#include <Security/SecBase.h>
#include <CoreFoundation/CFURL.h>
class ExecCLITool;
class SFFileVault
{
public:
SFFileVault() {};
~SFFileVault() {};
OSStatus mount(CFStringRef password, CFURLRef certificate, CFURLRef dmgin,
CFURLRef mountpoint,CFStringRef *devicepath);
OSStatus mastermount(CFURLRef dmgin, CFURLRef mountpoint, CFStringRef *devicepath);
OSStatus unmount(CFURLRef mountpoint,CFStringRef devicepath);
OSStatus userChangePassword(CFStringRef password, CFStringRef devicepath);
OSStatus makeMasterPassword(CFStringRef masterPasswordPassword, SecKeychainRef *keychain);
OSStatus create(CFStringRef password, CFURLRef certificate, CFURLRef dmgout,
CFStringRef volumeName, CFStringRef sizeSpec);
Boolean masterPasswordEnabled(SecKeychainRef *keychainRef);
OSStatus changeMasterPasswordPassword(CFStringRef oldPassword,CFStringRef newPassword);
OSStatus getCertificate(CFURLRef *certificate);
private:
CFStringRef extractDevicepath(const ExecCLITool& rt);
const char *getKeychainPath();
const char *getCertificateFileName();
OSStatus writeCertificateFile(CFDataRef certData);
int writeFile(const char *fileName, const unsigned char *bytes, unsigned int numBytes);
static const char * const _defaultMasterKeychainPath;
static const char * const _masterKeychainName ;
};