security-framework-sys-0.3.1/Cargo.toml.orig010064400007650000120000000013711346015404300172760ustar0000000000000000[package] name = "security-framework-sys" version = "0.3.1" authors = ["Steven Fackler ", "Kornel "] license = "MIT/Apache-2.0" description = "Apple `Security.framework` low-level FFI bindings" repository = "https://github.com/kornelski/rust-security-framework" homepage = "https://lib.rs/crates/security-framework-sys" documentation = "https://kornelski.github.io/rust-security-framework/doc/security_framework_sys" readme = "README.md" keywords = ["ffi", "iOS", "TLS", "SSL", "crypto"] categories = ["os::macos-apis", "external-ffi-bindings"] [dependencies] core-foundation-sys = "0.6.2" [features] OSX_10_9 = [] OSX_10_10 = ["OSX_10_9"] OSX_10_11 = ["OSX_10_10"] OSX_10_12 = ["OSX_10_11"] OSX_10_13 = ["OSX_10_12"] security-framework-sys-0.3.1/Cargo.toml0000644000000024140000000000000135510ustar00# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO # # When uploading crates to the registry Cargo will automatically # "normalize" Cargo.toml files for maximal compatibility # with all versions of Cargo and also rewrite `path` dependencies # to registry (e.g. crates.io) dependencies # # If you believe there's an error in this file please file an # issue against the rust-lang/cargo repository. If you're # editing this file be aware that the upstream Cargo.toml # will likely look very different (and much more reasonable) [package] name = "security-framework-sys" version = "0.3.1" authors = ["Steven Fackler ", "Kornel "] description = "Apple `Security.framework` low-level FFI bindings" homepage = "https://lib.rs/crates/security-framework-sys" documentation = "https://kornelski.github.io/rust-security-framework/doc/security_framework_sys" readme = "README.md" keywords = ["ffi", "iOS", "TLS", "SSL", "crypto"] categories = ["os::macos-apis", "external-ffi-bindings"] license = "MIT/Apache-2.0" repository = "https://github.com/kornelski/rust-security-framework" [dependencies.core-foundation-sys] version = "0.6.2" [features] OSX_10_10 = ["OSX_10_9"] OSX_10_11 = ["OSX_10_10"] OSX_10_12 = ["OSX_10_11"] OSX_10_13 = ["OSX_10_12"] OSX_10_9 = [] security-framework-sys-0.3.1/README.md010064400007650000120000000014231345665766000157060ustar0000000000000000# rust-security-framework [![Latest Version](https://img.shields.io/crates/v/security-framework.svg)](https://lib.rs/crates/security-framework) [Documentation](https://kornelski.github.io/rust-security-framework/doc/security_framework/) Bindings to the Apple's `Security.framework`. Allows use of TLS and Keychain from Rust. ## License Licensed under either of * Apache License, Version 2.0 ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) at your option. ### Contribution Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be dual licensed as above, without any additional terms or conditions. security-framework-sys-0.3.1/src/access.rs010064400007650000120000000001461341022326500170020ustar0000000000000000use core_foundation_sys::base::CFTypeID; extern "C" { pub fn SecAccessGetTypeID() -> CFTypeID; } security-framework-sys-0.3.1/src/base.rs010064400007650000120000000030271346015344000164560ustar0000000000000000use core_foundation_sys::base::OSStatus; use core_foundation_sys::string::CFStringRef; use std::os::raw::c_void; pub enum OpaqueSecKeychainRef {} pub type SecKeychainRef = *mut OpaqueSecKeychainRef; pub enum OpaqueSecKeychainItemRef {} pub type SecKeychainItemRef = *mut OpaqueSecKeychainItemRef; // OSType from MacTypes.h pub type SecKeychainAttrType = u32; #[repr(C)] #[derive(Copy, Clone)] pub struct SecKeychainAttribute { pub tag: SecKeychainAttrType, pub length: u32, pub data: *mut c_void, } #[repr(C)] #[derive(Copy, Clone)] pub struct SecKeychainAttributeList { pub count: u32, pub attr: *mut SecKeychainAttribute, } pub enum OpaqueSecCertificateRef {} pub type SecCertificateRef = *mut OpaqueSecCertificateRef; pub enum OpaqueSecAccessRef {} pub type SecAccessRef = *mut OpaqueSecAccessRef; pub enum OpaqueSecKeyRef {} pub type SecKeyRef = *mut OpaqueSecKeyRef; pub enum OpaqueSecIdentityRef {} pub type SecIdentityRef = *mut OpaqueSecIdentityRef; pub enum OpaqueSecPolicyRef {} pub type SecPolicyRef = *mut OpaqueSecPolicyRef; pub const errSecSuccess: OSStatus = 0; pub const errSecUnimplemented: OSStatus = -4; pub const errSecIO: OSStatus = -36; pub const errSecParam: OSStatus = -50; pub const errSecBadReq: OSStatus = -909; pub const errSecAuthFailed: OSStatus = -25293; pub const errSecTrustSettingDeny: OSStatus = -67654; pub const errSecNotTrusted: OSStatus = -67843; extern "C" { #[cfg(target_os = "macos")] pub fn SecCopyErrorMessageString(status: OSStatus, reserved: *mut c_void) -> CFStringRef; } security-framework-sys-0.3.1/src/certificate.rs010064400007650000120000000041131343536327000200310ustar0000000000000000use core_foundation_sys::array::CFArrayRef; use core_foundation_sys::base::{CFAllocatorRef, CFTypeID, OSStatus}; use core_foundation_sys::data::CFDataRef; use core_foundation_sys::dictionary::CFDictionaryRef; use core_foundation_sys::error::CFErrorRef; use core_foundation_sys::string::CFStringRef; use base::{SecCertificateRef, SecKeyRef}; extern "C" { #[cfg(target_os = "macos")] pub static kSecPropertyKeyType: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyKeyLabel: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyKeyLocalizedLabel: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyKeyValue: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyTypeWarning: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyTypeSuccess: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyTypeSection: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyTypeData: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyTypeString: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyTypeURL: CFStringRef; #[cfg(target_os = "macos")] pub static kSecPropertyTypeDate: CFStringRef; pub fn SecCertificateGetTypeID() -> CFTypeID; pub