KEY_PTR rawKey);
CSSM_RETURN cspRawKeyToRef(
CSSM_CSP_HANDLE cspHand,
const CSSM_KEY *rawKey,
CSSM_KEY_PTR refKey);
CSSM_RETURN cspGenSymKeyWithBits(
CSSM_CSP_HANDLE cspHand,
CSSM_ALGORITHMS keyAlg,
CSSM_KEYUSE keyUsage,
const CSSM_DATA *keyBits,
unsigned keySizeInBytes,
CSSM_KEY_PTR refKey);
CSSM_RETURN cspAddDlDbToContext(
CSSM_CC_HANDLE ccHand,
CSSM_DL_HANDLE dlHand,
CSSM_DB_HANDLE dbHand);
typedef enum {
CKT_Public = 1,
CKT_Private = 2,
CKT_Session = 3
} CT_KeyType;
CSSM_KEY_PTR cspLookUpKeyByLabel(
CSSM_DL_HANDLE dlHand,
CSSM_DB_HANDLE dbHand,
const CSSM_DATA *labelData,
CT_KeyType keyType);
CSSM_RETURN cspDeleteKey(
CSSM_CSP_HANDLE cspHand, CSSM_DL_HANDLE dlHand, CSSM_DB_HANDLE dbHand, const CSSM_DATA *labelData,
CSSM_KEY_PTR key);
#define CSSM_ALGID_FEECFILE (CSSM_ALGID_VENDOR_DEFINED + 102)
#ifdef __cplusplus
}
#endif
#endif