private static void CheckError(SecStatusCode resultCode, [CallerMemberName] string caller = null)
{
if (resultCode != SecStatusCode.Success)
{
throw new Exception(string.Format("Failed to execute {0}. Result code: {1}", caller, resultCode));
}
}
private static void CheckError(SecStatusCode resultCode, [CallerMemberName] string caller = null)
{
if (resultCode != SecStatusCode.Success)
{
throw new Exception($"Failed to execute {caller}. Result code: {resultCode}");
}
}
public bool Delete()
{
var findExisting = new SecRecord(SecKind.Key)
{
ApplicationTag = NSData.FromString(this._keyName, NSStringEncoding.UTF8),
KeyType = SecKeyType.RSA,
Synchronizable = this._shouldSyncAcrossDevices
};
SecStatusCode code = SecKeyChain.Remove(findExisting);
return(code == SecStatusCode.Success);
}
/// <summary>
/// Retreives record from the store
/// </summary>
/// <returns>The record.</returns>
/// <param name="key">Key.</param>
/// <param name="ssc">Ssc.</param>
private SecRecord GetRecord(string key, out SecStatusCode ssc)
{
// create an instance of the record to query
var sr = new SecRecord(StoreSecKind);
sr.Account = key;
if (DefaultAccessible != SecAccessible.Invalid)
{
sr.Accessible = DefaultAccessible;
}
return(SecKeyChain.QueryAsRecord(sr, out ssc));
}
static public SecStatusCode ImportPkcs12(NSData data, NSDictionary options, out NSDictionary[] array)
{
if (options == null)
{
throw new ArgumentNullException("options");
}
IntPtr handle;
SecStatusCode code = SecPKCS12Import(data.Handle, options.Handle, out handle);
array = NSArray.ArrayFromHandle <NSDictionary> (handle);
return(code);
}
static public SecStatusCode ImportPkcs12(CFData data, CFDictionary options, out CFDictionary [] array)
{
if (options == null)
{
throw new ArgumentNullException("options");
}
IntPtr handle;
SecStatusCode code = SecPKCS12Import(data.Handle, options.Handle, out handle);
array = CFArray.ArrayFromHandle <CFDictionary> (handle, h => new CFDictionary(h, false));
CFObject.CFRelease(handle);
return(code);
}
//------------------------------------------------------------------------------
public bool Load(string settingName, SettingBaseAttribute attr, out object value)
{
if (!KeyChainUtils.Contains(settingName, m_serviceName, m_synchronizable))
{
InternalConfiguration.PlatformHelper.Log(LogLevel.Info,
"KeyChainSerializer.Load - no such setting",
settingName);
value = null;
return(false);
}
string stringValue;
SecStatusCode eCode = KeyChainUtils.GetPasswordForUsername(
settingName,
m_serviceName,
out stringValue,
m_synchronizable);
if (eCode != SecStatusCode.Success || stringValue == null)
{
Advexp.LogLevel ll = Advexp.LogLevel.None;
if (eCode == SecStatusCode.ItemNotFound)
{
ll = LogLevel.Info;
}
else
{
ll = LogLevel.Error;
}
InternalConfiguration.PlatformHelper.Log(ll,
"KeyChainSerializer.Load - error",
String.Format("Setting is {0}. Error code is {1}",
settingName,
eCode));
value = null;
return(false);
}
// in this case simplified object will be corrected in the SettingsSerializer.cs
value = stringValue;
InternalConfiguration.PlatformHelper.Log(LogLevel.Info,
"KeyChainSerializer.Load - success",
settingName);
return(true);
}
static INativeObject [] QueryAsReference(SecRecord query, int max, out SecStatusCode result)
{
if (query == null)
{
result = SecStatusCode.Param;
return(null);
}
using (var copy = query.QueryDict.MutableCopy()) {
copy.SetValue(CFBoolean.True.Handle, SecItem.ReturnRef);
SetLimit(copy, max);
return(QueryAsReference(copy, out result));
}
}
/// <inheritdoc/>
public ICryptographicKey CreateKeyPair(int keySize)
{
Requires.Range(keySize > 0, "keySize");
string keyIdentifier = Guid.NewGuid().ToString();
string publicKeyIdentifier = RsaCryptographicKey.GetPublicKeyIdentifierWithTag(keyIdentifier);
string privateKeyIdentifier = RsaCryptographicKey.GetPrivateKeyIdentifierWithTag(keyIdentifier);
// Configure parameters for the joint keypair.
