security_framework_sys/
cms.rs

1//! Cryptographic Message Syntax support
2
3use std::os::raw::c_void;
4
5use core_foundation_sys::array::CFArrayRef;
6use core_foundation_sys::base::{Boolean, CFTypeID, CFTypeRef, OSStatus};
7use core_foundation_sys::data::CFDataRef;
8use core_foundation_sys::date::CFAbsoluteTime;
9use core_foundation_sys::string::CFStringRef;
10
11use crate::base::SecCertificateRef;
12use crate::trust::SecTrustRef;
13
14pub enum OpaqueCMSEncoderRef {}
15pub type CMSEncoderRef = *mut OpaqueCMSEncoderRef;
16
17pub enum OpaqueCMSDecoderRef {}
18pub type CMSDecoderRef = *mut OpaqueCMSEncoderRef;
19
20#[repr(i32)]
21#[derive(Copy, Clone, Eq, PartialEq, Debug)]
22pub enum CMSSignerStatus {
23    kCMSSignerUnsigned = 0,
24    kCMSSignerValid = 1,
25    kCMSSignerNeedsDetachedContent = 2,
26    kCMSSignerInvalidSignature = 3,
27    kCMSSignerInvalidCert = 4,
28    kCMSSignerInvalidIndex = 5,
29}
30
31pub type CMSSignedAttributes = u32;
32pub const kCMSAttrNone: CMSSignedAttributes = 0x0000;
33pub const kCMSAttrSmimeCapabilities: CMSSignedAttributes = 0x0001;
34pub const kCMSAttrSmimeEncryptionKeyPrefs: CMSSignedAttributes = 0x0002;
35pub const kCMSAttrSmimeMSEncryptionKeyPrefs: CMSSignedAttributes = 0x0004;
36pub const kCMSAttrSigningTime: CMSSignedAttributes = 0x0008;
37pub const kCMSAttrAppleCodesigningHashAgility: CMSSignedAttributes = 0x0010;
38pub const kCMSAttrAppleCodesigningHashAgilityV2: CMSSignedAttributes = 0x0020;
39pub const kCMSAttrAppleExpirationTime: CMSSignedAttributes = 0x0040;
40
41#[repr(i32)]
42#[derive(Copy, Clone, Eq, PartialEq, Debug)]
43pub enum CMSCertificateChainMode {
44    kCMSCertificateNone = 0,
45    kCMSCertificateSignerOnly = 1,
46    kCMSCertificateChain = 2,
47    kCMSCertificateChainWithRoot = 3,
48    kCMSCertificateChainWithRootOrFail = 4,
49}
50
51extern "C" {
52
53    // CMS decoder
54
55    pub fn CMSDecoderGetTypeID() -> CFTypeID;
56
57    pub fn CMSDecoderCreate(output: *mut CMSDecoderRef) -> OSStatus;
58
59    pub fn CMSDecoderUpdateMessage(
60        decoder: CMSDecoderRef,
61        msg_bytes: *const c_void,
62        msg_bytes_len: usize,
63    ) -> OSStatus;
64
65    pub fn CMSDecoderFinalizeMessage(decoder: CMSDecoderRef) -> OSStatus;
66
67    pub fn CMSDecoderSetDetachedContent(
68        decoder: CMSDecoderRef,
69        detached_content: CFDataRef,
70    ) -> OSStatus;
71
72    pub fn CMSDecoderCopyDetachedContent(
73        decoder: CMSDecoderRef,
74        detached_content_out: *mut CFDataRef,
75    ) -> OSStatus;
76
77    pub fn CMSDecoderGetNumSigners(
78        decoder: CMSDecoderRef,
79        num_signers_out: *mut usize,
80    ) -> OSStatus;
81
82    pub fn CMSDecoderCopySignerStatus(
83        decoder: CMSDecoderRef,
84        signer_index: usize,
85        policy_or_array: CFTypeRef,
86        evaluate_sec_trust: Boolean,
87        signer_status_out: *mut CMSSignerStatus,
88        sec_trust_out: *mut SecTrustRef,
89        cert_verify_result_code_out: *mut OSStatus,
90    ) -> OSStatus;
91
92    pub fn CMSDecoderCopySignerEmailAddress(
93        decoder: CMSDecoderRef,
94        signer_index: usize,
95        signer_email_address_out: *mut CFStringRef,
96    ) -> OSStatus;
97
98    pub fn CMSDecoderCopySignerCert(
99        decoder: CMSDecoderRef,
100        signer_index: usize,
101        signer_cert_out: *mut SecCertificateRef,
102    ) -> OSStatus;
103
104    pub fn CMSDecoderIsContentEncrypted(
105        decoder: CMSDecoderRef,
106        is_encrypted_out: *mut Boolean,
107    ) -> OSStatus;
108
109    pub fn CMSDecoderCopyEncapsulatedContentType(
110        decoder: CMSDecoderRef,
111        content_type_out: *mut CFDataRef,
112    ) -> OSStatus;
113
114    pub fn CMSDecoderCopyAllCerts(decoder: CMSDecoderRef, certs_out: *mut CFArrayRef) -> OSStatus;
115
116    pub fn CMSDecoderCopyContent(decoder: CMSDecoderRef, content_out: *mut CFDataRef) -> OSStatus;
117
118    pub fn CMSDecoderCopySignerSigningTime(
119        decoder: CMSDecoderRef,
120        signer_index: usize,
121        sign_time_out: *mut CFAbsoluteTime,
