#include <Security/SecKey.h>
#include <Security/SecItem.h>
#include <security_keychain/KeyItem.h>
#include "SecBridge.h"
#include <security_keychain/Access.h>
#include <security_keychain/Keychains.h>
#include <security_keychain/KeyItem.h>
CFTypeID
SecKeyGetTypeID(void)
{
BEGIN_SECAPI
return gTypes().KeyItem.typeID;
END_SECAPI1(_kCFRuntimeNotATypeID)
}
OSStatus
SecKeyCreatePair(
SecKeychainRef keychainRef,
CSSM_ALGORITHMS algorithm,
uint32 keySizeInBits,
CSSM_CC_HANDLE contextHandle,
CSSM_KEYUSE publicKeyUsage,
uint32 publicKeyAttr,
CSSM_KEYUSE privateKeyUsage,
uint32 privateKeyAttr,
SecAccessRef initialAccess,
SecKeyRef* publicKeyRef,
SecKeyRef* privateKeyRef)
{
BEGIN_SECAPI
Keychain keychain = Keychain::optional(keychainRef);
SecPointer<Access> theAccess(initialAccess ? Access::required(initialAccess) : new Access("<key>"));
SecPointer<KeyItem> pubItem, privItem;
KeyItem::createPair(keychain,
algorithm,
keySizeInBits,
contextHandle,
publicKeyUsage,
publicKeyAttr,
privateKeyUsage,
privateKeyAttr,
theAccess,
pubItem,
privItem);
if (publicKeyRef)
*publicKeyRef = pubItem->handle();
if (privateKeyRef)
*privateKeyRef = privItem->handle();
END_SECAPI
}
OSStatus
SecKeyGetCSSMKey(SecKeyRef key, const CSSM_KEY **cssmKey)
{
BEGIN_SECAPI
Required(cssmKey) = KeyItem::required(key)->key();
END_SECAPI
}
OSStatus
SecKeyGetCSPHandle(SecKeyRef keyRef, CSSM_CSP_HANDLE *cspHandle)
{
BEGIN_SECAPI
SecPointer<KeyItem> keyItem(KeyItem::required(keyRef));
Required(cspHandle) = keyItem->csp()->handle();
END_SECAPI
}
OSStatus
SecKeyGetAlgorithmID(SecKeyRef keyRef, const CSSM_X509_ALGORITHM_IDENTIFIER **algid)
{
BEGIN_SECAPI
SecPointer<KeyItem> keyItem(KeyItem::required(keyRef));
Required(algid) = &keyItem->algorithmIdentifier();
END_SECAPI
}
OSStatus
SecKeyGetStrengthInBits(SecKeyRef keyRef, const CSSM_X509_ALGORITHM_IDENTIFIER *algid, unsigned int *strength)
{
BEGIN_SECAPI
SecPointer<KeyItem> keyItem(KeyItem::required(keyRef));
Required(strength) = keyItem->strengthInBits(algid);
END_SECAPI
}
OSStatus
SecKeyGetCredentials(
SecKeyRef keyRef,
CSSM_ACL_AUTHORIZATION_TAG operation,
SecCredentialType credentialType,
const CSSM_ACCESS_CREDENTIALS **outCredentials)
{
BEGIN_SECAPI
SecPointer<KeyItem> keyItem(KeyItem::required(keyRef));
Required(outCredentials) = keyItem->getCredentials(operation, credentialType);
END_SECAPI
}
OSStatus
SecKeyImportPair(
SecKeychainRef keychainRef,
const CSSM_KEY *publicCssmKey,
const CSSM_KEY *privateCssmKey,
SecAccessRef initialAccess,
SecKeyRef* publicKey,
SecKeyRef* privateKey)
{
BEGIN_SECAPI
Keychain keychain = Keychain::optional(keychainRef);
SecPointer<Access> theAccess(initialAccess ? Access::required(initialAccess) : new Access("<key>"));
SecPointer<KeyItem> pubItem, privItem;
KeyItem::importPair(keychain,
Required(publicCssmKey),
Required(privateCssmKey),
theAccess,
pubItem,
privItem);
if (publicKey)
*publicKey = pubItem->handle();
if (privateKey)
*privateKey = privItem->handle();
END_SECAPI
}
OSStatus
SecKeyGenerate(
SecKeychainRef keychainRef,
CSSM_ALGORITHMS algorithm,
uint32 keySizeInBits,
