Mercurial > projects > dstep

diff dstep/security/cssmapple.d @ 11:07194b026fa4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added bindings to a couple of frameworks, new license + some other things
author Jacob Carlborg <doob@me.com>
date Sat, 01 Aug 2009 15:03:28 +0200
parents
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dstep/security/cssmapple.d	Sat Aug 01 15:03:28 2009 +0200
@@ -0,0 +1,635 @@
+/**
+ * Copyright: Copyright (c) 2009 Jacob Carlborg.
+ * Authors: Jacob Carlborg
+ * Version: Initial created: Jul 22, 2009 
+ * License: $(LINK2 http://www.boost.org/LICENSE_1_0.txt, Boost Software License 1.0)
+ */
+module dstep.security.cssmapple;
+
+import dstep.security.certextensions;
+import dstep.security.cssmerr;
+import dstep.security.cssmtype;
+import dstep.security.x509defs;
+//import dstep.stdbool;
+//import dstep.sys.types;
+
+alias uint CSSM_ACL_PREAUTH_TRACKING_STATE;
+alias uint CSSM_APPLE_TP_CRL_OPT_FLAGS;
+alias uint CSSM_APPLE_TP_ACTION_FLAGS;
+alias uint CSSM_TP_APPLE_CERT_STATUS;
+
+extern (C)
+{
+	extern
+	{
+		const CSSM_GUID gGuidCssm;
+		const CSSM_GUID gGuidAppleFileDL;
+		const CSSM_GUID gGuidAppleCSP;
+		const CSSM_GUID gGuidAppleCSPDL;
+		const CSSM_GUID gGuidAppleX509CL;
+		const CSSM_GUID gGuidAppleX509TP;
+		const CSSM_GUID gGuidAppleLDAPDL;
+		const CSSM_GUID gGuidAppleDotMacTP;
+		const CSSM_GUID gGuidAppleSdCSPDL;
+		const CSSM_GUID gGuidAppleDotMacDL;
+	}
+}
+
+enum
+{
+	CSSM_WORDID_KEYCHAIN_PROMPT = CSSM_WORDID_VENDOR_START,
+	CSSM_WORDID_KEYCHAIN_LOCK,
+	CSSM_WORDID_KEYCHAIN_CHANGE_LOCK,
+	CSSM_WORDID_PROCESS,
+	CSSM_WORDID__RESERVED_1,
+	CSSM_WORDID_SYMMETRIC_KEY,
+	CSSM_WORDID_SYSTEM,
+	CSSM_WORDID_KEY,
+	CSSM_WORDID_PIN,
+	CSSM_WORDID_PREAUTH,
+	CSSM_WORDID_PREAUTH_SOURCE,
+	CSSM_WORDID_ASYMMETRIC_KEY,
+	CSSM_WORDID__FIRST_UNUSED
+}
+
+enum
+{
+	CSSM_ACL_SUBJECT_TYPE_KEYCHAIN_PROMPT = CSSM_WORDID_KEYCHAIN_PROMPT,
+	CSSM_ACL_SUBJECT_TYPE_PROCESS = CSSM_WORDID_PROCESS,
+	CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE = CSSM_WORDID_SIGNATURE,
+	CSSM_ACL_SUBJECT_TYPE_COMMENT = CSSM_WORDID_COMMENT,
+	CSSM_ACL_SUBJECT_TYPE_SYMMETRIC_KEY = CSSM_WORDID_SYMMETRIC_KEY,
+	CSSM_ACL_SUBJECT_TYPE_PREAUTH = CSSM_WORDID_PREAUTH,
+	CSSM_ACL_SUBJECT_TYPE_PREAUTH_SOURCE = CSSM_WORDID_PREAUTH_SOURCE,
+	CSSM_ACL_SUBJECT_TYPE_ASYMMETRIC_KEY = CSSM_WORDID_ASYMMETRIC_KEY
+}
+
+enum
+{
+	CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT = CSSM_WORDID_KEYCHAIN_PROMPT,
+	CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK = CSSM_WORDID_KEYCHAIN_LOCK,
+	CSSM_SAMPLE_TYPE_KEYCHAIN_CHANGE_LOCK = CSSM_WORDID_KEYCHAIN_CHANGE_LOCK,
+	CSSM_SAMPLE_TYPE_PROCESS = CSSM_WORDID_PROCESS,
+	CSSM_SAMPLE_TYPE_COMMENT = CSSM_WORDID_COMMENT,
