(fixes issue #549) Security additions by Matt Gallagher

This commit is contained in:
Christopher Lloyd 2010-04-01 12:05:15 -04:00
parent 39a42ab89a
commit f730b121e6
3 changed files with 70 additions and 0 deletions

View File

@ -66,6 +66,8 @@ enum {
kSecAccountItemAttr='acct',
kSecServerItemAttr='srvr',
kSecProtocolItemAttr='ptcl',
kSecServiceItemAttr='svce',
kSecGenericPasswordItemClass='genp'
};
// Keychain Item Class
@ -77,6 +79,8 @@ enum {
errSecItemNotFound=-25300
};
SECURITY_EXPORT OSStatus SecKeychainFindGenericPassword (CFTypeRef keychainOrArray, UInt32 serviceNameLength, const char *serviceName, UInt32 accountNameLength, const char *accountName, UInt32 *passwordLength, void **passwordData, SecKeychainItemRef *itemRef);
SECURITY_EXPORT OSStatus SecKeychainAddGenericPassword (SecKeychainRef keychain, UInt32 serviceNameLength, const char *serviceName, UInt32 accountNameLength, const char *accountName, UInt32 passwordLength, void *passwordData, SecKeychainItemRef *itemRef);
SECURITY_EXPORT OSStatus SecKeychainSearchCreateFromAttributes(CFTypeRef keychainOrArray,SecItemClass itemClass,const SecKeychainAttributeList *attributeList,SecKeychainSearchRef *resultSearch);
SECURITY_EXPORT OSStatus SecKeychainSearchCopyNext(SecKeychainSearchRef search,SecKeychainItemRef *resultItem);
@ -84,6 +88,7 @@ SECURITY_EXPORT OSStatus SecKeychainSearchCopyNext(SecKeychainSearchRef search,S
SECURITY_EXPORT OSStatus SecKeychainItemCopyAttributesAndData(SecKeychainItemRef item,SecKeychainAttributeInfo *info,SecItemClass *itemClass,SecKeychainAttributeList **attributeList,UInt32 *length,void **resultBytes);
SECURITY_EXPORT OSStatus SecKeychainItemModifyAttributesAndData(SecKeychainItemRef item,const SecKeychainAttributeList *attributeList,UInt32 length,const void *bytes);
SECURITY_EXPORT OSStatus SecKeychainItemFreeAttributesAndData(SecKeychainAttributeList *attributeList,void *data);
SECURITY_EXPORT OSStatus SecKeychainItemFreeContent(SecKeychainAttributeList *attributeList,void *data);
SECURITY_EXPORT OSStatus SecTrustedApplicationCreateFromPath(const char *path,SecTrustedApplicationRef *resultApplication);
SECURITY_EXPORT OSStatus SecAccessCreate(CFStringRef descriptor,CFArrayRef trustedlist,SecAccessRef *resultAccess);

View File

@ -5,6 +5,60 @@
#import "SecKeychainSearch.h"
#import "SecTrustedApplication.h"
OSStatus SecKeychainFindGenericPassword(CFTypeRef keychainOrArray, UInt32 serviceNameLength, const char *serviceName, UInt32 accountNameLength, const char *accountName, UInt32 *passwordLength, void **passwordData, SecKeychainItemRef *itemRef)
{
SecKeychainAttributeList attributeList;
attributeList.count = 2;
attributeList.attr = malloc(sizeof(SecKeychainAttribute) * attributeList.count);
attributeList.attr[0].tag = kSecAccountItemAttr;
attributeList.attr[0].length = accountNameLength;
attributeList.attr[0].data = (void *)accountName;
attributeList.attr[1].tag = kSecServiceItemAttr;
attributeList.attr[1].length = serviceNameLength;
attributeList.attr[1].data = (void *)serviceName;
SecKeychainSearchRef search;
OSStatus status = SecKeychainSearchCreateFromAttributes(NULL, kSecGenericPasswordItemClass, &attributeList, &search);
if (status != noErr)
{
free(attributeList.attr);
return status;
}
status = SecKeychainSearchCopyNext(search, itemRef);
if (status == noErr && *itemRef)
{
status = SecKeychainItemCopyAttributesAndData(*itemRef, NULL, NULL, NULL, passwordLength, passwordData);
}
else
{
status = errSecItemNotFound;
*itemRef = NULL;
*passwordData = NULL;
*passwordLength = 0;
}
free(attributeList.attr);
return status;
}
OSStatus SecKeychainAddGenericPassword (SecKeychainRef keychain, UInt32 serviceNameLength, const char *serviceName, UInt32 accountNameLength, const char *accountName, UInt32 passwordLength, void *passwordData, SecKeychainItemRef *itemRef)
{
SecKeychainAttributeList attributeList;
attributeList.count = 2;
attributeList.attr = malloc(sizeof(SecKeychainAttribute) * attributeList.count);
attributeList.attr[0].tag = kSecAccountItemAttr;
attributeList.attr[0].length = accountNameLength;
attributeList.attr[0].data = (void *)accountName;
attributeList.attr[1].tag = kSecServiceItemAttr;
attributeList.attr[1].length = serviceNameLength;
attributeList.attr[1].data = (void *)serviceName;
OSStatus status = SecKeychainItemCreateFromContent(kSecGenericPasswordItemClass, &attributeList, passwordLength, passwordData, keychain, NULL, itemRef);
free(attributeList.attr);
return status;
}
OSStatus SecKeychainSearchCreateFromAttributes(CFTypeRef keychainOrArray,SecItemClass itemClass,const SecKeychainAttributeList *attributeList,SecKeychainSearchRef *resultSearch) {
*resultSearch=[[SecKeychainSearch alloc] initWithKeychainOrArray:keychainOrArray itemClass:itemClass attributeList:attributeList];
return 0;
@ -35,6 +89,15 @@ OSStatus SecKeychainItemFreeAttributesAndData(SecKeychainAttributeList *attribut
return 0;
}
OSStatus SecKeychainItemFreeContent(SecKeychainAttributeList *attributeList,void *data) {
SecFreeAttributeList(attributeList);
if(data!=NULL)
NSZoneFree(NULL,data);
return 0;
}
OSStatus SecTrustedApplicationCreateFromPath(const char *path,SecTrustedApplicationRef *resultApplication) {
*resultApplication=[[SecTrustedApplication alloc] init];
return 0;

View File

@ -279,6 +279,7 @@ static void *decryptData(void *bytes,unsigned length,unsigned *resultLength){
case kSecLabelItemAttr: // utf8
case kSecAccountItemAttr: // utf8
case kSecServerItemAttr: // utf8
case kSecServiceItemAttr: // utf8
;
const char *utf8=[string UTF8String];
@ -380,6 +381,7 @@ static void *decryptData(void *bytes,unsigned length,unsigned *resultLength){
case kSecLabelItemAttr: // utf8
case kSecAccountItemAttr: // utf8
case kSecServerItemAttr: // utf8
case kSecServiceItemAttr: // utf8
;
NSString *string=[[NSString alloc] initWithBytes:data length:length encoding:NSUTF8StringEncoding];
const unichar *unicode=ZeroTerminatedString(string);