#ifndef _APPLE_CDSA_H_
#define _APPLE_CDSA_H_ 1
#include "ssl.h"
#include "sslPriv.h"
#include "sslContext.h"
#include <Security/cssmtype.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifndef NDEBUG
extern void stPrintCdsaError(const char *op, CSSM_RETURN crtn);
extern char *stCssmErrToStr(CSSM_RETURN err);
#else
#define stPrintCdsaError(o, cr)
#endif
extern OSStatus sslSetUpSymmKey(
CSSM_KEY_PTR symKey,
CSSM_ALGORITHMS alg,
CSSM_KEYUSE keyUse, CSSM_BOOL copyKey, uint8 *keyData,
uint32 keyDataLen);
extern OSStatus sslFreeKey(CSSM_CSP_HANDLE cspHand,
CSSM_KEY_PTR *key,
#if ST_KC_KEYS_NEED_REF
SecKeychainRef *kcItem);
#else
void *kcItem);
#endif
extern OSStatus attachToCsp(SSLContext *ctx);
extern OSStatus attachToCl(SSLContext *ctx);
extern OSStatus attachToTp(SSLContext *ctx);
extern OSStatus attachToAll(SSLContext *ctx);
extern OSStatus detachFromAll(SSLContext *ctx);
extern CSSM_DATA_PTR stMallocCssmData(uint32 size);
extern void stFreeCssmData(CSSM_DATA_PTR data, CSSM_BOOL freeStruct);
extern OSStatus stSetUpCssmData(CSSM_DATA_PTR data, uint32 length);
extern OSStatus sslPubKeyFromCert(
SSLContext *ctx,
const SSLBuffer &derCert,
CSSM_KEY_PTR *pubKey, CSSM_CSP_HANDLE *cspHand);
extern OSStatus sslVerifyCertChain(
SSLContext *ctx,
const SSLCertificate &certChain,
bool arePeerCerts = true);
OSStatus sslRawSign(
SSLContext *ctx,
SecKeyRef privKeyRef,
const UInt8 *plainText,
UInt32 plainTextLen,
UInt8 *sig, UInt32 sigLen, UInt32 *actualBytes);
OSStatus sslRawVerify(
SSLContext *ctx,
const CSSM_KEY *pubKey,
CSSM_CSP_HANDLE cspHand,
const UInt8 *plainText,
UInt32 plainTextLen,
const UInt8 *sig,
UInt32 sigLen);
OSStatus sslRsaEncrypt(
SSLContext *ctx,
const CSSM_KEY *pubKey,
CSSM_CSP_HANDLE cspHand,
const UInt8 *plainText,
UInt32 plainTextLen,
UInt8 *cipherText, UInt32 cipherTextLen, UInt32 *actualBytes); OSStatus sslRsaDecrypt(
SSLContext *ctx,
SecKeyRef privKeyRef,
const UInt8 *cipherText,
UInt32 cipherTextLen,
UInt8 *plainText, UInt32 plainTextLen, UInt32 *actualBytes);
extern UInt32 sslKeyLengthInBytes(
const CSSM_KEY *key);
extern OSStatus sslGetMaxSigSize(
const CSSM_KEY *privKey,
UInt32 &maxSigSize);
OSStatus sslGetPubKeyBits(
SSLContext *ctx,
const CSSM_KEY *pubKey,
CSSM_CSP_HANDLE cspHand,
SSLBuffer *modulus, SSLBuffer *exponent);
OSStatus sslGetPubKeyFromBits(
SSLContext *ctx,
const SSLBuffer *modulus,
const SSLBuffer *exponent,
CSSM_KEY_PTR *pubKey, CSSM_CSP_HANDLE *cspHand);
CSSM_DATA_PTR sslGetCertSubjectName(
SSLContext *ctx,
const CSSM_DATA_PTR cert);
#if SSL_DEBUG
void verifyTrustedRoots(SSLContext *ctx,
CSSM_DATA_PTR certs,
unsigned numCerts);
#endif
void * stAppMalloc (uint32 size, void *allocRef);
void stAppFree (void *mem_ptr, void *allocRef);
void * stAppRealloc (void *ptr, uint32 size, void *allocRef);
void * stAppCalloc (uint32 num, uint32 size, void *allocRef);
OSStatus sslDhGenKeyPairClient(
SSLContext *ctx,
const SSLBuffer &prime,
const SSLBuffer &generator,
CSSM_KEY_PTR publicKey, CSSM_KEY_PTR privateKey); OSStatus sslDhGenerateKeyPair(
SSLContext *ctx,
const SSLBuffer ¶mBlob,
UInt32 keySizeInBits,
CSSM_KEY_PTR publicKey, CSSM_KEY_PTR privateKey); OSStatus sslDhKeyExchange(
SSLContext *ctx,
uint32 deriveSizeInBits,
SSLBuffer *exchanged);
OSStatus sslVerifyNegotiatedCipher(
SSLContext *ctx);
#define SSLBUF_TO_CSSM(sb, cd) { \
(cd)->Length = (sb)->length; \
(cd)->Data = (sb)->data; \
}
#define CSSM_TO_SSLBUF(cd, sb) { \
(sb)->length = (cd)->Length; \
(sb)->data = (cd)->Data; \
}
#ifdef __cplusplus
}
#endif
#endif