Remove orphaned Apple PKINIT support

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25830 dc483132-0cff-0310-8789-dd5450dbe970

1 files changed, 0 insertions, 179 deletions

diff --git a/src/include/pkinit_cms.h b/src/include/pkinit_cms.h
deleted file mode 100644
index 832e00d5b..000000000
--- a/src/include/pkinit_cms.h
+++ /dev/null
@@ -1,179 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright (c) 2004-2008 Apple Inc.  All Rights Reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government.  It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Apple Inc. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Apple Inc. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/*
- * pkinit_apple_cms.h - CMS encode/decode routines, Mac OS X version
- *
- * Created 19 May 2004 by Doug Mitchell at Apple.
- */
-
-#ifndef _PKINIT_CMS_H_
-#define _PKINIT_CMS_H_
-
-#include <krb5/krb5.h>
-#include "pkinit_cert_store.h"   /* for krb5_pkinit_signing_cert_t */
-#include "pkinit_asn1.h"         /* for krb5int_algorithm_id */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * Define ContentType for a SignedData and EnvelopedData.
- */
-enum {
-    /* normal CMS ContentTypes */
-    ECT_Data,
-    ECT_SignedData,
-    ECT_EnvelopedData,
-    ECT_EncryptedData,
-
-    /*
-     * For SignedAuthPack
-     * pkauthdata: { iso (1) org (3) dod (6) internet (1)
-     *               security (5) kerberosv5 (2) pkinit (3) pkauthdata (1)}
-     */
-    ECT_PkAuthData,
-
-    /*
-     * For ReplyKeyPack
-     * pkrkeydata: { iso (1) org (3) dod (6) internet (1)
-     *               security (5) kerberosv5 (2) pkinit (3) pkrkeydata (3) }
-     */
-    ECT_PkReplyKeyKata,
-
-    /*
-     * Other - i.e., unrecognized ContentType on decode.
-     */
-    ECT_Other
-};
-typedef krb5_int32 krb5int_cms_content_type;
-
-/*
- * Result of certificate and signature verification.
- */
-enum {
-    pki_cs_good = 0,
-    pki_not_signed,         /* message not signed */
-    pki_not_evaluated,      /* signed, but not evaluated per caller request */
-    /* remainder imply good signature on the message proper, i.e., these
-     * are all certificate errors. */
-    pki_cs_sig_verify_fail, /* signature verification failed */
-    pki_cs_bad_leaf,        /* leaf/subject cert itself is plain bad */
-    pki_cs_no_root,         /* looks good but not verifiable to any root */
-    pki_cs_unknown_root,    /* verified to root we don't recognize */
-    pki_cs_expired,         /* expired */
-    pki_cs_not_valid_yet,   /* cert not valid yet */
-    pki_cs_revoked,         /* revoked via CRL or OCSP */
-    pki_cs_untrusted,       /* marked by user as untrusted */
-    pki_bad_cms,            /* CMS Format precluded verification */
-    pki_bad_key_use,        /* Bad ExtendedKeyUse or KeyUsage extension */
-    pki_bad_digest,         /* unacceptable CMS digest algorithm */
-    pki_cs_other_err        /* other cert verify error */
-};
-typedef krb5_int32 krb5int_cert_sig_status;
-
-/*
- * Create a CMS message: either encrypted (EnvelopedData), signed
- * (SignedData), or both (EnvelopedData(SignedData(content)).
- *
- * The message is signed iff signing_cert is non-NULL.
- * The message is encrypted iff recip_cert is non-NULL.
- *
- * The content_type argument specifies to the eContentType
- * for a SignedData's EncapsulatedContentInfo; it's ignored
- * if the message is not to be signed.
- *
- * The cms_types argument optionally specifies a list, in order
- * of decreasing preference, of CMS algorithms to use in the
- * creation of the CMS message.
- */
-krb5_error_code krb5int_pkinit_create_cms_msg(
-    const krb5_data             *content,       /* Content */
-    krb5_pkinit_signing_cert_t  signing_cert,   /* optional: signed by this cert */
-    const krb5_data             *recip_cert,    /* optional: encrypted with this cert */
-    krb5int_cms_content_type    content_type,   /* OID for EncapsulatedData */
-    krb5_ui_4                   num_cms_types,  /* optional */
-    const krb5int_algorithm_id  *cms_types,     /* optional */
-    krb5_data                   *content_info); /* contents mallocd and RETURNED */
-
-/*
- * Parse a ContentInfo as best we can. All returned fields are optional -
- * pass NULL for values you don't need.
- *
- * If signer_cert_status is NULL on entry, NO signature or cert evaluation
- * will be performed.
- *
- * The is_client_msg argument indicates whether the CMS message originated
- * from the client (TRUE) or server (FALSE) and may be used in platform-
- * dependent certificate evaluation.
- *
- * Note that signature and certificate verification errors do NOT cause
- * this routine itself to return an error; caller is reponsible for
- * handling such errors per the signer_cert_status out parameter.
- */
-krb5_error_code krb5int_pkinit_parse_cms_msg(
-    const krb5_data     *content_info,
-    krb5_pkinit_cert_db_t cert_db,              /* may be required for SignedData */
-    krb5_boolean        is_client_msg,          /* TRUE : msg is from client */
-    krb5_boolean        *is_signed,             /* RETURNED */
-    krb5_boolean        *is_encrypted,          /* RETURNED */
-    krb5_data           *raw_data,              /* RETURNED */
-    krb5int_cms_content_type *inner_content_type,/* Returned, ContentType of
-                                                  *   EncapsulatedData if
-                                                  *   *is_signed true */
-    /* returned for type SignedData only */
-    krb5_data           *signer_cert,           /* RETURNED */
-    krb5int_cert_sig_status *signer_cert_status,/* RETURNED */
-    unsigned            *num_all_certs,         /* size of *all_certs RETURNED */
-    krb5_data           **all_certs);           /* entire cert chain RETURNED */
-
-/*
- * An AuthPack contains an optional set of AlgorithmIdentifiers
- * which define the CMS algorithms supported by the client, in
- * order of decreasing preference.
- *
- * krb5int_pkinit_get_cms_types() is a CMS-implementation-dependent
- * function returning supported CMS algorithms in the form of a
- * pointer and a length suitable for passing to
- * krb5int_pkinit_auth_pack_encode. If no preference is to be expressed,
- * this function returns NULL/0 (without returning a nonzero krb5_error_code).
- *
- * krb5int_pkinit_free_cms_types() frees the pointer obtained
- * from krb5int_pkinit_get_cms_types() as necessary.
- */
-krb5_error_code krb5int_pkinit_get_cms_types(
-    krb5int_algorithm_id    **supported_cms_types,      /* RETURNED */
-    krb5_ui_4               *num_supported_cms_types);  /* RETURNED */
-
-krb5_error_code krb5int_pkinit_free_cms_types(
-    krb5int_algorithm_id    *supported_cms_types,
-    krb5_ui_4               num_supported_cms_types);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif  /* _PKINIT_CMS_H_ */