+	CSSM_SAMPLE_TYPE_RETRY_ID = CSSM_WORDID_PROPAGATE,
+	CSSM_SAMPLE_TYPE_SYMMETRIC_KEY = CSSM_WORDID_SYMMETRIC_KEY,
+	CSSM_SAMPLE_TYPE_PREAUTH = CSSM_WORDID_PREAUTH,
+	CSSM_SAMPLE_TYPE_ASYMMETRIC_KEY = CSSM_WORDID_ASYMMETRIC_KEY
+}
+
+enum
+{
+	CSSM_ACL_AUTHORIZATION_CHANGE_ACL = CSSM_ACL_AUTHORIZATION_TAG_VENDOR_DEFINED_START,
+	CSSM_ACL_AUTHORIZATION_CHANGE_OWNER,
+	CSSM_ACL_AUTHORIZATION_PREAUTH_BASE = CSSM_ACL_AUTHORIZATION_TAG_VENDOR_DEFINED_START + 0x1000000,
+	CSSM_ACL_AUTHORIZATION_PREAUTH_END = CSSM_ACL_AUTHORIZATION_PREAUTH_BASE + 0x10000
+}
+
+enum
+{
+	CSSM_ACL_CODE_SIGNATURE_INVALID = 0,
+	CSSM_ACL_CODE_SIGNATURE_OSX = 1
+}
+
+enum
+{
+	CSSM_ACL_MATCH_UID = 0x01,
+	CSSM_ACL_MATCH_GID = 0x02,
+	CSSM_ACL_MATCH_HONOR_ROOT = 0x100,
+	CSSM_ACL_MATCH_BITS = CSSM_ACL_MATCH_UID | CSSM_ACL_MATCH_GID
+}
+
+enum
+{
+	CSSM_ACL_PROCESS_SELECTOR_CURRENT_VERSION = 0x101
+}
+
+enum
+{
+	CSSM_ACL_KEYCHAIN_PROMPT_CURRENT_VERSION = 0x101
+}
+
+enum
+{
+	CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE = 0x0001,
+	CSSM_ACL_KEYCHAIN_PROMPT_UNSIGNED = 0x0010,
+	CSSM_ACL_KEYCHAIN_PROMPT_UNSIGNED_ACT = 0x0020,
+	CSSM_ACL_KEYCHAIN_PROMPT_INVALID = 0x0040,
+	CSSM_ACL_KEYCHAIN_PROMPT_INVALID_ACT = 0x0080
+}
+
+enum
+{
+	CSSM_ACL_PREAUTH_TRACKING_COUNT_MASK = 0xff,
+	CSSM_ACL_PREAUTH_TRACKING_BLOCKED = 0,
+	CSSM_ACL_PREAUTH_TRACKING_UNKNOWN = 0x40000000,
+	CSSM_ACL_PREAUTH_TRACKING_AUTHORIZED = 0x80000000
+}
+
+enum
+{
+	CSSM_DB_ACCESS_RESET = 0x10000
+}
+
+enum
+{
+	CSSM_ALGID_APPLE_YARROW = CSSM_ALGID_VENDOR_DEFINED,
+	CSSM_ALGID_AES,
+	CSSM_ALGID_FEE,
+	CSSM_ALGID_FEE_MD5,
+	CSSM_ALGID_FEE_SHA1,
+	CSSM_ALGID_FEED,
+	CSSM_ALGID_FEEDEXP,
+	CSSM_ALGID_ASC,
+	CSSM_ALGID_SHA1HMAC_LEGACY,
+	CSSM_ALGID_KEYCHAIN_KEY,
+	CSSM_ALGID_PKCS12_PBE_ENCR,
+	CSSM_ALGID_PKCS12_PBE_MAC,
+	CSSM_ALGID_SECURE_PASSPHRASE,
+	CSSM_ALGID_PBE_OPENSSL_MD5,
+	CSSM_ALGID_SHA256,
+	CSSM_ALGID_SHA384,
+	CSSM_ALGID_SHA512,
+	CSSM_ALGID_ENTROPY_DEFAULT,
+	CSSM_ALGID_SHA224,
+	CSSM_ALGID_SHA224WithRSA,
+	CSSM_ALGID_SHA256WithRSA,
+	CSSM_ALGID_SHA384WithRSA,
+	CSSM_ALGID_SHA512WithRSA,
+	CSSM_ALGID_OPENSSH1,
+	CSSM_ALGID__FIRST_UNUSED
+}
+
+enum
+{
+	CSSM_PADDING_APPLE_SSLv2 = CSSM_PADDING_VENDOR_DEFINED
+}
+
+enum
+{
+	CSSM_KEYBLOB_RAW_FORMAT_VENDOR_DEFINED = 0x80000000
+}
+
+enum
+{
+	CSSM_KEYBLOB_RAW_FORMAT_X509 = CSSM_KEYBLOB_RAW_FORMAT_VENDOR_DEFINED,
+	CSSM_KEYBLOB_RAW_FORMAT_OPENSSH,
+	CSSM_KEYBLOB_RAW_FORMAT_OPENSSL,
+	CSSM_KEYBLOB_RAW_FORMAT_OPENSSH2
+}
+
+enum
+{
+	CSSM_CUSTOM_COMMON_ERROR_EXTENT = 0x00e0,
+	CSSM_ERRCODE_NO_USER_INTERACTION = 0x00e0,
+	CSSM_ERRCODE_USER_CANCELED = 0x00e1,
+	CSSM_ERRCODE_SERVICE_NOT_AVAILABLE = 0x00e2,
+	CSSM_ERRCODE_INSUFFICIENT_CLIENT_IDENTIFICATION = 0x00e3,
