Skip to content

Commit

Permalink
security-framework::item::ItemSearchOptions: support trusted_only (#197)
Browse files Browse the repository at this point in the history
  • Loading branch information
grahamc authored Mar 27, 2024
1 parent 24b239b commit 5bf85d6
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 0 deletions.
2 changes: 2 additions & 0 deletions security-framework-sys/src/item.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ extern "C" {
pub static kSecMatchLimit: CFStringRef;
pub static kSecMatchLimitAll: CFStringRef;

pub static kSecMatchTrustedOnly: CFStringRef;

pub static kSecReturnData: CFStringRef;
pub static kSecReturnAttributes: CFStringRef;
pub static kSecReturnRef: CFStringRef;
Expand Down
15 changes: 15 additions & 0 deletions security-framework/src/item.rs
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,7 @@ pub struct ItemSearchOptions {
load_attributes: bool,
load_data: bool,
limit: Option<Limit>,
trusted_only: Option<bool>,
label: Option<CFString>,
service: Option<CFString>,
account: Option<CFString>,
Expand Down Expand Up @@ -218,6 +219,13 @@ impl ItemSearchOptions {
self
}

/// Whether untrusted certificates should be returned.
#[inline(always)]
pub fn trusted_only(&mut self, trusted_only: Option<bool>) -> &mut Self {
self.trusted_only = trusted_only;
self
}

/// Search for an item with the given service.
#[inline(always)]
pub fn service(&mut self, service: &str) -> &mut Self {
Expand Down Expand Up @@ -316,6 +324,13 @@ impl ItemSearchOptions {
));
}

if let Some(ref trusted_only) = self.trusted_only {
params.push((
CFString::wrap_under_get_rule(kSecMatchTrustedOnly),
if *trusted_only { CFBoolean::true_value().into_CFType() } else { CFBoolean::false_value().into_CFType() },
));
}

if let Some(ref service) = self.service {
params.push((
CFString::wrap_under_get_rule(kSecAttrService),
Expand Down

0 comments on commit 5bf85d6

Please sign in to comment.