Support custom password options attributes.

security-framework/src/passwords.rs

@@ -27,6 +27,14 @@ pub fn set_generic_password(service: &str, account: &str, password: &[u8]) -> Re
     set_password_internal(&mut options, password)
 }
 
+/// Set a generic password using the given password options.
+/// Creates or updates a keychain entry.
+pub fn set_generic_password_options(
+    password: &[u8],
+    mut options: PasswordOptions) -> Result<()> {
+    set_password_internal(&mut options, password)
+}
+
 /// Get the generic password for the given service and account.  If no matching
 /// keychain entry exists, fails with error code `errSecItemNotFound`.
 pub fn get_generic_password(service: &str, account: &str) -> Result<Vec<u8>> {

security-framework/src/passwords_options.rs

@@ -1,7 +1,7 @@
 //! Support for password options, to be used with the passwords module
 
 use core_foundation::{string::CFString, base::{CFType, TCFType, CFOptionFlags}, number::CFNumber};
-use security_framework_sys::{keychain::{SecProtocolType, SecAuthenticationType}, access_control::*};
+use security_framework_sys::{access_control::*, item::kSecAttrAccessGroup, keychain::{SecAuthenticationType, SecProtocolType}};
 use security_framework_sys::item::{
     kSecAttrAccessControl, kSecAttrAccount, kSecAttrAuthenticationType, kSecAttrPath, kSecAttrPort, kSecAttrProtocol,
     kSecAttrSecurityDomain, kSecAttrServer, kSecAttrService, kSecClass, kSecClassGenericPassword,
@@ -127,4 +127,12 @@ impl PasswordOptions {
                 .into_CFType(),
         ));
     }
+
+    /// Add access group to the password
+    pub fn set_access_group(&mut self, group: &str) {
+        self.query.push((
+            unsafe { CFString::wrap_under_get_rule(kSecAttrAccessGroup) },
+            CFString::from(group).into_CFType(),
+        ));
+    }
 }