using var keyPairAttr = new NSMutableDictionary();
keyPairAttr[KSec.AttrKeyType] = KSec.AttrKeyTypeRSA;
keyPairAttr[KSec.AttrKeySizeInBits] = NSNumber.FromInt32(keySize);
// Configure parameters for the private key
using var privateKeyAttr = new NSMutableDictionary();
privateKeyAttr[KSec.AttrIsPermanent] = NSNumber.FromBoolean(true);
privateKeyAttr[KSec.AttrApplicationTag] = NSData.FromString(privateKeyIdentifier, NSStringEncoding.UTF8);
// Configure parameters for the public key
using var publicKeyAttr = new NSMutableDictionary();
publicKeyAttr[KSec.AttrIsPermanent] = NSNumber.FromBoolean(true);
publicKeyAttr[KSec.AttrApplicationTag] = NSData.FromString(publicKeyIdentifier, NSStringEncoding.UTF8);
// Parent the individual key parameters to the keypair one.
keyPairAttr[KSec.PublicKeyAttrs] = publicKeyAttr;
keyPairAttr[KSec.PrivateKeyAttrs] = privateKeyAttr;
// Generate the RSA key.
SecKey?publicKey = null, privateKey = null;
try
{
SecStatusCode code = SecKey.GenerateKeyPair(keyPairAttr, out publicKey, out privateKey);
Verify.Operation(code == SecStatusCode.Success, "status was " + code);
}
catch (InvalidOperationException ex)
{
publicKey?.Dispose();
privateKey?.Dispose();
throw new ArgumentException(ex.Message, ex);
}
catch
{
publicKey?.Dispose();
privateKey?.Dispose();
throw;
}
return(new RsaCryptographicKey(publicKey, privateKey, keyIdentifier, this.algorithm));
}
private bool GenClientContext(AuthenticationToken token)
{
using (DisposableList list = new DisposableList())
{
SecStatusCode result = 0;
SecBuffer out_sec_buffer = list.AddResource(new SecBuffer(SecBufferType.Token, 64 * 1024));
SecBufferDesc out_buffer_desc = list.AddResource(new SecBufferDesc(out_sec_buffer));
InitializeContextRetFlags flags;
LargeInteger expiry = new LargeInteger();
if (token != null)
{
List <SecBuffer> buffers = new List <SecBuffer>();
buffers.Add(list.AddResource(new SecBuffer(SecBufferType.Token, token.ToArray())));
if (_channel_binding != null)
{
buffers.Add(list.AddResource(SecBuffer.CreateForChannelBinding(_channel_binding)));
}
SecBufferDesc in_buffer_desc = list.AddResource(new SecBufferDesc(buffers.ToArray()));
result = SecurityNativeMethods.InitializeSecurityContext(_creds.CredHandle, _context, _target, _req_attributes, 0,
_data_rep, in_buffer_desc, 0, _context, out_buffer_desc, out flags, expiry).CheckResult();
Flags = flags;
}
else
{
SecBufferDesc in_buffer_desc = null;
List <SecBuffer> buffers = new List <SecBuffer>();
if (_channel_binding != null)
{
buffers.Add(list.AddResource(SecBuffer.CreateForChannelBinding(_channel_binding)));
in_buffer_desc = list.AddResource(new SecBufferDesc(buffers.ToArray()));
}
result = SecurityNativeMethods.InitializeSecurityContext(_creds.CredHandle, null, _target,
_req_attributes, 0, _data_rep, in_buffer_desc, 0, _context,
out_buffer_desc, out flags, expiry).CheckResult();
}
Expiry = expiry.QuadPart;
Flags = flags;
if (result == SecStatusCode.CompleteNeeded || result == SecStatusCode.CompleteAndContinue)
{
SecurityNativeMethods.CompleteAuthToken(_context, out_buffer_desc).CheckResult();
}
Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, true, out_buffer_desc.ToArray()[0].ToArray());
return(!(result == SecStatusCode.ContinueNeeded || result == SecStatusCode.CompleteAndContinue));
}
}
void Initialize(IntPtr certHandle, SecPolicy policy)
{
if (policy == null)
{
throw new ArgumentNullException("policy");
}
SecStatusCode result = SecTrustCreateWithCertificates(certHandle, policy.Handle, out handle);
if (result != SecStatusCode.Success)
{
throw new ArgumentException(result.ToString());
}
}
public string GetToken()
