[CalendarServer-changes] [15436] OSXFrameworks/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Mon Jan 11 13:19:50 PST 2016
Revision: 15436
http://trac.calendarserver.org//changeset/15436
Author: cdaboo at apple.com
Date: 2016-01-11 13:19:50 -0800 (Mon, 11 Jan 2016)
Log Message:
-----------
Add more APIs for Security CMS processing.
Modified Paths:
--------------
OSXFrameworks/trunk/osx/_corefoundation_cffi_build.py
OSXFrameworks/trunk/osx/corefoundation.py
OSXFrameworks/trunk/osx/frameworks/__init__.py
OSXFrameworks/trunk/osx/frameworks/_security_cffi.py
Added Paths:
-----------
OSXFrameworks/trunk/osx/frameworks/_security_cms_cffi.py
Property Changed:
----------------
OSXFrameworks/trunk/
Property changes on: OSXFrameworks/trunk
___________________________________________________________________
Modified: svn:ignore
- .project
.pydevproject
+ .project
.pydevproject
build
Modified: OSXFrameworks/trunk/osx/_corefoundation_cffi_build.py
===================================================================
--- OSXFrameworks/trunk/osx/_corefoundation_cffi_build.py 2016-01-11 18:42:25 UTC (rev 15435)
+++ OSXFrameworks/trunk/osx/_corefoundation_cffi_build.py 2016-01-11 21:19:50 UTC (rev 15436)
@@ -23,6 +23,7 @@
"_corefoundation_cffi",
"_opendirectory_cffi",
"_security_cffi",
+ "_security_cms_cffi",
"_utils_cffi",
)]
Modified: OSXFrameworks/trunk/osx/corefoundation.py
===================================================================
--- OSXFrameworks/trunk/osx/corefoundation.py 2016-01-11 18:42:25 UTC (rev 15435)
+++ OSXFrameworks/trunk/osx/corefoundation.py 2016-01-11 21:19:50 UTC (rev 15436)
@@ -254,7 +254,7 @@
def count(self):
"""
- The number of items in the wrapped CFArrayRef.
+ The length of the data in the CFDataRef.
@return: the count
@rtype: L{int}
Modified: OSXFrameworks/trunk/osx/frameworks/__init__.py
===================================================================
--- OSXFrameworks/trunk/osx/frameworks/__init__.py 2016-01-11 18:42:25 UTC (rev 15435)
+++ OSXFrameworks/trunk/osx/frameworks/__init__.py 2016-01-11 21:19:50 UTC (rev 15436)
@@ -18,5 +18,6 @@
"_corefoundation_cffi",
"_opendirectory_cffi",
"_security_cffi",
+ "_security_cms_cffi",
"_utils_cffi",
]
Modified: OSXFrameworks/trunk/osx/frameworks/_security_cffi.py
===================================================================
--- OSXFrameworks/trunk/osx/frameworks/_security_cffi.py 2016-01-11 18:42:25 UTC (rev 15435)
+++ OSXFrameworks/trunk/osx/frameworks/_security_cffi.py 2016-01-11 21:19:50 UTC (rev 15436)
@@ -28,6 +28,7 @@
typedef struct OpaqueSecCertificateRef *SecCertificateRef;
typedef struct OpaqueSecIdentityRef *SecIdentityRef;
typedef struct OpaqueSecKeychainRef *SecKeychainRef;
+typedef struct OpaqueSecPolicyRef *SecPolicyRef;
// SecImportExport.h
typedef enum
@@ -102,6 +103,9 @@
typedef OSStatus (*SSLReadFunc) ( SSLConnectionRef connection, void *data, size_t *dataLength );
typedef OSStatus (*SSLWriteFunc) ( SSLConnectionRef connection, const void *data, size_t *dataLength );
+
+// SecTrust.h
+typedef struct __SecTrust *SecTrustRef;
"""
CONSTANTS = """
@@ -406,6 +410,11 @@
// SecKeychain.h
OSStatus SecKeychainSetUserInteractionAllowed ( Boolean state );
+// SecPolicy.h
+SecPolicyRef SecPolicyCreateBasicX509(void);
+SecPolicyRef SecPolicyCreateSSL(Boolean server, CFStringRef hostname);
+
+
// SecTransform.h
SecTransformRef SecSignTransformCreate( SecKeyRef key, CFErrorRef *error ) ;
Boolean SecTransformSetAttribute(SecTransformRef transformRef,
Added: OSXFrameworks/trunk/osx/frameworks/_security_cms_cffi.py
===================================================================
--- OSXFrameworks/trunk/osx/frameworks/_security_cms_cffi.py (rev 0)
+++ OSXFrameworks/trunk/osx/frameworks/_security_cms_cffi.py 2016-01-11 21:19:50 UTC (rev 15436)
@@ -0,0 +1,163 @@
+##
+# Copyright (c) 2016 Apple Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+
+
+INCLUDES = """
+#include <Security/Security.h>
+"""
+
+EXTRA_LINKS = []
+
+TYPES = """
+
+// CMSDecoder.h
+typedef struct _CMSDecoder *CMSDecoderRef;
+
+typedef enum
+{
+ kCMSSignerUnsigned = 0, /* message was not signed */
+ kCMSSignerValid, /* message was signed and signature verify OK */
+ kCMSSignerNeedsDetachedContent, /* message was signed but needs detached content
+ * to verify */
+ kCMSSignerInvalidSignature, /* message was signed but had a signature error */
+ kCMSSignerInvalidCert, /* message was signed but an error occurred in verifying
+ * the signer's certificate */
+ kCMSSignerInvalidIndex /* specified signer index out of range */
+} CMSSignerStatus;
+
+// CMSEncoder.h
+typedef struct _CMSEncoder *CMSEncoderRef;
+
+typedef enum {
+ kCMSAttrNone = 0x0000,
+ /*
+ * S/MIME Capabilities - identifies supported signature, encryption, and
+ * digest algorithms.
