#ifndef _APPLE_CDSA_H_
#define _APPLE_CDSA_H_ 1
#include "ssl.h"
#include "sslPriv.h"
#include "sslContext.h"
#include <Security/cssmtype.h>
#ifdef __cplusplus
extern "C" {
#endif
extern OSStatus sslSetUpSymmKey(
CSSM_KEY_PTR symKey,
CSSM_ALGORITHMS alg,
CSSM_KEYUSE keyUse, CSSM_BOOL copyKey, uint8 *keyData,
size_t keyDataLen);
extern OSStatus sslFreeKey(CSSM_CSP_HANDLE cspHand,
CSSM_KEY_PTR *key,
#if ST_KC_KEYS_NEED_REF
SecKeychainRef *kcItem);
#else
void *kcItem);
#endif
extern OSStatus attachToCsp(SSLContext *ctx);
extern OSStatus attachToCl(SSLContext *ctx);
extern OSStatus attachToTp(SSLContext *ctx);
extern OSStatus attachToAll(SSLContext *ctx);
extern OSStatus detachFromAll(SSLContext *ctx);
extern CSSM_DATA_PTR stMallocCssmData(size_t size);
extern void stFreeCssmData(CSSM_DATA_PTR data, CSSM_BOOL freeStruct);
extern OSStatus stSetUpCssmData(CSSM_DATA_PTR data, size_t length);
extern OSStatus sslPubKeyFromCert(
SSLContext *ctx,
const SSLBuffer *derCert,
CSSM_KEY_PTR *pubKey, CSSM_CSP_HANDLE *cspHand);
extern OSStatus sslVerifyCertChain(
SSLContext *ctx,
const SSLCertificate *certChain,
bool arePeerCerts);
OSStatus sslRawSign(
SSLContext *ctx,
SecKeyRef privKeyRef,
const UInt8 *plainText,
size_t plainTextLen,
UInt8 *sig, size_t sigLen, size_t *actualBytes);
OSStatus sslRawVerify(
SSLContext *ctx,
const CSSM_KEY *pubKey,
CSSM_CSP_HANDLE cspHand,
const UInt8 *plainText,
size_t plainTextLen,
const UInt8 *sig,
size_t sigLen);
OSStatus sslRsaEncrypt(
SSLContext *ctx,
const CSSM_KEY *pubKey,
CSSM_CSP_HANDLE cspHand,
CSSM_PADDING padding, const UInt8 *plainText,
size_t plainTextLen,
UInt8 *cipherText, size_t cipherTextLen, size_t *actualBytes); OSStatus sslRsaDecrypt(
SSLContext *ctx,
SecKeyRef privKeyRef,
CSSM_PADDING padding, const UInt8 *cipherText,
size_t cipherTextLen,
UInt8 *plainText, size_t plainTextLen, size_t *actualBytes);
extern uint32 sslKeyLengthInBytes(
const CSSM_KEY *key);
extern OSStatus sslGetMaxSigSize(
const CSSM_KEY *privKey,
uint32 *maxSigSize);
OSStatus sslGetPubKeyBits(
SSLContext *ctx,
const CSSM_KEY *pubKey,
CSSM_CSP_HANDLE cspHand,
SSLBuffer *modulus, SSLBuffer *exponent);
OSStatus sslGetPubKeyFromBits(
SSLContext *ctx,
const SSLBuffer *modulus,
const SSLBuffer *exponent,
CSSM_KEY_PTR *pubKey, CSSM_CSP_HANDLE *cspHand);
CSSM_DATA_PTR sslGetCertSubjectName(
SSLContext *ctx,
const CSSM_DATA_PTR cert);
#if SSL_DEBUG
void verifyTrustedRoots(SSLContext *ctx,
CSSM_DATA_PTR certs,
unsigned numCerts);
#endif
void * stAppMalloc (size_t size, void *allocRef);
void stAppFree (void *mem_ptr, void *allocRef);
void * stAppRealloc (void *ptr, size_t size, void *allocRef);
void * stAppCalloc (uint32 num, size_t size, void *allocRef);
OSStatus sslDhGenKeyPairClient(
SSLContext *ctx,
const SSLBuffer *prime,
const SSLBuffer *generator,
CSSM_KEY_PTR publicKey, CSSM_KEY_PTR privateKey); OSStatus sslDhGenerateKeyPair(
SSLContext *ctx,
const SSLBuffer *paramBlob,
uint32 keySizeInBits,
CSSM_KEY_PTR publicKey, CSSM_KEY_PTR privateKey); OSStatus sslDhKeyExchange(
SSLContext *ctx,
uint32 deriveSizeInBits,
SSLBuffer *exchanged);
OSStatus sslEcdhGenerateKeyPair(
SSLContext *ctx,
SSL_ECDSA_NamedCurve namedCurve);
OSStatus sslEcdhKeyExchange(
SSLContext *ctx,
SSLBuffer *exchanged);
OSStatus sslVerifySelectedCipher(
SSLContext *ctx,
const SSLCipherSpec *selectedCipherSpec);
#define SSLBUF_TO_CSSM(sb, cd) { \
(cd)->Length = (sb)->length; \
(cd)->Data = (sb)->data; \
}
#define CSSM_TO_SSLBUF(cd, sb) { \
(sb)->length = (cd)->Length; \
(sb)->data = (cd)->Data; \
}
#ifdef __cplusplus
}
#endif
#endif