{
byte[] password_bytes;
SecStatusCode result = SecKeyChain.FindGenericPassword(
SERVICE, ACCOUNT, out password_bytes);
if (result != SecStatusCode.Success)
{
throw new Exception("Could not find token in Keychain");
}
return(Encoding.UTF8.GetString(password_bytes));
}
public static void RemoveInternetUserNameAndPassword(Uri url)
{
var record = SecKeychainFindInternetPassword(url, out _);
if (record != null)
{
SecStatusCode result = SecKeyChain.Remove(record);
if (result != SecStatusCode.Success)
{
throw new Exception("Could not delete internet password from keychain: " + result.GetStatusDescription());
}
}
}
static public SecStatusCode ImportPkcs12(NSData data, NSDictionary options, out NSDictionary[] array)
{
if (options == null)
{
throw new ArgumentNullException("options");
}
IntPtr handle;
SecStatusCode code = SecPKCS12Import(data.Handle, options.Handle, out handle);
// note: NSArray.ArrayFromHandle will retain the NSDictionary it creates - but the ones
// we're receiving already are retained, GetRetainedDictionary drops that extra level
array = NSArray.ArrayFromHandle <NSDictionary> (handle, GetRetainedDictionary);
return(code);
}
public void IdentityRecordTest()
{
using (var identity = IdentityTest.GetIdentity())
using (var rec = new SecRecord(identity)) {
SecStatusCode code = SecKeyChain.Add(rec);
Assert.True(code == SecStatusCode.DuplicateItem || code == SecStatusCode.Success, "Identity added");
var ret = rec.GetIdentity();
Assert.NotNull(ret, "ret is null");
Assert.That(identity.Handle, Is.EqualTo(ret.Handle), "Same Handle");
Assert.Throws <InvalidOperationException> (() => rec.GetKey(), "GetKey should throw");
Assert.Throws <InvalidOperationException> (() => rec.GetCertificate(), "GetCertificate should throw");
}
}
private FingerprintAuthenticationResultStatus MapStatus(SecStatusCode code)
{
switch (code)
{
//TODO: add remining status codes
case SecStatusCode.AuthFailed:
return(FingerprintAuthenticationResultStatus.Failed);
case SecStatusCode.Success:
return(FingerprintAuthenticationResultStatus.Succeeded);
default:
return(FingerprintAuthenticationResultStatus.Unknown);
}
}
public static void RemoveCredentialFromKeychain(string username)
{
SecStatusCode code = SecStatusCode.NotAvailable;
code = SecKeyChain.Remove(new SecRecord(SecKind.GenericPassword)
{
Service = ServiceName,
Account = username
});
if (code != SecStatusCode.Success)
{
Logging.Info("error removing password from keychain: " + code);
}
}
internal static SecStatusCode AcceptSecurityContext(
CredentialHandle credential,
SecHandle context,
AcceptContextReqFlags req_attributes,
SecDataRep data_rep,
IList <SecurityBuffer> input,
SecHandle new_context,
IList <SecurityBuffer> output,
out AcceptContextRetFlags ret_attributes,
LargeInteger expiry,
bool throw_on_error)
{
using (DisposableList list = new DisposableList())
{
var input_buffers = input?.ToBufferList(list);
var output_buffers = output?.ToBufferList(list);
var in_buffer_desc = input_buffers.ToDesc(list);
var out_buffer_desc = output_buffers.ToDesc(list);
SecStatusCode result = SecurityNativeMethods.AcceptSecurityContext(credential.CredHandle, context,
in_buffer_desc, req_attributes, data_rep, new_context, out_buffer_desc, out ret_attributes, expiry).CheckResult(throw_on_error);
if (!result.IsSuccess())
{
return(result);
}
try
{
if (result == SecStatusCode.SEC_I_COMPLETE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE)
{
var comp_result = SecurityNativeMethods.CompleteAuthToken(context, out_buffer_desc).CheckResult(throw_on_error);
if (!comp_result.IsSuccess())
{
return(comp_result);
}
}
}
finally