+	CSSM_ERRCODE_DEVICE_RESET = 0x00e4,
+	CSSM_ERRCODE_DEVICE_FAILED = 0x00e5
+}
+
+enum
+{
+	CSSMERR_CSSM_NO_USER_INTERACTION = CSSM_CSSM_BASE_ERROR + CSSM_ERRCODE_NO_USER_INTERACTION,
+	CSSMERR_AC_NO_USER_INTERACTION = CSSM_AC_BASE_ERROR + CSSM_ERRCODE_NO_USER_INTERACTION,
+	CSSMERR_CSP_NO_USER_INTERACTION = CSSM_CSP_BASE_ERROR + CSSM_ERRCODE_NO_USER_INTERACTION,
+	CSSMERR_CL_NO_USER_INTERACTION = CSSM_CL_BASE_ERROR + CSSM_ERRCODE_NO_USER_INTERACTION,
+	CSSMERR_DL_NO_USER_INTERACTION = CSSM_DL_BASE_ERROR + CSSM_ERRCODE_NO_USER_INTERACTION,
+	CSSMERR_TP_NO_USER_INTERACTION = CSSM_TP_BASE_ERROR + CSSM_ERRCODE_NO_USER_INTERACTION,
+	CSSMERR_CSSM_USER_CANCELED = CSSM_CSSM_BASE_ERROR + CSSM_ERRCODE_USER_CANCELED,
+	CSSMERR_AC_USER_CANCELED = CSSM_AC_BASE_ERROR + CSSM_ERRCODE_USER_CANCELED,
+	CSSMERR_CSP_USER_CANCELED = CSSM_CSP_BASE_ERROR + CSSM_ERRCODE_USER_CANCELED,
+	CSSMERR_CL_USER_CANCELED = CSSM_CL_BASE_ERROR + CSSM_ERRCODE_USER_CANCELED,
+	CSSMERR_DL_USER_CANCELED = CSSM_DL_BASE_ERROR + CSSM_ERRCODE_USER_CANCELED,
+	CSSMERR_TP_USER_CANCELED = CSSM_TP_BASE_ERROR + CSSM_ERRCODE_USER_CANCELED,
+	CSSMERR_CSSM_SERVICE_NOT_AVAILABLE = CSSM_CSSM_BASE_ERROR + CSSM_ERRCODE_SERVICE_NOT_AVAILABLE,
+	CSSMERR_AC_SERVICE_NOT_AVAILABLE = CSSM_AC_BASE_ERROR + CSSM_ERRCODE_SERVICE_NOT_AVAILABLE,
+	CSSMERR_CSP_SERVICE_NOT_AVAILABLE = CSSM_CSP_BASE_ERROR + CSSM_ERRCODE_SERVICE_NOT_AVAILABLE,
+	CSSMERR_CL_SERVICE_NOT_AVAILABLE = CSSM_CL_BASE_ERROR + CSSM_ERRCODE_SERVICE_NOT_AVAILABLE,
+	CSSMERR_DL_SERVICE_NOT_AVAILABLE = CSSM_DL_BASE_ERROR + CSSM_ERRCODE_SERVICE_NOT_AVAILABLE,
+	CSSMERR_TP_SERVICE_NOT_AVAILABLE = CSSM_TP_BASE_ERROR + CSSM_ERRCODE_SERVICE_NOT_AVAILABLE,
+	CSSMERR_CSSM_INSUFFICIENT_CLIENT_IDENTIFICATION = CSSM_CSSM_BASE_ERROR + CSSM_ERRCODE_INSUFFICIENT_CLIENT_IDENTIFICATION,
+	CSSMERR_AC_INSUFFICIENT_CLIENT_IDENTIFICATION = CSSM_AC_BASE_ERROR + CSSM_ERRCODE_INSUFFICIENT_CLIENT_IDENTIFICATION,
+	CSSMERR_CSP_INSUFFICIENT_CLIENT_IDENTIFICATION = CSSM_CSP_BASE_ERROR + CSSM_ERRCODE_INSUFFICIENT_CLIENT_IDENTIFICATION,
+	CSSMERR_CL_INSUFFICIENT_CLIENT_IDENTIFICATION = CSSM_CL_BASE_ERROR + CSSM_ERRCODE_INSUFFICIENT_CLIENT_IDENTIFICATION,
+	CSSMERR_DL_INSUFFICIENT_CLIENT_IDENTIFICATION = CSSM_DL_BASE_ERROR + CSSM_ERRCODE_INSUFFICIENT_CLIENT_IDENTIFICATION,
+	CSSMERR_TP_INSUFFICIENT_CLIENT_IDENTIFICATION = CSSM_TP_BASE_ERROR + CSSM_ERRCODE_INSUFFICIENT_CLIENT_IDENTIFICATION,
+	CSSMERR_CSSM_DEVICE_RESET = CSSM_CSSM_BASE_ERROR + CSSM_ERRCODE_DEVICE_RESET,
+	CSSMERR_AC_DEVICE_RESET = CSSM_AC_BASE_ERROR + CSSM_ERRCODE_DEVICE_RESET,
+	CSSMERR_CSP_DEVICE_RESET = CSSM_CSP_BASE_ERROR + CSSM_ERRCODE_DEVICE_RESET,
+	CSSMERR_CL_DEVICE_RESET = CSSM_CL_BASE_ERROR + CSSM_ERRCODE_DEVICE_RESET,
