CFDataRef SecFDERecoveryUnwrapCRSKWithPrivKey(SecKeychainRef keychain, const FVPrivateKeyHeader *inHeader) { CFDataRef result = NULL; OSStatus __secapiresult = 0; try { result = decodePrivateKeyHeader(keychain, Required(inHeader)); } catch (const MacOSError &err) { __secapiresult=err.osStatus(); } catch (const CommonError &err) { __secapiresult=SecKeychainErrFromOSStatus(err.osStatus()); } catch (const std::bad_alloc &) { __secapiresult=errSecAllocate; } catch (...) { __secapiresult=errSecInternalComponent; } secinfo("FDERecovery", "SecFDERecoveryUnwrapCRSKWithPrivKey: %d", (int)__secapiresult); return result; }
/* new in 10.6 */ size_t SecKeyGetBlockSize(SecKeyRef key) { size_t blockSize = 0; OSStatus __secapiresult; try { CSSM_KEY cssmKey = KeyItem::required(key)->key(); blockSize = cssmKey.KeyHeader.LogicalKeySizeInBits; __secapiresult=noErr; } catch (const MacOSError &err) { __secapiresult=err.osStatus(); } catch (const CommonError &err) { __secapiresult=SecKeychainErrFromOSStatus(err.osStatus()); } catch (const std::bad_alloc &) { __secapiresult=memFullErr; } catch (...) { __secapiresult=internalComponentErr; } return blockSize; }
/* Create a key from supplied data and parameters */ SecKeyRef SecKeyCreate(CFAllocatorRef allocator, const SecKeyDescriptor *keyClass, const uint8_t *keyData, CFIndex keyDataLength, SecKeyEncoding encoding) { SecKeyRef keyRef = NULL; OSStatus __secapiresult; try { //FIXME: needs implementation __secapiresult=noErr; } catch (const MacOSError &err) { __secapiresult=err.osStatus(); } catch (const CommonError &err) { __secapiresult=SecKeychainErrFromOSStatus(err.osStatus()); } catch (const std::bad_alloc &) { __secapiresult=memFullErr; } catch (...) { __secapiresult=internalComponentErr; } return keyRef; }
SecIdentityRef SecIdentityCreate( CFAllocatorRef allocator, SecCertificateRef certificate, SecKeyRef privateKey) { SecIdentityRef identityRef = NULL; OSStatus __secapiresult; try { SecPointer<Certificate> certificatePtr(Certificate::required(certificate)); SecPointer<KeyItem> keyItemPtr(KeyItem::required(privateKey)); SecPointer<Identity> identityPtr(new Identity(keyItemPtr, certificatePtr)); identityRef = identityPtr->handle(); __secapiresult=errSecSuccess; } catch (const MacOSError &err) { __secapiresult=err.osStatus(); } catch (const CommonError &err) { __secapiresult=SecKeychainErrFromOSStatus(err.osStatus()); } catch (const std::bad_alloc &) { __secapiresult=errSecAllocate; } catch (...) { __secapiresult=errSecInternalComponent; } return identityRef; }
OSStatus SecIdentityAddPreferenceItem( SecKeychainRef keychainRef, SecIdentityRef identityRef, CFStringRef idString, SecKeychainItemRef *itemRef) { // The original implementation of SecIdentityAddPreferenceItem adds the exact string only. // That implementation has been moved to _SecIdentityAddPreferenceItemWithName (above), // and this function is a wrapper which calls it, so that existing clients will get the // extended behavior of server domain matching for items that specify URLs. // (Note that behavior is unchanged if the specified idString is not a URL.) BEGIN_SECAPI OSStatus status = errSecInternalComponent; CFArrayRef names = _SecIdentityCopyPossiblePaths(idString); if (!names) { return status; } CFIndex total = CFArrayGetCount(names); if (total > 0) { // add item for name (first element in array) CFStringRef aName = (CFStringRef)CFArrayGetValueAtIndex(names, 0); try { status = _SecIdentityAddPreferenceItemWithName(keychainRef, identityRef, aName, itemRef); } catch (const MacOSError &err) { status=err.osStatus(); } catch (const CommonError &err) { status=SecKeychainErrFromOSStatus(err.osStatus()); } catch (const std::bad_alloc &) { status=errSecAllocate; } catch (...) { status=errSecInternalComponent; } } if (total > 2) { Boolean setDomainDefaultIdentity = FALSE; CFTypeRef val = (CFTypeRef)CFPreferencesCopyValue(CFSTR("SetDomainDefaultIdentity"), CFSTR("com.apple.security.identities"), kCFPreferencesCurrentUser, kCFPreferencesAnyHost); if (val) { if (CFGetTypeID(val) == CFBooleanGetTypeID()) setDomainDefaultIdentity = CFBooleanGetValue((CFBooleanRef)val) ? TRUE : FALSE; CFRelease(val); } if (setDomainDefaultIdentity) { // add item for domain (second-to-last element in array, e.g. "*.apple.com") OSStatus tmpStatus = errSecSuccess; CFStringRef aName = (CFStringRef)CFArrayGetValueAtIndex(names, total-2); try { tmpStatus = _SecIdentityAddPreferenceItemWithName(keychainRef, identityRef, aName, itemRef); } catch (const MacOSError &err) { tmpStatus=err.osStatus(); } catch (const CommonError &err) { tmpStatus=SecKeychainErrFromOSStatus(err.osStatus()); } catch (const std::bad_alloc &) { tmpStatus=errSecAllocate; } catch (...) { tmpStatus=errSecInternalComponent; } } } CFRelease(names); return status; END_SECAPI }