122    ) -> OSStatus;
123
124    pub fn CMSDecoderCopySignerTimestamp(
125        decoder: CMSDecoderRef,
126        signer_index: usize,
127        timestamp: *mut CFAbsoluteTime,
128    ) -> OSStatus;
129
130    pub fn CMSDecoderCopySignerTimestampWithPolicy(
131        decoder: CMSDecoderRef,
132        timestamp_policy: CFTypeRef,
133        signer_index: usize,
134        timestamp: *mut CFAbsoluteTime,
135    ) -> OSStatus;
136
137    pub fn CMSDecoderCopySignerTimestampCertificates(
138        decoder: CMSDecoderRef,
139        signer_index: usize,
140        certificate_refs: *mut CFArrayRef,
141    ) -> OSStatus;
142
143    // CMS encoder
144
145    pub static kCMSEncoderDigestAlgorithmSHA1: CFStringRef;
146    pub static kCMSEncoderDigestAlgorithmSHA256: CFStringRef;
147
148    pub fn CMSEncoderGetTypeID() -> CFTypeID;
149
150    pub fn CMSEncoderCreate(encoder_out: *mut CMSEncoderRef) -> OSStatus;
151
152    pub fn CMSEncoderSetSignerAlgorithm(
153        encoder: CMSEncoderRef,
154        digest_alogrithm: CFStringRef,
155    ) -> OSStatus;
156
157    pub fn CMSEncoderAddSigners(encoder: CMSEncoderRef, signer_or_array: CFTypeRef) -> OSStatus;
158
159    pub fn CMSEncoderCopySigners(encoder: CMSEncoderRef, signers_out: *mut CFArrayRef) -> OSStatus;
160
161    pub fn CMSEncoderAddRecipients(
162        encoder: CMSEncoderRef,
163        recipient_or_array: CFTypeRef,
164    ) -> OSStatus;
165
166    pub fn CMSEncoderCopyRecipients(
167        encoder: CMSEncoderRef,
168        recipients_out: *mut CFArrayRef,
169    ) -> OSStatus;
170
171    pub fn CMSEncoderSetHasDetachedContent(
172        encoder: CMSEncoderRef,
173        detached_content: Boolean,
174    ) -> OSStatus;
175
176    pub fn CMSEncoderGetHasDetachedContent(
177        encoder: CMSEncoderRef,
178        detached_content_out: *mut Boolean,
179    ) -> OSStatus;
180
181    pub fn CMSEncoderSetEncapsulatedContentTypeOID(
182        encoder: CMSEncoderRef,
183        content_type_oid: CFTypeRef,
184    ) -> OSStatus;
185
186    pub fn CMSEncoderCopyEncapsulatedContentType(
187        encoder: CMSEncoderRef,
188        content_type_out: *mut CFDataRef,
189    ) -> OSStatus;
190
191    pub fn CMSEncoderAddSupportingCerts(
192        encoder: CMSEncoderRef,
193        cert_or_array: CFTypeRef,
194    ) -> OSStatus;
195
196    pub fn CMSEncoderCopySupportingCerts(
197        encoder: CMSEncoderRef,
198        certs_out: *mut CFArrayRef,
199    ) -> OSStatus;
200
201    pub fn CMSEncoderAddSignedAttributes(
202        encoder: CMSEncoderRef,
203        signed_attributes: CMSSignedAttributes,
204    ) -> OSStatus;
205
206    pub fn CMSEncoderSetCertificateChainMode(
207        encoder: CMSEncoderRef,
208        chain_mode: CMSCertificateChainMode,
209    ) -> OSStatus;
210
211    pub fn CMSEncoderGetCertificateChainMode(
212        encoder: CMSEncoderRef,
213        chain_mode_out: *mut CMSCertificateChainMode,
214    ) -> OSStatus;
215
216    pub fn CMSEncoderUpdateContent(
217        encoder: CMSEncoderRef,
218        content: *const c_void,
219        content_len: usize,
220    ) -> OSStatus;
221
222    pub fn CMSEncoderCopyEncodedContent(
223        encoder: CMSEncoderRef,
224        encoded_content_out: *mut CFDataRef,
225    ) -> OSStatus;
226
227    pub fn CMSEncodeContent(
228        signers: CFTypeRef,
229        recipients: CFTypeRef,
230        content_type_oid: CFTypeRef,
231        detached_content: Boolean,
232        signed_attributes: CMSSignedAttributes,
233        content: *const c_void,
234        content_len: usize,
235        encoded_content_out: *mut CFDataRef,
236    ) -> OSStatus;
237
238    pub fn CMSEncoderCopySignerTimestamp(
239        encoder: CMSEncoderRef,
240        signer_index: usize,
241        timestamp: *mut CFAbsoluteTime,
242    ) -> OSStatus;
243
244    pub fn CMSEncoderCopySignerTimestampWithPolicy(
245        encoder: CMSEncoderRef,
246        timestamp_policy: CFTypeRef,
247        signer_index: usize,
248        timestamp: *mut CFAbsoluteTime,
249    ) -> OSStatus;
250}