+	CSSMERR_DL_DEVICE_RESET = CSSM_DL_BASE_ERROR + CSSM_ERRCODE_DEVICE_RESET,
+	CSSMERR_TP_DEVICE_RESET = CSSM_TP_BASE_ERROR + CSSM_ERRCODE_DEVICE_RESET,
+	CSSMERR_CSSM_DEVICE_FAILED = CSSM_CSSM_BASE_ERROR + CSSM_ERRCODE_DEVICE_FAILED,
+	CSSMERR_AC_DEVICE_FAILED = CSSM_AC_BASE_ERROR + CSSM_ERRCODE_DEVICE_FAILED,
+	CSSMERR_CSP_DEVICE_FAILED = CSSM_CSP_BASE_ERROR + CSSM_ERRCODE_DEVICE_FAILED,
+	CSSMERR_CL_DEVICE_FAILED = CSSM_CL_BASE_ERROR + CSSM_ERRCODE_DEVICE_FAILED,
+	CSSMERR_DL_DEVICE_FAILED = CSSM_DL_BASE_ERROR + CSSM_ERRCODE_DEVICE_FAILED,
+	CSSMERR_TP_DEVICE_FAILED = CSSM_TP_BASE_ERROR + CSSM_ERRCODE_DEVICE_FAILED
+}
+
+enum
+{
+	CSSMERR_CSP_APPLE_ADD_APPLICATION_ACL_SUBJECT = CSSM_CSP_PRIVATE_ERROR + 0,
+	CSSMERR_CSP_APPLE_PUBLIC_KEY_INCOMPLETE = CSSM_CSP_PRIVATE_ERROR + 1,
+	CSSMERR_CSP_APPLE_SIGNATURE_MISMATCH = CSSM_CSP_PRIVATE_ERROR + 2,
+	CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE = CSSM_CSP_PRIVATE_ERROR + 3,
+	CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE = CSSM_CSP_PRIVATE_ERROR + 4,
+	CSSMERR_CSPDL_APPLE_DL_CONVERSION_ERROR = CSSM_CSP_PRIVATE_ERROR + 5,
+	CSSMERR_CSP_APPLE_SSLv2_ROLLBACK = CSSM_CSP_PRIVATE_ERROR + 6
+}
+
+enum
+{
+	CSSM_DL_DB_RECORD_GENERIC_PASSWORD = CSSM_DB_RECORDTYPE_APP_DEFINED_START + 0,
+	CSSM_DL_DB_RECORD_INTERNET_PASSWORD = CSSM_DB_RECORDTYPE_APP_DEFINED_START + 1,
+	CSSM_DL_DB_RECORD_APPLESHARE_PASSWORD = CSSM_DB_RECORDTYPE_APP_DEFINED_START + 2,
+	CSSM_DL_DB_RECORD_X509_CERTIFICATE = CSSM_DB_RECORDTYPE_APP_DEFINED_START + 0x1000,
+	CSSM_DL_DB_RECORD_USER_TRUST,
+	CSSM_DL_DB_RECORD_X509_CRL,
+	CSSM_DL_DB_RECORD_UNLOCK_REFERRAL,
+	CSSM_DL_DB_RECORD_EXTENDED_ATTRIBUTE,
+	CSSM_DL_DB_RECORD_METADATA = CSSM_DB_RECORDTYPE_APP_DEFINED_START + 0x8000
+}
+
+enum
+{
+	CSSM_APPLEFILEDL_TOGGLE_AUTOCOMMIT,
+	CSSM_APPLEFILEDL_COMMIT,
+	CSSM_APPLEFILEDL_ROLLBACK
+}
+
+enum
+{
+	CSSM_APPLE_UNLOCK_TYPE_KEY_DIRECT = 1,
+	CSSM_APPLE_UNLOCK_TYPE_WRAPPED_PRIVATE = 2
+}
+
+enum
+{
+	CSSMERR_APPLEDL_INVALID_OPEN_PARAMETERS = CSSM_DL_PRIVATE_ERROR + 0,
+	CSSMERR_APPLEDL_DISK_FULL = CSSM_DL_PRIVATE_ERROR + 1,
+	CSSMERR_APPLEDL_QUOTA_EXCEEDED = CSSM_DL_PRIVATE_ERROR + 2,
+	CSSMERR_APPLEDL_FILE_TOO_BIG = CSSM_DL_PRIVATE_ERROR + 3,
+	CSSMERR_APPLEDL_INVALID_DATABASE_BLOB = CSSM_DL_PRIVATE_ERROR + 4,
+	CSSMERR_APPLEDL_INVALID_KEY_BLOB = CSSM_DL_PRIVATE_ERROR + 5,
+	CSSMERR_APPLEDL_INCOMPATIBLE_DATABASE_BLOB = CSSM_DL_PRIVATE_ERROR + 6,
+	CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB = CSSM_DL_PRIVATE_ERROR + 7
+}
+
+enum
+{
+	CSSMERR_APPLETP_HOSTNAME_MISMATCH = CSSM_TP_PRIVATE_ERROR + 0,
+	CSSMERR_APPLETP_UNKNOWN_CRITICAL_EXTEN = CSSM_TP_PRIVATE_ERROR + 1,
+	CSSMERR_APPLETP_NO_BASIC_CONSTRAINTS = CSSM_TP_PRIVATE_ERROR + 2,
+	CSSMERR_APPLETP_INVALID_CA = CSSM_TP_PRIVATE_ERROR + 3,