fn SecCertificateCreateWithData( allocator: CFAllocatorRef, data: CFDataRef, ) -> SecCertificateRef; pub fn SecCertificateCopyData(certificate: SecCertificateRef) -> CFDataRef; pub fn SecCertificateCopySubjectSummary(certificate: SecCertificateRef) -> CFStringRef; pub fn SecCertificateCopyCommonName( certificate: SecCertificateRef, common_name: *mut CFStringRef, ) -> OSStatus; #[cfg(target_os = "macos")] pub fn SecCertificateCopyPublicKey( certificate: SecCertificateRef, key: *mut SecKeyRef, ) -> OSStatus; #[cfg(target_os = "macos")] pub fn SecCertificateCopyValues( certificate: SecCertificateRef, keys: CFArrayRef, error: *mut CFErrorRef, ) -> CFDictionaryRef; } security-framework-sys-0.3.1/src/certificate_oids.rs010064400007650000120000000001731341022326500210410ustar0000000000000000use core_foundation_sys::string::CFStringRef; extern "C" { pub static kSecOIDX509V1SignatureAlgorithm: CFStringRef; } security-framework-sys-0.3.1/src/cipher_suite.rs010064400007650000120000000306301341022326500202250ustar0000000000000000#[cfg(not(target_os = "ios"))] pub type SSLCipherSuite = u32; #[cfg(target_os = "ios")] pub type SSLCipherSuite = u16; pub const SSL_NULL_WITH_NULL_NULL: SSLCipherSuite = 0x0000; pub const SSL_RSA_WITH_NULL_MD5: SSLCipherSuite = 0x0001; pub const SSL_RSA_WITH_NULL_SHA: SSLCipherSuite = 0x0002; pub const SSL_RSA_EXPORT_WITH_RC4_40_MD5: SSLCipherSuite = 0x0003; pub const SSL_RSA_WITH_RC4_128_MD5: SSLCipherSuite = 0x0004; pub const SSL_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0x0005; pub const SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: SSLCipherSuite = 0x0006; pub const SSL_RSA_WITH_IDEA_CBC_SHA: SSLCipherSuite = 0x0007; pub const SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0008; pub const SSL_RSA_WITH_DES_CBC_SHA: SSLCipherSuite = 0x0009; pub const SSL_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000A; pub const SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x000B; pub const SSL_DH_DSS_WITH_DES_CBC_SHA: SSLCipherSuite = 0x000C; pub const SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000D; pub const SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x000E; pub const SSL_DH_RSA_WITH_DES_CBC_SHA: SSLCipherSuite = 0x000F; pub const SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0010; pub const SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0011; pub const SSL_DHE_DSS_WITH_DES_CBC_SHA: SSLCipherSuite = 0x0012; pub const SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0013; pub const SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0014; pub const SSL_DHE_RSA_WITH_DES_CBC_SHA: SSLCipherSuite = 0x0015; pub const SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0016; pub const SSL_DH_anon_EXPORT_WITH_RC4_40_MD5: SSLCipherSuite = 0x0017; pub const SSL_DH_anon_WITH_RC4_128_MD5: SSLCipherSuite = 0x0018; pub const SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA: SSLCipherSuite = 0x0019; pub const SSL_DH_anon_WITH_DES_CBC_SHA: SSLCipherSuite = 0x001A; pub const SSL_DH_anon_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x001B; pub const SSL_FORTEZZA_DMS_WITH_NULL_SHA: SSLCipherSuite = 0x001C; pub const SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA: SSLCipherSuite = 0x001D; // TLS addenda using AES, per RFC 3268 pub const TLS_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x002F; pub const TLS_DH_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0030; pub const TLS_DH_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0031; pub const TLS_DHE_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0032; pub const TLS_DHE_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0033; pub const TLS_DH_anon_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0034; pub const TLS_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0035; pub const TLS_DH_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0036; pub const TLS_DH_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0037; pub const TLS_DHE_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0038; pub const TLS_DHE_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0039; pub const TLS_DH_anon_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x003A; // ECDSA addenda, RFC 4492 pub const TLS_ECDH_ECDSA_WITH_NULL_SHA: SSLCipherSuite = 0xC001; pub const TLS_ECDH_ECDSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC002; pub const TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC003; pub const TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC004; pub const TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC005; pub const TLS_ECDHE_ECDSA_WITH_NULL_SHA: SSLCipherSuite = 0xC006; pub const TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC007; pub const TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC008; pub const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC009; pub const TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC00A; pub const TLS_ECDH_RSA_WITH_NULL_SHA: SSLCipherSuite = 0xC00B; pub const TLS_ECDH_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC00C; pub const TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC00D; pub const TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC00E; pub const TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC00F; pub const TLS_ECDHE_RSA_WITH_NULL_SHA: SSLCipherSuite = 0xC010; pub const TLS_ECDHE_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0xC011; pub const TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC012; pub const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC013; pub const TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC014; pub const TLS_ECDH_anon_WITH_NULL_SHA: SSLCipherSuite = 0xC015; pub const TLS_ECDH_anon_WITH_RC4_128_SHA: SSLCipherSuite = 0xC016; pub const TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0xC017; pub const TLS_ECDH_anon_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0xC018; pub const