CSSM_CC_HANDLE contextHandle,
CSSM_KEYUSE keyUsage,
uint32 keyAttr,
SecAccessRef initialAccess,
SecKeyRef* keyRef)
{
BEGIN_SECAPI
Keychain keychain;
SecPointer<Access> theAccess;
if (keychainRef)
keychain = KeychainImpl::required(keychainRef);
if (initialAccess)
theAccess = Access::required(initialAccess);
SecPointer<KeyItem> item = KeyItem::generate(keychain,
algorithm,
keySizeInBits,
contextHandle,
keyUsage,
keyAttr,
theAccess);
if (keyRef)
*keyRef = item->handle();
END_SECAPI
}
SecKeyRef
SecKeyCreate(CFAllocatorRef allocator,
const SecKeyDescriptor *keyClass,
const uint8_t *keyData,
CFIndex keyDataLength,
SecKeyEncoding encoding)
{
SecKeyRef keyRef = NULL;
OSStatus __secapiresult;
try {
__secapiresult=noErr;
}
catch (const MacOSError &err) { __secapiresult=err.osStatus(); }
catch (const CommonError &err) { __secapiresult=SecKeychainErrFromOSStatus(err.osStatus()); }
catch (const std::bad_alloc &) { __secapiresult=memFullErr; }
catch (...) { __secapiresult=internalComponentErr; }
return keyRef;
}
OSStatus
SecKeyCreateWithCSSMKey(const CSSM_KEY *cssmKey,
SecKeyRef *keyRef)
{
BEGIN_SECAPI
Required(cssmKey);
CssmClient::CSP csp(cssmKey->KeyHeader.CspId);
CssmClient::Key key(csp, *cssmKey);
KeyItem *item = new KeyItem(key);
if (keyRef)
*keyRef = item->handle();
END_SECAPI
}
OSStatus
SecKeyGeneratePair(
CFDictionaryRef parameters,
SecKeyRef *publicKey,
SecKeyRef *privateKey)
{
BEGIN_SECAPI
Required(parameters);
CFStringRef ktype = (CFStringRef) CFDictionaryGetValue(parameters, kSecAttrKeyType);
if (ktype) {
if (CFEqual(ktype, kSecAttrKeyTypeRSA)) {
return errSecUnsupportedAlgorithm;
}
}
return errSecUnsupportedAlgorithm;
END_SECAPI
}
OSStatus
SecKeyRawSign(
SecKeyRef key,
SecPadding padding,
const uint8_t *dataToSign,
size_t dataToSignLen,
uint8_t *sig,
size_t *sigLen)
{
BEGIN_SECAPI
Required(key);
return errSecUnsupportedOperation;
END_SECAPI
}
OSStatus
SecKeyRawVerify(
SecKeyRef key,
SecPadding padding,
const uint8_t *signedData,
size_t signedDataLen,
const uint8_t *sig,
size_t sigLen)
{
BEGIN_SECAPI
Required(key);
return errSecUnsupportedOperation;
END_SECAPI
}
OSStatus
SecKeyEncrypt(
SecKeyRef key,
SecPadding padding,
const uint8_t *plainText,
size_t plainTextLen,
uint8_t *cipherText,
size_t *cipherTextLen)
{
BEGIN_SECAPI
Required(key);
return errSecUnsupportedOperation;
END_SECAPI
}
OSStatus
SecKeyDecrypt(
SecKeyRef key,
SecPadding padding,
const uint8_t *cipherText,
size_t cipherTextLen,
uint8_t *plainText,
size_t *plainTextLen)
{
BEGIN_SECAPI
Required(key);
return errSecUnsupportedOperation;
END_SECAPI
}
size_t
SecKeyGetBlockSize(SecKeyRef key)
{
size_t blockSize = 0;
OSStatus __secapiresult;
try {
CSSM_KEY cssmKey = KeyItem::required(key)->key();
blockSize = cssmKey.KeyHeader.LogicalKeySizeInBits;
__secapiresult=noErr;
}
catch (const MacOSError &err) { __secapiresult=err.osStatus(); }
catch (const CommonError &err) { __secapiresult=SecKeychainErrFromOSStatus(err.osStatus()); }
catch (const std::bad_alloc &) { __secapiresult=memFullErr; }
catch (...) { __secapiresult=internalComponentErr; }
return blockSize;
}