+	CSSMERR_APPLETP_INVALID_AUTHORITY_ID = CSSM_TP_PRIVATE_ERROR + 4,
+	CSSMERR_APPLETP_INVALID_SUBJECT_ID = CSSM_TP_PRIVATE_ERROR + 5,
+	CSSMERR_APPLETP_INVALID_KEY_USAGE = CSSM_TP_PRIVATE_ERROR + 6,
+	CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE = CSSM_TP_PRIVATE_ERROR + 7,
+	CSSMERR_APPLETP_INVALID_ID_LINKAGE = CSSM_TP_PRIVATE_ERROR + 8,
+	CSSMERR_APPLETP_PATH_LEN_CONSTRAINT = CSSM_TP_PRIVATE_ERROR + 9,
+	CSSMERR_APPLETP_INVALID_ROOT = CSSM_TP_PRIVATE_ERROR + 10,
+	CSSMERR_APPLETP_CRL_EXPIRED = CSSM_TP_PRIVATE_ERROR + 11,
+	CSSMERR_APPLETP_CRL_NOT_VALID_YET = CSSM_TP_PRIVATE_ERROR + 12,
+	CSSMERR_APPLETP_CRL_NOT_FOUND = CSSM_TP_PRIVATE_ERROR + 13,
+	CSSMERR_APPLETP_CRL_SERVER_DOWN = CSSM_TP_PRIVATE_ERROR + 14,
+	CSSMERR_APPLETP_CRL_BAD_URI = CSSM_TP_PRIVATE_ERROR + 15,
+	CSSMERR_APPLETP_UNKNOWN_CERT_EXTEN = CSSM_TP_PRIVATE_ERROR + 16,
+	CSSMERR_APPLETP_UNKNOWN_CRL_EXTEN = CSSM_TP_PRIVATE_ERROR + 17,
+	CSSMERR_APPLETP_CRL_NOT_TRUSTED = CSSM_TP_PRIVATE_ERROR + 18,
+	CSSMERR_APPLETP_CRL_INVALID_ANCHOR_CERT = CSSM_TP_PRIVATE_ERROR + 19,
+	CSSMERR_APPLETP_CRL_POLICY_FAIL = CSSM_TP_PRIVATE_ERROR + 20,
+	CSSMERR_APPLETP_IDP_FAIL = CSSM_TP_PRIVATE_ERROR + 21,
+	CSSMERR_APPLETP_CERT_NOT_FOUND_FROM_ISSUER = CSSM_TP_PRIVATE_ERROR + 22,
+	CSSMERR_APPLETP_BAD_CERT_FROM_ISSUER = CSSM_TP_PRIVATE_ERROR + 23,
+	CSSMERR_APPLETP_SMIME_EMAIL_ADDRS_NOT_FOUND = CSSM_TP_PRIVATE_ERROR + 24,
+	CSSMERR_APPLETP_SMIME_BAD_EXT_KEY_USE = CSSM_TP_PRIVATE_ERROR + 25,
+	CSSMERR_APPLETP_SMIME_BAD_KEY_USE = CSSM_TP_PRIVATE_ERROR + 26,
+	CSSMERR_APPLETP_SMIME_KEYUSAGE_NOT_CRITICAL = CSSM_TP_PRIVATE_ERROR + 27,
+	CSSMERR_APPLETP_SMIME_NO_EMAIL_ADDRS = CSSM_TP_PRIVATE_ERROR + 28,
+	CSSMERR_APPLETP_SMIME_SUBJ_ALT_NAME_NOT_CRIT = CSSM_TP_PRIVATE_ERROR + 29,
+	CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE = CSSM_TP_PRIVATE_ERROR + 30,
+	CSSMERR_APPLETP_OCSP_BAD_RESPONSE = CSSM_TP_PRIVATE_ERROR + 31,
+	CSSMERR_APPLETP_OCSP_BAD_REQUEST = CSSM_TP_PRIVATE_ERROR + 32,
+	CSSMERR_APPLETP_OCSP_UNAVAILABLE = CSSM_TP_PRIVATE_ERROR + 33,
+	CSSMERR_APPLETP_OCSP_STATUS_UNRECOGNIZED = CSSM_TP_PRIVATE_ERROR + 34,
+	CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK = CSSM_TP_PRIVATE_ERROR + 35,
+	CSSMERR_APPLETP_NETWORK_FAILURE = CSSM_TP_PRIVATE_ERROR + 36,
+	CSSMERR_APPLETP_OCSP_NOT_TRUSTED = CSSM_TP_PRIVATE_ERROR + 37,
+	CSSMERR_APPLETP_OCSP_INVALID_ANCHOR_CERT = CSSM_TP_PRIVATE_ERROR + 38,
+	CSSMERR_APPLETP_OCSP_SIG_ERROR = CSSM_TP_PRIVATE_ERROR + 39,
+	CSSMERR_APPLETP_OCSP_NO_SIGNER = CSSM_TP_PRIVATE_ERROR + 40,
+	CSSMERR_APPLETP_OCSP_RESP_MALFORMED_REQ = CSSM_TP_PRIVATE_ERROR + 41,
+	CSSMERR_APPLETP_OCSP_RESP_INTERNAL_ERR = CSSM_TP_PRIVATE_ERROR + 42,