TLS_ECDH_anon_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0xC019; // TLS 1.2 addenda, RFC 5246 // Initial state. pub const TLS_NULL_WITH_NULL_NULL: SSLCipherSuite = 0x0000; // Server provided RSA certificate for key exchange. pub const TLS_RSA_WITH_NULL_MD5: SSLCipherSuite = 0x0001; pub const TLS_RSA_WITH_NULL_SHA: SSLCipherSuite = 0x0002; pub const TLS_RSA_WITH_RC4_128_MD5: SSLCipherSuite = 0x0004; pub const TLS_RSA_WITH_RC4_128_SHA: SSLCipherSuite = 0x0005; pub const TLS_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000A; // pub const TLS_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x002F; // pub const TLS_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0035; pub const TLS_RSA_WITH_NULL_SHA256: SSLCipherSuite = 0x003B; pub const TLS_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x003C; pub const TLS_RSA_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x003D; // Server-authenticated (and optionally client-authenticated) Diffie-Hellman. pub const TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x000D; pub const TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0010; pub const TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0013; pub const TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0016; // pub const TLS_DH_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0030; // pub const TLS_DH_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0031; // pub const TLS_DHE_DSS_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0032; // pub const TLS_DHE_RSA_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0033; // pub const TLS_DH_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0036; // pub const TLS_DH_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0037; // pub const TLS_DHE_DSS_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0038; // pub const TLS_DHE_RSA_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0039; pub const TLS_DH_DSS_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x003E; pub const TLS_DH_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x003F; pub const TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x0040; pub const TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x0067; pub const TLS_DH_DSS_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x0068; pub const TLS_DH_RSA_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x0069; pub const TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x006A; pub const TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x006B; // Completely anonymous Diffie-Hellman pub const TLS_DH_anon_WITH_RC4_128_MD5: SSLCipherSuite = 0x0018; pub const TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x001B; // pub const TLS_DH_anon_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0034; // pub const TLS_DH_anon_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x003A; pub const TLS_DH_anon_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x006C; pub const TLS_DH_anon_WITH_AES_256_CBC_SHA256: SSLCipherSuite = 0x006D; // Addendum from RFC 4279, TLS PSK pub const TLS_PSK_WITH_RC4_128_SHA: SSLCipherSuite = 0x008A; pub const TLS_PSK_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x008B; pub const TLS_PSK_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x008C; pub const TLS_PSK_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x008D; pub const TLS_DHE_PSK_WITH_RC4_128_SHA: SSLCipherSuite = 0x008E; pub const TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x008F; pub const TLS_DHE_PSK_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0090; pub const TLS_DHE_PSK_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0091; pub const TLS_RSA_PSK_WITH_RC4_128_SHA: SSLCipherSuite = 0x0092; pub const TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: SSLCipherSuite = 0x0093; pub const TLS_RSA_PSK_WITH_AES_128_CBC_SHA: SSLCipherSuite = 0x0094; pub const TLS_RSA_PSK_WITH_AES_256_CBC_SHA: SSLCipherSuite = 0x0095; // RFC 4785 - Pre-Shared Key (PSK) Ciphersuites with NULL Encryption pub const TLS_PSK_WITH_NULL_SHA: SSLCipherSuite = 0x002C; pub const TLS_DHE_PSK_WITH_NULL_SHA: SSLCipherSuite = 0x002D; pub const TLS_RSA_PSK_WITH_NULL_SHA: SSLCipherSuite = 0x002E; // Addenda from rfc 5288 AES Galois Counter Mode (GCM) Cipher Suites // for TLS. pub const TLS_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x009C; pub const TLS_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x009D; pub const TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x009E; pub const TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x009F; pub const TLS_DH_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A0; pub const TLS_DH_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A1; pub const TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A2; pub const TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A3; pub const TLS_DH_DSS_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A4; pub const TLS_DH_DSS_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A5; pub const TLS_DH_anon_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A6; pub const TLS_DH_anon_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A7; // RFC 5487 - PSK with SHA-256/384 and AES GCM pub const TLS_PSK_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00A8; pub const TLS_PSK_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00A9; pub const TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00AA; pub const TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00AB; pub const TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0x00AC; pub const TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0x00AD; pub const TLS_PSK_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x00AE; pub const TLS_PSK_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0x00AF; pub const TLS_PSK_WITH_NULL_SHA256: SSLCipherSuite = 0x00B0; pub const TLS_PSK_WITH_NULL_SHA384: SSLCipherSuite = 0x00B1; pub const TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x00B2; pub const TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0x00B3; pub const TLS_DHE_PSK_WITH_NULL_SHA256: SSLCipherSuite = 0x00B4; pub const TLS_DHE_PSK_WITH_NULL_SHA384: SSLCipherSuite = 0x00B5; pub const TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0x00B6; pub const TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0x00B7; pub const TLS_RSA_PSK_WITH_NULL_SHA256: SSLCipherSuite = 0x00B8; pub const TLS_RSA_PSK_WITH_NULL_SHA384: SSLCipherSuite = 0x00B9; // Addenda from rfc 5289 Elliptic Curve Cipher Suites with // HMAC SHA-256/384. pub const TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC023; pub const TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC024; pub const TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC025; pub const TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC026; pub const TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC027; pub const TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC028; pub const TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: SSLCipherSuite = 0xC029; pub const TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: SSLCipherSuite = 0xC02A; // Addenda from rfc 5289 Elliptic Curve Cipher Suites with // SHA-256/384 and AES Galois Counter Mode (GCM) pub const TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC02B; pub const TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC02C; pub const TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC02D; pub const TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC02E; pub const TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC02F; pub const TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC030; pub const TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: SSLCipherSuite = 0xC031; pub const TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: SSLCipherSuite = 0xC032; // RFC 5746 - Secure Renegotiation pub const TLS_EMPTY_RENEGOTIATION_INFO_SCSV: SSLCipherSuite = 0x00FF; // Tags for SSL 2 cipher kinds which are not specified // for SSL 3. // pub const SSL_RSA_WITH_RC2_CBC_MD5: SSLCipherSuite = 0xFF80; pub const SSL_RSA_WITH_IDEA_CBC_MD5: SSLCipherSuite = 0xFF81; pub const SSL_RSA_WITH_DES_CBC_MD5: SSLCipherSuite = 0xFF82; pub const SSL_RSA_WITH_3DES_EDE_CBC_MD5: SSLCipherSuite = 0xFF83; pub const SSL_NO_SUCH_CIPHERSUITE: SSLCipherSuite = 0xFFFF; security-framework-sys-0.3.1/src/digest_transform.rs010064400007650000120000000017211341022326500211130ustar0000000000000000use core_foundation_sys::base::{CFIndex, CFTypeRef}; use core_foundation_sys::error::CFErrorRef; use core_foundation_sys::string::CFStringRef; use transform::SecTransformRef; extern "C" { pub static kSecDigestHMACKeyAttribute: CFStringRef; pub static kSecDigestHMACMD5: CFStringRef; pub static kSecDigestHMACSHA1: CFStringRef; pub static kSecDigestHMACSHA2: CFStringRef; pub static kSecDigestLengthAttribute: CFStringRef; pub static kSecDigestMD2: CFStringRef; pub static kSecDigestMD4: CFStringRef; pub static kSecDigestMD5: CFStringRef; pub static kSecDigestSHA1: CFStringRef; pub static kSecDigestSHA2: CFStringRef; pub static kSecDigestTypeAttribute: CFStringRef; pub fn SecDigestTransformCreate( digestType: CFTypeRef, digestLength: CFIndex, error: *mut CFErrorRef, ) -> SecTransformRef; // this symbol is apparently missing in 10.13.3? // pub fn SecDigestTransformGetTypeID() -> CFTypeID; } security-framework-sys-0.3.1/src/encrypt_transform.rs010064400007650000120000000022761341022326500213260ustar0000000000000000use core_foundation_sys::error::CFErrorRef; use core_foundation_sys::string::CFStringRef; use base::SecKeyRef; use transform::SecTransformRef; extern "C" { pub static kSecEncryptionMode: CFStringRef; pub static kSecEncryptKey: CFStringRef; pub static kSecIVKey: CFStringRef; pub static kSecModeCBCKey: CFStringRef; pub static kSecModeCFBKey: CFStringRef; pub static kSecModeECBKey: CFStringRef; pub static kSecModeNoneKey: CFStringRef; pub static kSecModeOFBKey: CFStringRef; pub static kSecPaddingKey: CFStringRef; pub static kSecPaddingNoneKey: CFStringRef; pub static kSecPaddingOAEPKey: CFStringRef; pub static kSecPaddingPKCS1Key: CFStringRef; pub static kSecPaddingPKCS5Key: CFStringRef; pub static kSecPaddingPKCS7Key: CFStringRef; pub fn SecDecryptTransformCreate(keyRef: SecKeyRef, error: *mut CFErrorRef) -> SecTransformRef; // this symbol is apparently missing in 10.13.3? // pub fn SecDecryptTransformGetTypeID() -> CFTypeID; pub fn SecEncryptTransformCreate(keyRef: SecKeyRef, error: *mut CFErrorRef) -> SecTransformRef; // this symbol is apparently missing in 10.13.3? // pub fn SecEncryptTransformGetTypeID() -> CFTypeID; } security-framework-sys-0.3.1/src/identity.rs010064400007650000120000000012211341022326500173650ustar0000000000000000use core_foundation_sys::base::{CFTypeID, CFTypeRef, OSStatus}; use base::{SecCertificateRef, SecIdentityRef, SecKeyRef}; extern "C" { pub fn SecIdentityGetTypeID() -> CFTypeID; pub fn SecIdentityCopyCertificate( identity: SecIdentityRef, certificate_ref: *mut SecCertificateRef, ) -> OSStatus; pub fn SecIdentityCopyPrivateKey(identity: SecIdentityRef, key_ref: *mut SecKeyRef) -> OSStatus; #[cfg(target_os = "macos")] pub fn SecIdentityCreateWithCertificate( keychain_or_Array: CFTypeRef, certificate_ref: SecCertificateRef, identity_ref: *mut SecIdentityRef, ) -> OSStatus; } security-framework-sys-0.3.1/src/import_export.rs010064400007650000120000000051431346015344000204600ustar0000000000000000use core_foundation_sys::array::CFArrayRef; use core_foundation_sys::base::{CFTypeRef, OSStatus}; use core_foundation_sys::data::CFDataRef; use core_foundation_sys::dictionary::CFDictionaryRef; use core_foundation_sys::string::CFStringRef; use std::os::raw::c_uint; use base::{SecAccessRef, SecKeychainRef}; #[cfg(target_os = "macos")] pub type SecExternalFormat = u32; #[cfg(target_os = "macos")] pub type SecExternalItemType = u32; #[cfg(target_os = "macos")] pub type SecItemImportExportFlags = u32; #[cfg(target_os = "macos")] pub type SecKeyImportExportFlags = u32; #[cfg(target_os = "macos")] pub const kSecKeyImportOnlyOne: SecKeyImportExportFlags = 1; #[cfg(target_os = "macos")] pub const kSecKeySecurePassphrase: SecKeyImportExportFlags = 2; #[cfg(target_os = "macos")] pub const kSecKeyNoAccessControl: SecKeyImportExportFlags = 4; #[cfg(target_os = "macos")] pub const SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION: c_uint = 0; #[repr(C)] #[derive(Copy, Clone)] #[cfg(target_os = "macos")] pub struct SecItemImportExportKeyParameters { pub version: c_uint, pub flags: SecKeyImportExportFlags, pub passphrase: CFTypeRef, pub alertTitle: CFStringRef, pub alertPrompt: CFStringRef, pub accessRef: SecAccessRef, pub keyUsage: CFArrayRef, pub keyAttributes: CFArrayRef, } extern "C" { #[cfg(target_os = "macos")] pub fn SecItemImport( importedData: CFDataRef, fileNameOrExtension: CFStringRef, inputFormat: *mut SecExternalFormat, itemType: *mut SecExternalItemType, flags: SecItemImportExportFlags, keyParams: *const SecItemImportExportKeyParameters, importKeychain: SecKeychainRef, outItems: *mut CFArrayRef, ) -> OSStatus; #[cfg(target_os = "macos")] pub fn SecItemExport( secItemOrArray: CFTypeRef, outputFormat: SecExternalFormat, flags: SecItemImportExportFlags, keyParams: *const SecItemImportExportKeyParameters, exportedData: *mut CFDataRef, ) -> OSStatus; pub static kSecImportExportPassphrase: CFStringRef; #[cfg(target_os = "macos")] pub static kSecImportExportKeychain: CFStringRef; #[cfg(target_os = "macos")] pub static kSecImportExportAccess: CFStringRef; pub static kSecImportItemLabel: CFStringRef; pub static kSecImportItemKeyID: CFStringRef; pub static kSecImportItemTrust: CFStringRef; pub static kSecImportItemCertChain: CFStringRef; pub static kSecImportItemIdentity: CFStringRef; pub fn SecPKCS12Import( pkcs12_data: CFDataRef, options: CFDictionaryRef, items: *mut CFArrayRef, ) -> OSStatus; } security-framework-sys-0.3.1/src/item.rs010064400007650000120000000033011343536327000165030ustar0000000000000000use core_foundation_sys::base::{CFTypeRef, OSStatus}; use core_foundation_sys::dictionary::CFDictionaryRef; use core_foundation_sys::string::CFStringRef; extern "C" { pub static kSecClass: CFStringRef; pub static kSecClassInternetPassword: CFStringRef; pub static kSecClassGenericPassword: CFStringRef; pub static kSecClassCertificate: CFStringRef; pub static kSecClassKey: CFStringRef; pub static kSecClassIdentity: CFStringRef; pub static kSecMatchLimit: CFStringRef; pub static kSecReturnData: CFStringRef; pub static kSecReturnAttributes: CFStringRef; pub static kSecReturnRef: CFStringRef; pub static kSecReturnPersistentRef: CFStringRef; pub static kSecMatchSearchList: CFStringRef; pub static kSecAttrKeyType: CFStringRef; pub static kSecAttrLabel: CFStringRef; pub static kSecAttrKeySizeInBits: CFStringRef; pub static kSecAttrKeyTypeECSECPrimeRandom: CFStringRef; pub static kSecAttrKeyTypeRSA: CFStringRef; #[cfg(target_os = "macos")] pub static kSecAttrKeyTypeDSA: CFStringRef; #[cfg(target_os = "macos")] pub static kSecAttrKeyTypeAES: CFStringRef; #[cfg(target_os = "macos")] pub static kSecAttrKeyTypeDES: CFStringRef; #[cfg(target_os = "macos")] pub static kSecAttrKeyType3DES: CFStringRef; #[cfg(target_os = "macos")] pub static kSecAttrKeyTypeRC4: CFStringRef; #[cfg(target_os = "macos")] pub static kSecAttrKeyTypeRC2: CFStringRef; #[cfg(target_os = "macos")] pub static kSecAttrKeyTypeCAST: CFStringRef; #[cfg(feature = "OSX_10_9")] pub static kSecAttrKeyTypeEC: CFStringRef; pub fn SecItemCopyMatching(query: CFDictionaryRef, result: *mut CFTypeRef) -> OSStatus; } security-framework-sys-0.3.1/src/key.rs010064400007650000120000000013271343536327000163430ustar0000000000000000use core_foundation_sys::base::CFTypeID; use core_foundation_sys::data::CFDataRef; use core_foundation_sys::dictionary::CFDictionaryRef; use core_foundation_sys::error::CFErrorRef; use base::SecKeyRef; extern "C" { pub fn SecKeyGetTypeID() -> CFTypeID; #[cfg(target_os = "macos")] pub fn SecKeyCreateFromData( parameters: CFDictionaryRef, keyData: CFDataRef, error: *mut CFErrorRef, ) -> SecKeyRef; #[cfg(any(feature = "OSX_10_12", target_os = "ios"))] pub fn SecKeyCopyExternalRepresentation(key: SecKeyRef, error: *mut CFErrorRef) -> CFDataRef; #[cfg(any(feature = "OSX_10_12", target_os = "ios"))] pub fn SecKeyCopyAttributes(key: SecKeyRef) -> CFDictionaryRef; } security-framework-sys-0.3.1/src/keychain.rs010064400007650000120000000122731346015344000173420ustar0000000000000000use core_foundation_sys::base::{Boolean, CFTypeID, CFTypeRef, OSStatus}; use std::os::raw::{c_char, c_uint, c_void}; use base::{SecAccessRef, SecKeychainItemRef, SecKeychainRef}; pub const SEC_KEYCHAIN_SETTINGS_VERS1: c_uint = 1; #[repr(C)] pub struct SecKeychainSettings { pub version: c_uint, pub lockOnSleep: Boolean, pub useLockInterval: Boolean, pub lockInterval: c_uint, } /// Like Apple's headers, it assumes Little Endian, /// as there are no supported Big Endian machines any more :( macro_rules! char_lit { ($e:expr) => { ($e[3] as u32) + (($e[2] as u32) << 8) + (($e[1] as u32) << 16) + (($e[0] as u32) << 24) }; } macro_rules! char_lit_swapped { ($e:expr) => { ($e[0] as u32) + (($e[1] as u32) << 8) + (($e[2] as u32) << 16) + (($e[3] as u32) << 24) }; } #[repr(u32)] #[derive(Copy, Clone, Eq, PartialEq, Debug)] pub enum SecProtocolType { FTP = char_lit!(b"ftp "), FTPAccount = char_lit!(b"ftpa"), HTTP = char_lit!(b"http"), IRC = char_lit!(b"irc "), NNTP = char_lit!(b"nntp"), POP3 = char_lit!(b"pop3"), SMTP = char_lit!(b"smtp"), SOCKS = char_lit!(b"sox "), IMAP = char_lit!(b"imap"), LDAP = char_lit!(b"ldap"), AppleTalk = char_lit!(b"atlk"), AFP = char_lit!(b"afp "), Telnet = char_lit!(b"teln"), SSH = char_lit!(b"ssh "), FTPS = char_lit!(b"ftps"), HTTPS = char_lit!(b"htps"), HTTPProxy = char_lit!(b"htpx"), HTTPSProxy = char_lit!(b"htsx"), FTPProxy = char_lit!(b"ftpx"), CIFS = char_lit!(b"cifs"), SMB = char_lit!(b"smb "), RTSP = char_lit!