+ */
+ kCMSAttrSmimeCapabilities = 0x0001,
+ /*
+ * Indicates that a cert is the preferred cert for S/MIME encryption.
+ */
+ kCMSAttrSmimeEncryptionKeyPrefs = 0x0002,
+ /*
+ * Same as kCMSSmimeEncryptionKeyPrefs, using an attribute OID preferred
+ * by Microsoft.
+ */
+ kCMSAttrSmimeMSEncryptionKeyPrefs = 0x0004,
+ /*
+ * Include the signing time.
+ */
+ kCMSAttrSigningTime = 0x0008
+} CMSSignedAttributes;
+
+typedef enum {
+ kCMSCertificateNone = 0, /* don't include any certificates */
+ kCMSCertificateSignerOnly, /* only include signer certificate(s) */
+ kCMSCertificateChain, /* signer certificate chain up to but not
+ * including root certiticate */
+ kCMSCertificateChainWithRoot /* signer certificate chain including root */
+} CMSCertificateChainMode;
+"""
+
+CONSTANTS = """
+// CMSEncoder.h
+extern const CFStringRef kCMSEncoderDigestAlgorithmSHA1;
+extern const CFStringRef kCMSEncoderDigestAlgorithmSHA256;
+"""
+
+FUNCTIONS = """
+
+// CMSDecoder.h
+CFTypeID CMSDecoderGetTypeID(void);
+
+OSStatus CMSDecoderCreate(CMSDecoderRef *cmsDecoderOut);
+OSStatus CMSDecoderUpdateMessage(
+ CMSDecoderRef cmsDecoder,
+ const void *msgBytes,
+ size_t msgBytesLen);
+OSStatus CMSDecoderFinalizeMessage(
+ CMSDecoderRef cmsDecoder);
+
+OSStatus CMSDecoderGetNumSigners(
+ CMSDecoderRef cmsDecoder,
+ size_t *numSignersOut);
+OSStatus CMSDecoderCopySignerStatus(
+ CMSDecoderRef cmsDecoder,
+ size_t signerIndex,
+ CFTypeRef policyOrArray,
+ Boolean evaluateSecTrust,
+ CMSSignerStatus *signerStatusOut,
+ SecTrustRef *secTrustOut,
+ OSStatus *certVerifyResultCodeOut);
+OSStatus CMSDecoderCopySignerCert(
+ CMSDecoderRef cmsDecoder,
+ size_t signerIndex,
+ SecCertificateRef *signerCertOut);
+
+OSStatus CMSDecoderIsContentEncrypted(
+ CMSDecoderRef cmsDecoder,
+ Boolean *isEncryptedOut);
+OSStatus CMSDecoderCopyEncapsulatedContentType(
+ CMSDecoderRef cmsDecoder,
+ CFDataRef *eContentTypeOut);
+OSStatus CMSDecoderCopyContent(
+ CMSDecoderRef cmsDecoder,
+ CFDataRef *contentOut);
+
+// CMSEncoder.h
+CFTypeID CMSEncoderGetTypeID(void);
+
+OSStatus CMSEncoderCreate(CMSEncoderRef * cmsEncoderOut);
+OSStatus CMSEncoderSetSignerAlgorithm(
+ CMSEncoderRef cmsEncoder,
+ CFStringRef digestAlgorithm);
+OSStatus CMSEncoderAddSigners(
+ CMSEncoderRef cmsEncoder,
+ CFTypeRef signerOrArray);
+OSStatus CMSEncoderAddRecipients(
+ CMSEncoderRef cmsEncoder,
+ CFTypeRef recipientOrArray);
+OSStatus CMSEncoderSetEncapsulatedContentTypeOID(
+ CMSEncoderRef cmsEncoder,
+ CFTypeRef eContentTypeOID);
+
+OSStatus CMSEncoderAddSignedAttributes(
+ CMSEncoderRef cmsEncoder,
+ CMSSignedAttributes signedAttributes);
+OSStatus CMSEncoderSetCertificateChainMode(
+ CMSEncoderRef cmsEncoder,
+ CMSCertificateChainMode chainMode);
+
+OSStatus CMSEncoderUpdateContent(
+ CMSEncoderRef cmsEncoder,
+ const void *content,
+ size_t contentLen);
+
+OSStatus CMSEncoderCopyEncodedContent(
+ CMSEncoderRef cmsEncoder,
+ CFDataRef *encodedContentOut);
+
+OSStatus CMSEncodeContent(
+ CFTypeRef signers,
+ CFTypeRef recipients,
+ CFTypeRef eContentTypeOID,
+ Boolean detachedContent,
+ CMSSignedAttributes signedAttributes,
+ const void *content,
+ size_t contentLen,
+ CFDataRef *encodedContentOut);
+
+"""
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20160111/d9a6f1dd/attachment.html>
More information about the calendarserver-changes
mailing list