+	CSSMERR_APPLETP_OCSP_RESP_TRY_LATER = CSSM_TP_PRIVATE_ERROR + 43,
+	CSSMERR_APPLETP_OCSP_RESP_SIG_REQUIRED = CSSM_TP_PRIVATE_ERROR + 44,
+	CSSMERR_APPLETP_OCSP_RESP_UNAUTHORIZED = CSSM_TP_PRIVATE_ERROR + 45,
+	CSSMERR_APPLETP_OCSP_NONCE_MISMATCH = CSSM_TP_PRIVATE_ERROR + 46,
+	CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH = CSSM_TP_PRIVATE_ERROR + 47,
+	CSSMERR_APPLETP_CS_NO_BASIC_CONSTRAINTS = CSSM_TP_PRIVATE_ERROR + 48,
+	CSSMERR_APPLETP_CS_BAD_PATH_LENGTH = CSSM_TP_PRIVATE_ERROR + 49,
+	CSSMERR_APPLETP_CS_NO_EXTENDED_KEY_USAGE = CSSM_TP_PRIVATE_ERROR + 50,
+	CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT = CSSM_TP_PRIVATE_ERROR + 51,
+	CSSMERR_APPLETP_RS_BAD_CERT_CHAIN_LENGTH = CSSM_TP_PRIVATE_ERROR + 52,
+	CSSMERR_APPLETP_RS_BAD_EXTENDED_KEY_USAGE = CSSM_TP_PRIVATE_ERROR + 53,
+	CSSMERR_APPLETP_TRUST_SETTING_DENY = CSSM_TP_PRIVATE_ERROR + 54,
+	CSSMERR_APPLETP_INVALID_EMPTY_SUBJECT = CSSM_TP_PRIVATE_ERROR + 55,
+	CSSMERR_APPLETP_UNKNOWN_QUAL_CERT_STATEMENT = CSSM_TP_PRIVATE_ERROR + 56
+}
+
+enum
+{
+	CSSMERR_APPLE_DOTMAC_REQ_QUEUED = CSSM_TP_PRIVATE_ERROR + 100,
+	CSSMERR_APPLE_DOTMAC_REQ_REDIRECT = CSSM_TP_PRIVATE_ERROR + 101,
+	CSSMERR_APPLE_DOTMAC_REQ_SERVER_ERR = CSSM_TP_PRIVATE_ERROR + 102,
+	CSSMERR_APPLE_DOTMAC_REQ_SERVER_PARAM = CSSM_TP_PRIVATE_ERROR + 103,
+	CSSMERR_APPLE_DOTMAC_REQ_SERVER_AUTH = CSSM_TP_PRIVATE_ERROR + 104,
+	CSSMERR_APPLE_DOTMAC_REQ_SERVER_UNIMPL = CSSM_TP_PRIVATE_ERROR + 105,
+	CSSMERR_APPLE_DOTMAC_REQ_SERVER_NOT_AVAIL = CSSM_TP_PRIVATE_ERROR + 106,
+	CSSMERR_APPLE_DOTMAC_REQ_SERVER_ALREADY_EXIST = CSSM_TP_PRIVATE_ERROR + 107,
+	CSSMERR_APPLE_DOTMAC_REQ_SERVER_SERVICE_ERROR = CSSM_TP_PRIVATE_ERROR + 108,
+	CSSMERR_APPLE_DOTMAC_REQ_IS_PENDING = CSSM_TP_PRIVATE_ERROR + 109,
+	CSSMERR_APPLE_DOTMAC_NO_REQ_PENDING = CSSM_TP_PRIVATE_ERROR + 110,
+	CSSMERR_APPLE_DOTMAC_CSR_VERIFY_FAIL = CSSM_TP_PRIVATE_ERROR + 111,
+	CSSMERR_APPLE_DOTMAC_FAILED_CONSISTENCY_CHECK = CSSM_TP_PRIVATE_ERROR + 112
+}
+
+enum
+{
+	CSSM_APPLEDL_OPEN_PARAMETERS_VERSION = 1
+}
+
+enum cssm_appledl_open_parameters_mask
+
+{
+	kCSSM_APPLEDL_MASK_MODE = (1 << 0)
+}
+
+enum
+{
+	CSSM_APPLECSPDL_DB_LOCK = 0,
+	CSSM_APPLECSPDL_DB_UNLOCK = 1,
+	CSSM_APPLECSPDL_DB_GET_SETTINGS = 2,
+	CSSM_APPLECSPDL_DB_SET_SETTINGS = 3,
+	CSSM_APPLECSPDL_DB_IS_LOCKED = 4,
+	CSSM_APPLECSPDL_DB_CHANGE_PASSWORD = 5,
+	CSSM_APPLECSPDL_DB_GET_HANDLE = 6,
+	CSSM_APPLESCPDL_CSP_GET_KEYHANDLE = 7,
+	CSSM_APPLE_PRIVATE_CSPDL_CODE_8 = 8,
+	CSSM_APPLE_PRIVATE_CSPDL_CODE_9 = 9,
+	CSSM_APPLE_PRIVATE_CSPDL_CODE_10 = 10,
+	CSSM_APPLE_PRIVATE_CSPDL_CODE_11 = 11,
+	CSSM_APPLE_PRIVATE_CSPDL_CODE_12 = 12,
+	CSSM_APPLE_PRIVATE_CSPDL_CODE_13 = 13,
+	CSSM_APPLE_PRIVATE_CSPDL_CODE_14 = 14,
+	CSSM_APPLE_PRIVATE_CSPDL_CODE_15 = 15,