(b"rtsp"), RTSPProxy = char_lit!(b"rtsx"), DAAP = char_lit!(b"daap"), EPPC = char_lit!(b"eppc"), IPP = char_lit!(b"ipp "), NNTPS = char_lit!(b"ntps"), LDAPS = char_lit!(b"ldps"), TelnetS = char_lit!(b"tels"), IMAPS = char_lit!(b"imps"), IRCS = char_lit!(b"ircs"), POP3S = char_lit!(b"pops"), CVSpserver = char_lit!(b"cvsp"), SVN = char_lit!(b"svn "), Any = 0, } #[repr(u32)] #[derive(Copy, Clone, Eq, PartialEq, Debug)] pub enum SecAuthenticationType { // [sic] Apple has got two related enums each with a different endianness! NTLM = char_lit_swapped!(b"ntlm"), MSN = char_lit_swapped!(b"msna"), DPA = char_lit_swapped!(b"dpaa"), RPA = char_lit_swapped!(b"rpaa"), HTTPBasic = char_lit_swapped!(b"http"), HTTPDigest = char_lit_swapped!(b"httd"), HTMLForm = char_lit_swapped!(b"form"), Default = char_lit_swapped!(b"dflt"), Any = 0, } extern "C" { pub fn SecKeychainGetTypeID() -> CFTypeID; pub fn SecKeychainCopyDefault(keychain: *mut SecKeychainRef) -> OSStatus; pub fn SecKeychainCreate( pathName: *const c_char, passwordLength: c_uint, password: *const c_void, promptUser: Boolean, initialAccess: SecAccessRef, keychain: *mut SecKeychainRef, ) -> OSStatus; pub fn SecKeychainOpen(pathName: *const c_char, keychain: *mut SecKeychainRef) -> OSStatus; pub fn SecKeychainUnlock( keychain: SecKeychainRef, passwordLength: c_uint, password: *const c_void, usePassword: Boolean, ) -> OSStatus; #[cfg(target_os = "macos")] pub fn SecKeychainFindGenericPassword( keychainOrArray: CFTypeRef, serviceNameLength: u32, serviceName: *const c_char, accountNameLength: u32, accountName: *const c_char, passwordLength: *mut u32, passwordData: *mut *mut c_void, itemRef: *mut SecKeychainItemRef, ) -> OSStatus; #[cfg(target_os = "macos")] pub fn SecKeychainFindInternetPassword( keychainOrArray: CFTypeRef, serverNameLength: u32, serverName: *const c_char, securityDomainLength: u32, securityDomain: *const c_char, accountNameLength: u32, accountName: *const c_char, pathLength: u32, path: *const c_char, port: u16, protocol: SecProtocolType, authenticationType: SecAuthenticationType, passwordLength: *mut u32, passwordData: *mut *mut c_void, itemRef: *mut SecKeychainItemRef, ) -> OSStatus; #[cfg(target_os = "macos")] pub fn SecKeychainAddGenericPassword( keychain: SecKeychainRef, serviceNameLength: u32, serviceName: *const c_char, accountNameLength: u32, accountName: *const c_char, passwordLength: u32, passwordData: *const c_void, itemRef: *mut SecKeychainItemRef, ) -> OSStatus; #[cfg(target_os = "macos")] pub fn SecKeychainAddInternetPassword( keychain: SecKeychainRef, serverNameLength: u32, serverName: *const c_char, securityDomainLength: u32, securityDomain: *const c_char, accountNameLength: u32, accountName: *const c_char, pathLength: u32, path: *const c_char, port: u16, protocol: SecProtocolType, authenticationType: SecAuthenticationType, passwordLength: u32, passwordData: *const c_void, itemRef: *mut SecKeychainItemRef, ) -> OSStatus; pub fn SecKeychainSetSettings( keychain: SecKeychainRef, newSettings: *const SecKeychainSettings, ) -> OSStatus; } security-framework-sys-0.3.1/src/keychain_item.rs010064400007650000120000000014121346015344000203510ustar0000000000000000use base::{SecKeychainAttributeList, SecKeychainItemRef}; use core_foundation_sys::base::{CFTypeID, OSStatus}; use core_foundation_sys::dictionary::CFDictionaryRef; use std::os::raw::c_void; extern "C" { pub fn SecKeychainItemGetTypeID() -> CFTypeID; pub fn SecKeychainItemDelete(itemRef: SecKeychainItemRef) -> OSStatus; pub fn SecItemUpdate(query: CFDictionaryRef, attributesToUpdate: CFDictionaryRef) -> OSStatus; pub fn SecKeychainItemModifyAttributesAndData( itemRef: SecKeychainItemRef, attrList: *const SecKeychainAttributeList, length: u32, data: *const c_void, ) -> OSStatus; pub fn SecKeychainItemFreeContent( attrList: *mut SecKeychainAttributeList, data: *mut c_void, ) -> OSStatus; } security-framework-sys-0.3.1/src/lib.rs010064400007650000120000000013231346015362200163110ustar0000000000000000#![allow(bad_style)] extern crate core_foundation_sys; #[cfg_attr(any(target_os = "macos", target_os = "ios"), link(name = "Security", kind = "framework"))] extern "C" {} #[cfg(target_os = "macos")] pub mod access; pub mod base; pub mod certificate; #[cfg(target_os = "macos")] pub mod certificate_oids; pub mod cipher_suite; #[cfg(target_os = "macos")] pub mod digest_transform; #[cfg(target_os = "macos")] pub mod encrypt_transform; pub mod identity; pub mod import_export; pub mod item; pub mod key; #[cfg(target_os = "macos")] pub mod keychain; #[cfg(target_os = "macos")] pub mod keychain_item; pub mod policy; pub mod random; pub mod secure_transport; #[cfg(target_os = "macos")] pub mod transform; pub mod trust; security-framework-sys-0.3.1/src/policy.rs010064400007650000120000000005061343536327000170500ustar0000000000000000use core_foundation_sys::base::{Boolean, CFTypeID}; use core_foundation_sys::string::CFStringRef; use base::SecPolicyRef; extern "C" { pub fn SecPolicyCreateSSL(server: Boolean, hostname: CFStringRef) -> SecPolicyRef; pub fn SecPolicyGetTypeID() -> CFTypeID; pub fn SecPolicyCreateBasicX509() -> SecPolicyRef; } security-framework-sys-0.3.1/src/random.rs010064400007650000120000000004061346015357000170260ustar0000000000000000use std::os::raw::{c_int, c_void}; pub enum __SecRandom {} pub type SecRandomRef = *const __SecRandom; extern "C" { pub static kSecRandomDefault: SecRandomRef; pub fn SecRandomCopyBytes(rnd: SecRandomRef, count: usize, bytes: *mut c_void) -> c_int; } security-framework-sys-0.3.1/src/secure_transport.rs010064400007650000120000000251641346015355200211600ustar0000000000000000use core_foundation_sys::array::CFArrayRef; use core_foundation_sys::base::CFAllocatorRef; use core_foundation_sys::base::{Boolean, CFTypeRef, OSStatus}; use std::os::raw::{c_char, c_int, c_void}; use cipher_suite::SSLCipherSuite; use trust::SecTrustRef; pub enum SSLContext {} pub type SSLContextRef = *mut SSLContext; pub type