From cc153052a838f1a3f40633ede37540168ff41801 Mon Sep 17 00:00:00 2001 From: Tochukwu Nkemdilim Date: Mon, 22 Apr 2024 13:22:15 -0400 Subject: [PATCH 1/2] feat(search): add case-insensitive and subject item search options --- security-framework-sys/src/item.rs | 2 ++ security-framework/src/item.rs | 30 ++++++++++++++++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/security-framework-sys/src/item.rs b/security-framework-sys/src/item.rs index 4b4c52ed..5ff36b57 100644 --- a/security-framework-sys/src/item.rs +++ b/security-framework-sys/src/item.rs @@ -12,6 +12,8 @@ extern "C" { pub static kSecMatchLimitAll: CFStringRef; pub static kSecMatchTrustedOnly: CFStringRef; + pub static kSecMatchCaseInsensitive: CFStringRef; + pub static kSecMatchSubjectWholeString: CFStringRef; pub static kSecReturnData: CFStringRef; pub static kSecReturnAttributes: CFStringRef; diff --git a/security-framework/src/item.rs b/security-framework/src/item.rs index c29f2d62..a5f7f4bc 100644 --- a/security-framework/src/item.rs +++ b/security-framework/src/item.rs @@ -131,6 +131,7 @@ pub struct ItemSearchOptions { keychains: Option>, #[cfg(not(target_os = "macos"))] keychains: Option>, + case_insensitive: Option, class: Option, key_class: Option, load_refs: bool, @@ -140,6 +141,7 @@ pub struct ItemSearchOptions { trusted_only: Option, label: Option, service: Option, + subject: Option, account: Option, access_group: Option, pub_key_hash: Option, @@ -170,6 +172,13 @@ impl ItemSearchOptions { self } + /// Whether search for an item should be case insensitive or not. + #[inline(always)] + pub fn case_insensitive(&mut self, case_insensitive: Option) -> &mut Self { + self.case_insensitive = case_insensitive; + self + } + /// Search only for keys of the specified class. Also sets self.class to /// `ItemClass::key()`. #[inline(always)] @@ -232,6 +241,13 @@ impl ItemSearchOptions { self.service = Some(CFString::new(service)); self } + + /// Search for an item with the given subject. + #[inline(always)] + pub fn subject(&mut self, subject: &str) -> &mut Self { + self.subject = Some(CFString::new(subject)); + self + } /// Search for an item with the given account. #[inline(always)] @@ -291,6 +307,13 @@ impl ItemSearchOptions { params.push((CFString::wrap_under_get_rule(kSecClass), class.to_value())); } + if let Some(case_insensitive) = self.case_insensitive { + params.push(( + CFString::wrap_under_get_rule(kSecMatchCaseInsensitive), + CFBoolean::from(case_insensitive).as_CFType() + )); + } + if let Some(key_class) = self.key_class { params.push((CFString::wrap_under_get_rule(kSecAttrKeyClass), key_class.to_value())); } @@ -343,6 +366,13 @@ impl ItemSearchOptions { service.as_CFType(), )); } + + if let Some(ref subject) = self.subject { + params.push(( + CFString::wrap_under_get_rule(kSecMatchSubjectWholeString), + subject.as_CFType(), + )); + } if let Some(ref account) = self.account { params.push(( From 46e2a5a88ab9915b99fe6bff929abbadafcfccd1 Mon Sep 17 00:00:00 2001 From: Tochukwu Nkemdilim Date: Mon, 22 Apr 2024 13:30:29 -0400 Subject: [PATCH 2/2] chore(doc): improve docs for subject item search option --- security-framework/src/item.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security-framework/src/item.rs b/security-framework/src/item.rs index a5f7f4bc..7e011be8 100644 --- a/security-framework/src/item.rs +++ b/security-framework/src/item.rs @@ -242,7 +242,7 @@ impl ItemSearchOptions { self } - /// Search for an item with the given subject. + /// Search for an item with exactly the given subject. #[inline(always)] pub fn subject(&mut self, subject: &str) -> &mut Self { self.subject = Some(CFString::new(subject));