+	CSSM_APPLECSP_KEYDIGEST = 0x100
+}
+
+enum
+{
+	CSSM_KEYBLOB_WRAPPED_FORMAT_APPLE_CUSTOM = 100,
+	CSSM_KEYBLOB_WRAPPED_FORMAT_OPENSSL,
+	CSSM_KEYBLOB_WRAPPED_FORMAT_OPENSSH1
+}
+
+enum
+{
+	CSSM_ATTRIBUTE_VENDOR_DEFINED = 0x800000
+}
+
+enum
+{
+	CSSM_ATTRIBUTE_PUBLIC_KEY = (CSSM_ATTRIBUTE_DATA_KEY | (CSSM_ATTRIBUTE_VENDOR_DEFINED + 0)),
+	CSSM_ATTRIBUTE_FEE_PRIME_TYPE = (CSSM_ATTRIBUTE_DATA_UINT32 | (CSSM_ATTRIBUTE_VENDOR_DEFINED + 1)),
+	CSSM_ATTRIBUTE_FEE_CURVE_TYPE = (CSSM_ATTRIBUTE_DATA_UINT32 | (CSSM_ATTRIBUTE_VENDOR_DEFINED + 2)),
+	CSSM_ATTRIBUTE_ASC_OPTIMIZATION = (CSSM_ATTRIBUTE_DATA_UINT32 | (CSSM_ATTRIBUTE_VENDOR_DEFINED + 3)),
+	CSSM_ATTRIBUTE_RSA_BLINDING = (CSSM_ATTRIBUTE_DATA_UINT32 | (CSSM_ATTRIBUTE_VENDOR_DEFINED + 4)),
+	CSSM_ATTRIBUTE_PARAM_KEY = (CSSM_ATTRIBUTE_DATA_KEY | (CSSM_ATTRIBUTE_VENDOR_DEFINED + 5)),
+	CSSM_ATTRIBUTE_PROMPT = (CSSM_ATTRIBUTE_DATA_CSSM_DATA | (CSSM_ATTRIBUTE_VENDOR_DEFINED + 6)),
+	CSSM_ATTRIBUTE_ALERT_TITLE = (CSSM_ATTRIBUTE_DATA_CSSM_DATA | (CSSM_ATTRIBUTE_VENDOR_DEFINED + 7)),
+	CSSM_ATTRIBUTE_VERIFY_PASSPHRASE = (CSSM_ATTRIBUTE_DATA_UINT32 | (CSSM_ATTRIBUTE_VENDOR_DEFINED + 8))
+}
+
+enum
+{
+	CSSM_FEE_PRIME_TYPE_DEFAULT = 0,
+	CSSM_FEE_PRIME_TYPE_MERSENNE,
+	CSSM_FEE_PRIME_TYPE_FEE,
+	CSSM_FEE_PRIME_TYPE_GENERAL
+}
+
+enum
+{
+	CSSM_FEE_CURVE_TYPE_DEFAULT = 0,
+	CSSM_FEE_CURVE_TYPE_MONTGOMERY,
+	CSSM_FEE_CURVE_TYPE_WEIERSTRASS
+}
+
+enum
+{
+	CSSM_ASC_OPTIMIZE_DEFAULT = 0,
+	CSSM_ASC_OPTIMIZE_SIZE,
+	CSSM_ASC_OPTIMIZE_SECURITY,
+	CSSM_ASC_OPTIMIZE_TIME,
+	CSSM_ASC_OPTIMIZE_TIME_SIZE,
+	CSSM_ASC_OPTIMIZE_ASCII
+}
+
+enum
+{
+	CSSM_KEYATTR_PARTIAL = 0x00010000,
+	CSSM_KEYATTR_PUBLIC_KEY_ENCRYPT = 0x00020000
+}
+
+enum
+{
+	CSSM_TP_ACTION_REQUIRE_CRL_PER_CERT = 0x00000001,
+	CSSM_TP_ACTION_FETCH_CRL_FROM_NET = 0x00000002,
+	CSSM_TP_ACTION_CRL_SUFFICIENT = 0x00000004,
+	CSSM_TP_ACTION_REQUIRE_CRL_IF_PRESENT = 0x00000008
+}
+
+enum
+{
+	CSSM_TP_ACTION_ALLOW_EXPIRED = 0x00000001,
+	CSSM_TP_ACTION_LEAF_IS_CA = 0x00000002,
+	CSSM_TP_ACTION_FETCH_CERT_FROM_NET = 0x00000004,
+	CSSM_TP_ACTION_ALLOW_EXPIRED_ROOT = 0x00000008,
+	CSSM_TP_ACTION_REQUIRE_REV_PER_CERT = 0x00000010,
+	CSSM_TP_ACTION_TRUST_SETTINGS = 0x00000020,
+	CSSM_TP_ACTION_IMPLICIT_ANCHORS = 0x00000040
+}
+
+enum
+{
+	CSSM_CERT_STATUS_EXPIRED = 0x00000001,
+	CSSM_CERT_STATUS_NOT_VALID_YET = 0x00000002,
+	CSSM_CERT_STATUS_IS_IN_INPUT_CERTS = 0x00000004,
+	CSSM_CERT_STATUS_IS_IN_ANCHORS = 0x00000008,
+	CSSM_CERT_STATUS_IS_ROOT = 0x00000010,
+	CSSM_CERT_STATUS_IS_FROM_NET = 0x00000020,
+	CSSM_CERT_STATUS_TRUST_SETTINGS_FOUND_USER = 0x00000040,
+	CSSM_CERT_STATUS_TRUST_SETTINGS_FOUND_ADMIN = 0x00000080,
+	CSSM_CERT_STATUS_TRUST_SETTINGS_FOUND_SYSTEM = 0x00000100,