SSLConnectionRef = *const c_void; pub type SSLProtocol = c_int; pub const kSSLProtocolUnknown: SSLProtocol = 0; pub const kSSLProtocol3: SSLProtocol = 2; pub const kTLSProtocol1: SSLProtocol = 4; pub const kTLSProtocol11: SSLProtocol = 7; pub const kTLSProtocol12: SSLProtocol = 8; pub const kDTLSProtocol1: SSLProtocol = 9; pub const kSSLProtocol2: SSLProtocol = 1; pub const kSSLProtocol3Only: SSLProtocol = 3; pub const kTLSProtocol1Only: SSLProtocol = 5; pub const kSSLProtocolAll: SSLProtocol = 6; pub type SSLSessionOption = c_int; pub const kSSLSessionOptionBreakOnServerAuth: SSLSessionOption = 0; pub const kSSLSessionOptionBreakOnCertRequested: SSLSessionOption = 1; pub const kSSLSessionOptionBreakOnClientAuth: SSLSessionOption = 2; #[cfg(any(feature = "OSX_10_9", target_os = "ios"))] pub const kSSLSessionOptionFalseStart: SSLSessionOption = 3; #[cfg(any(feature = "OSX_10_9", target_os = "ios"))] pub const kSSLSessionOptionSendOneByteRecord: SSLSessionOption = 4; #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))] pub const kSSLSessionOptionAllowServerIdentityChange: SSLSessionOption = 5; #[cfg(all(feature = "OSX_10_10", not(target_os = "ios")))] pub const kSSLSessionOptionFallback: SSLSessionOption = 6; #[cfg(all(feature = "OSX_10_11", not(target_os = "ios")))] pub const kSSLSessionOptionBreakOnClientHello: SSLSessionOption = 7; pub type SSLSessionState = c_int; pub const kSSLIdle: SSLSessionState = 0; pub const kSSLHandshake: SSLSessionState = 1; pub const kSSLConnected: SSLSessionState = 2; pub const kSSLClosed: SSLSessionState = 3; pub const kSSLAborted: SSLSessionState = 4; pub type SSLReadFunc = unsafe extern "C" fn(connection: SSLConnectionRef, data: *mut c_void, dataLength: *mut usize) -> OSStatus; pub type SSLWriteFunc = unsafe extern "C" fn( connection: SSLConnectionRef, data: *const c_void, dataLength: *mut usize, ) -> OSStatus; pub type SSLProtocolSide = c_int; pub const kSSLServerSide: SSLProtocolSide = 0; pub const kSSLClientSide: SSLProtocolSide = 1; pub type SSLConnectionType = c_int; pub const kSSLStreamType: SSLConnectionType = 0; pub const kSSLDatagramType: SSLConnectionType = 1; pub const errSSLProtocol: OSStatus = -9800; pub const errSSLNegotiation: OSStatus = -9801; pub const errSSLFatalAlert: OSStatus = -9802; pub const errSSLWouldBlock: OSStatus = -9803; pub const errSSLSessionNotFound: OSStatus = -9804; pub const errSSLClosedGraceful: OSStatus = -9805; pub const errSSLClosedAbort: OSStatus = -9806; pub const errSSLXCertChainInvalid: OSStatus = -9807; pub const errSSLBadCert: OSStatus = -9808; pub const errSSLCrypto: OSStatus = -9809; pub const errSSLInternal: OSStatus = -9810; pub const errSSLModuleAttach: OSStatus = -9811; pub const errSSLUnknownRootCert: OSStatus = -9812; pub const errSSLNoRootCert: OSStatus = -9813; pub const errSSLCertExpired: OSStatus = -9814; pub const errSSLCertNotYetValid: OSStatus = -9815; pub const errSSLClosedNoNotify: OSStatus = -9816; pub const errSSLBufferOverflow: OSStatus = -9817; pub const errSSLBadCipherSuite: OSStatus = -9818; pub const errSSLPeerUnexpectedMsg: OSStatus = -9819; pub const errSSLPeerBadRecordMac: OSStatus = -9820; pub const errSSLPeerDecryptionFail: OSStatus = -9821; pub const errSSLPeerRecordOverflow: OSStatus = -9822; pub const errSSLPeerDecompressFail: OSStatus = -9823; pub const errSSLPeerHandshakeFail: OSStatus = -9824; pub const errSSLPeerBadCert: OSStatus = -9825; pub const errSSLPeerUnsupportedCert: OSStatus = -9826; pub const errSSLPeerCertRevoked: OSStatus = -9827; pub const errSSLPeerCertExpired: OSStatus = -9828; pub const errSSLPeerCertUnknown: OSStatus = -9829; pub const errSSLIllegalParam: OSStatus = -9830; pub const errSSLPeerUnknownCA: OSStatus = -9831; pub const errSSLPeerAccessDenied: OSStatus = -9832; pub const errSSLPeerDecodeError: OSStatus = -9833; pub const errSSLPeerDecryptError: OSStatus = -9834; pub const errSSLPeerExportRestriction: OSStatus = -9835; pub const errSSLPeerProtocolVersion: OSStatus = -9836; pub const errSSLPeerInsufficientSecurity: OSStatus = -9837; pub const errSSLPeerInternalError: OSStatus = -9838; pub const errSSLPeerUserCancelled: OSStatus = -9839; pub const errSSLPeerNoRenegotiation: OSStatus = -9840; pub const errSSLPeerAuthCompleted: OSStatus = -9841; pub const errSSLClientCertRequested: OSStatus = -9842; pub const errSSLHostNameMismatch: OSStatus = -9843; pub const errSSLConnectionRefused: OSStatus = -9844; pub const errSSLDecryptionFail: OSStatus = -9845; pub const errSSLBadRecordMac: OSStatus = -9846; pub const errSSLRecordOverflow: OSStatus = -9847; pub const errSSLBadConfiguration: OSStatus = -9848; pub const errSSLClientHelloReceived: OSStatus = -9851; pub type SSLAuthenticate = c_int; pub const kNeverAuthenticate: SSLAuthenticate = 0; pub const kAlwaysAuthenticate: SSLAuthenticate = 1; pub const kTryAuthenticate: SSLAuthenticate = 2; pub type SSLClientCertificateState = c_int; pub const kSSLClientCertNone: SSLClientCertificateState = 0; pub const kSSLClientCertRequested: SSLClientCertificateState = 1; pub const kSSLClientCertSent: SSLClientCertificateState = 2; pub const kSSLClientCertRejected: SSLClientCertificateState = 3; extern "C" { pub fn SSLContextGetTypeID() -> ::core_foundation_sys::base::CFTypeID; pub fn SSLCreateContext( alloc: CFAllocatorRef, protocolSide: SSLProtocolSide, connectionType: SSLConnectionType, ) -> SSLContextRef; #[cfg(target_os = "macos")] pub fn SSLNewContext(isServer: Boolean, contextPtr: *mut SSLContextRef) -> OSStatus; #[cfg(target_os = "macos")] pub fn SSLDisposeContext(context: SSLContextRef) -> OSStatus; pub fn SSLSetConnection(context: SSLContextRef, connection: SSLConnectionRef) -> OSStatus; pub fn SSLGetConnection(context: SSLContextRef, connection: *mut SSLConnectionRef) -> OSStatus; pub fn SSLSetIOFuncs( context: SSLContextRef, read: SSLReadFunc, write: SSLWriteFunc, ) -> OSStatus; pub fn SSLHandshake(context: SSLContextRef) -> OSStatus; pub fn SSLClose(context: SSLContextRef) -> OSStatus; pub