+	CSSM_CERT_STATUS_TRUST_SETTINGS_TRUST = 0x00000200,
+	CSSM_CERT_STATUS_TRUST_SETTINGS_DENY = 0x00000400,
+	CSSM_CERT_STATUS_TRUST_SETTINGS_IGNORED_ERROR = 0x00000800
+}
+
+enum
+{
+	CSSM_EVIDENCE_FORM_APPLE_HEADER = 0x80000000 + 0,
+	CSSM_EVIDENCE_FORM_APPLE_CERTGROUP = 0x80000000 + 1,
+	CSSM_EVIDENCE_FORM_APPLE_CERT_INFO = 0x80000000 + 2
+}
+
+enum
+{
+	CSSM_APPLEX509CL_OBTAIN_CSR,
+	CSSM_APPLEX509CL_VERIFY_CSR
+}
+
+struct CSSM_ACL_PROCESS_SUBJECT_SELECTOR
+{
+	ushort version_;
+	ushort mask;
+	uint uid;
+	uint gid;
+}
+
+
+struct CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR
+{
+	ushort version_;
+	ushort flags;
+}
+
+
+struct CSSM_APPLEDL_OPEN_PARAMETERS
+{
+	uint length;
+	uint version_;
+	int autoCommit;
+	uint mask;
+	ushort mode;
+}
+
+
+struct CSSM_APPLECSPDL_DB_SETTINGS_PARAMETERS
+{
+	uint idleTimeout;
+	ubyte lockOnSleep;
+}
+
+
+struct CSSM_APPLECSPDL_DB_IS_LOCKED_PARAMETERS
+{
+	ubyte isLocked;
+}
+
+
+struct CSSM_APPLECSPDL_DB_CHANGE_PASSWORD_PARAMETERS
+{
+	CSSM_ACCESS_CREDENTIALS* accessCredentials;
+}
+
+
+struct CSSM_APPLE_TP_NAME_OID
+{
+	char* string;
+	CSSM_OID* oid;
+}
+
+
+struct CSSM_APPLE_TP_CERT_REQUEST
+{
+	int cspHand;
+	int clHand;
+	uint serialNumber;
+	uint numSubjectNames;
+	CSSM_APPLE_TP_NAME_OID* subjectNames;
+	uint numIssuerNames;
+	CSSM_APPLE_TP_NAME_OID* issuerNames;
+	CSSM_X509_NAME_PTR issuerNameX509;
+	CSSM_KEY* certPublicKey;
+	CSSM_KEY* issuerPrivateKey;
+	uint signatureAlg;
+	CSSM_OID signatureOid;
+	uint notBefore;
+	uint notAfter;
+	uint numExtensions;
+	CE_DataAndType* extensions;
+	char* challengeString;
+}
+
+
+struct CSSM_APPLE_TP_SSL_OPTIONS
+{
+	uint Version;
+	uint ServerNameLen;
+	char* ServerName;
+	uint Flags;
+}
+
+
+struct CSSM_APPLE_TP_CRL_OPTIONS
+{
+	uint Version;
+	uint CrlFlags;
+	CSSM_DL_DB_HANDLE_PTR crlStore;
+}
+
+
+struct CSSM_APPLE_TP_SMIME_OPTIONS
+{
+	uint Version;
+	ushort IntendedUsage;
+	uint SenderEmailLen;
+	char* SenderEmail;
+}
+
+
+struct CSSM_APPLE_TP_ACTION_DATA
+{
+	uint Version;
+	uint ActionFlags;
+}
+
+
+struct CSSM_TP_APPLE_EVIDENCE_INFO
+{
+	uint StatusBits;
+	uint NumStatusCodes;
+	CSSM_RETURN* StatusCodes;
+	uint Index;
+	CSSM_DL_DB_HANDLE DlDbHandle;
+	CSSM_DB_UNIQUE_RECORD_PTR UniqueRecord;
+}
+
+
+struct CSSM_TP_APPLE_EVIDENCE_HEADER
+{
+	uint Version;
+}
+
+
+struct CSSM_APPLE_CL_CSR_REQUEST
+{
+	CSSM_X509_NAME_PTR subjectNameX509;
+	uint signatureAlg;
+	CSSM_OID signatureOid;
+	int cspHand;
+	CSSM_KEY* subjectPublicKey;
+	CSSM_KEY* subjectPrivateKey;
+	char* challengeString;
+}
+
+extern (C)
+{
+	void cssmPerror (char* how, int error);
+	bool cssmOidToAlg (CSSM_OID* oid, CSSM_ALGORITHMS* alg);
+	CSSM_OID* cssmAlgToOid (uint algId);
+}
\ No newline at end of file