fn SSLRead( context: SSLContextRef, data: *mut c_void, dataLen: usize, processed: *mut usize, ) -> OSStatus; pub fn SSLWrite( context: SSLContextRef, data: *const c_void, dataLen: usize, processed: *mut usize, ) -> OSStatus; pub fn SSLSetPeerDomainName( context: SSLContextRef, peerName: *const c_char, peerNameLen: usize, ) -> OSStatus; pub fn SSLGetPeerDomainNameLength(context: SSLContextRef, peerNameLen: *mut usize) -> OSStatus; pub fn SSLGetPeerDomainName( context: SSLContextRef, peerName: *mut c_char, peerNameLen: *mut usize, ) -> OSStatus; pub fn SSLSetCertificate(context: SSLContextRef, certRefs: CFArrayRef) -> OSStatus; #[cfg(target_os = "macos")] pub fn SSLSetCertificateAuthorities( context: SSLContextRef, certificateOrArray: CFTypeRef, replaceExisting: Boolean, ) -> OSStatus; #[cfg(target_os = "macos")] pub fn SSLCopyCertificateAuthorities( context: SSLContextRef, certificates: *mut CFArrayRef, ) -> OSStatus; pub fn SSLSetSessionOption( context: SSLContextRef, option: SSLSessionOption, value: Boolean, ) -> OSStatus; pub fn SSLGetSessionOption( context: SSLContextRef, option: SSLSessionOption, value: *mut Boolean, ) -> OSStatus; pub fn SSLCopyPeerTrust(context: SSLContextRef, trust: *mut SecTrustRef) -> OSStatus; pub fn SSLGetSessionState(context: SSLContextRef, state: *mut SSLSessionState) -> OSStatus; pub fn SSLGetSupportedCiphers( context: SSLContextRef, ciphers: *mut SSLCipherSuite, numCiphers: *mut usize, ) -> OSStatus; pub fn SSLGetNumberSupportedCiphers( context: SSLContextRef, numCiphers: *mut usize, ) -> OSStatus; pub fn SSLGetEnabledCiphers( context: SSLContextRef, ciphers: *mut SSLCipherSuite, numCiphers: *mut usize, ) -> OSStatus; pub fn SSLGetNumberEnabledCiphers(context: SSLContextRef, numCiphers: *mut usize) -> OSStatus; pub fn SSLSetEnabledCiphers( context: SSLContextRef, ciphers: *const SSLCipherSuite, numCiphers: usize, ) -> OSStatus; pub fn SSLGetNegotiatedCipher(context: SSLContextRef, cipher: *mut SSLCipherSuite) -> OSStatus; pub fn SSLSetClientSideAuthenticate(context: SSLContextRef, auth: SSLAuthenticate) -> OSStatus; #[cfg(target_os = "macos")] pub fn SSLSetDiffieHellmanParams( context: SSLContextRef, dhParams: *const c_void, dhParamsLen: usize, ) -> OSStatus; #[cfg(target_os = "macos")] pub fn SSLGetDiffieHellmanParams( context: SSLContextRef, dhParams: *mut *const c_void, dhParamsLen: *mut usize, ) -> OSStatus; pub fn SSLSetPeerID( context: SSLContextRef, peerID: *const c_void, peerIDLen: usize, ) -> OSStatus; pub fn SSLGetPeerID( context: SSLContextRef, peerID: *mut *const c_void, peerIDLen: *mut usize, ) -> OSStatus; pub fn SSLGetBufferedReadSize(context: SSLContextRef, bufSize: *mut usize) -> OSStatus; pub fn SSLGetClientCertificateState( context: SSLContextRef, clientState: *mut SSLClientCertificateState, ) -> OSStatus; pub fn SSLGetNegotiatedProtocolVersion( context: SSLContextRef, protocol: *mut SSLProtocol, ) -> OSStatus; pub fn SSLGetProtocolVersionMax( context: SSLContextRef, maxVersion: *mut SSLProtocol, ) -> OSStatus; pub fn SSLGetProtocolVersionMin( context: SSLContextRef, minVersion: *mut SSLProtocol, ) -> OSStatus; pub fn SSLSetProtocolVersionMax(context: SSLContextRef, maxVersion: SSLProtocol) -> OSStatus; pub fn SSLSetProtocolVersionMin(context: SSLContextRef, minVersion: SSLProtocol) -> OSStatus; #[cfg(target_os = "macos")] pub fn SSLSetProtocolVersionEnabled( context: SSLContextRef, protocol: SSLProtocol, enable: Boolean, ) -> OSStatus; #[cfg(feature = "OSX_10_13")] pub fn SSLSetALPNProtocols(context: SSLContextRef, protocols: CFArrayRef) -> OSStatus; #[cfg(feature = "OSX_10_13")] pub fn SSLCopyALPNProtocols(context: SSLContextRef, protocols: *mut CFArrayRef) -> OSStatus; } security-framework-sys-0.3.1/src/transform.rs010064400007650000120000000011601341022326500175510ustar0000000000000000use core_foundation_sys::base::{Boolean, CFTypeID, CFTypeRef}; use core_foundation_sys::error::CFErrorRef; use core_foundation_sys::string::CFStringRef; pub type SecTransformRef = CFTypeRef; extern "C" { pub static kSecTransformInputAttributeName: CFStringRef; pub fn SecTransformGetTypeID() -> CFTypeID; pub fn SecTransformSetAttribute( transformRef: SecTransformRef, key: CFStringRef, value: CFTypeRef, error: *mut CFErrorRef, ) -> Boolean; pub fn SecTransformExecute( transformRef: SecTransformRef, errorRef: *mut CFErrorRef, ) -> CFTypeRef; } security-framework-sys-0.3.1/src/trust.rs010064400007650000120000000031061343536327000167310ustar0000000000000000use base::SecCertificateRef; use base::SecKeyRef; use core_foundation_sys::array::CFArrayRef; use core_foundation_sys::base::{Boolean, CFIndex, CFTypeID, CFTypeRef, OSStatus}; pub type SecTrustResultType = u32; pub const kSecTrustResultInvalid: SecTrustResultType = 0; pub const kSecTrustResultProceed: SecTrustResultType = 1; pub const kSecTrustResultDeny: SecTrustResultType = 3; pub const kSecTrustResultUnspecified: SecTrustResultType = 4; pub const kSecTrustResultRecoverableTrustFailure: SecTrustResultType = 5; pub const kSecTrustResultFatalTrustFailure: SecTrustResultType = 6; pub const kSecTrustResultOtherError: SecTrustResultType = 7; pub enum __SecTrust {} pub type SecTrustRef = *mut __SecTrust; extern "C" { pub fn SecTrustGetTypeID() -> CFTypeID; pub fn SecTrustGetCertificateCount(trust: SecTrustRef) -> CFIndex; pub fn SecTrustGetCertificateAtIndex(trust: SecTrustRef, ix: CFIndex) -> SecCertificateRef; pub fn SecTrustSetAnchorCertificates( trust: SecTrustRef, anchorCertificates: CFArrayRef, ) -> OSStatus; pub fn SecTrustSetAnchorCertificatesOnly( trust: SecTrustRef, anchorCertificatesOnly: Boolean, ) -> OSStatus; pub fn SecTrustEvaluate(trust: SecTrustRef, result: *mut SecTrustResultType) -> OSStatus; pub fn SecTrustCreateWithCertificates( certificates: CFTypeRef, policies: CFTypeRef, trust: *mut SecTrustRef, ) -> OSStatus; pub fn SecTrustSetPolicies(trust: SecTrustRef, policies: CFTypeRef) -> OSStatus; pub fn SecTrustCopyPublicKey(trust: SecTrustRef) -> SecKeyRef; }