{
if (result.IsSuccess())
{
output?.UpdateBuffers(out_buffer_desc);
}
}
return(result);
}
}
public SecTrustResult Evaluate()
{
if (handle == IntPtr.Zero)
{
throw new ObjectDisposedException("SecTrust");
}
SecTrustResult trust;
SecStatusCode result = SecTrustEvaluate(handle, out trust);
if (result != SecStatusCode.Success)
{
throw new InvalidOperationException(result.ToString());
}
return(trust);
}
public Task DeleteAsync(string key)
{
if (string.IsNullOrEmpty(key))
{
throw new ArgumentException(Resources.ObjectStoreParametersEmpty);
}
SecStatusCode status = SecKeyChain.Remove(NewSecRecordForKey(key));
if (status != SecStatusCode.Success && status != SecStatusCode.ItemNotFound)
{
throw new IOException(string.Format(ClientResources.FileAccessErrorMessage, ClientResources.FileAccessActionDelete, key, status.ToString()));
}
return(Task.CompletedTask);
}
public Task SetAsync(string key, string value)
{
key = KeyPrefix + key;
SecRecord record = new SecRecord(SecKind.GenericPassword)
{
Account = key,
Service = Service,
Label = key,
Accessible = Accessible,
ValueData = NSData.FromString(value, NSStringEncoding.UTF8)
};
using (record)
{
SecStatusCode result = SecKeyChain.Add(record);
switch (result)
{
case SecStatusCode.DuplicateItem:
{
Debug.WriteLine("Duplicate item found. Attempting to remove and add again.");
if (Remove(key))
{
result = SecKeyChain.Add(record);
if (result != SecStatusCode.Success)
{
throw new Exception($"Error adding record: {result}");
}
}
else
{
throw new Exception($"Error removing record: {result}");
}
}
break;
case SecStatusCode.Success:
break;
default:
throw new Exception($"Error adding record: {result}");
}
}
return(Task.CompletedTask);
}
public void SecItemAdd_Identity()
{
using (NSString valueref = new NSString("v_Ref"))
using (NSMutableDictionary data = new NSMutableDictionary())
using (var id = IdentityTest.GetIdentity()) {
data.LowlevelSetObject(id.Handle, valueref.Handle);
SecStatusCode code = SecItemAdd(data.Handle, IntPtr.Zero);
var expected = Is.EqualTo(SecStatusCode.DuplicateItem).Or.EqualTo(SecStatusCode.Success);
#if __MACOS__
if (!TestRuntime.CheckSystemVersion(PlatformName.MacOSX, 10, 9))
{
expected = Is.EqualTo(SecStatusCode.Param);
}
#endif
Assert.That(code, expected);
}
}
public Task WriteAsync(string key, string contents)
{
if (string.IsNullOrEmpty(key) || contents == null)
{
throw new ArgumentException(Resources.ObjectStoreParametersEmpty);
}
SecStatusCode status = SecStatusCode.IO;
try
{
SecRecord record = ExistingSecRecordForKey(key);
SecRecord newRecord = NewSecRecordForKey(key);
if (record == null)
{
newRecord.ValueData = NSData.FromString(contents);
status = SecKeyChain.Add(newRecord);
}
else
{
SecRecord update = new SecRecord()
{
ValueData = NSData.FromString(contents)
};
status = SecKeyChain.Update(newRecord, update);
}
}
catch (Exception e)
{
throw new IOException(string.Format(ClientResources.FileAccessErrorMessage, ClientResources.FileAccessActionWrite, key), e);
}
if (status != SecStatusCode.Success)
{
throw new IOException(string.Format(ClientResources.FileAccessErrorMessage, ClientResources.FileAccessActionWrite, key, status.ToString()));
}
return(Task.CompletedTask);
}
internal static byte[] GetRawBrokerKey()
{
byte[] brokerKey = null;
SecRecord record = new SecRecord(SecKind.GenericPassword)
{
Generic = NSData.FromString(LocalSettingsContainerName),
Service = "Broker Key Service",
Account = "Broker Key Account",
Label = "Broker Key Label",
Comment = "Broker Key Comment",
Description = "Storage for broker key"
};
NSData key = SecKeyChain.QueryAsData(record);
if (key == null)
{
AesManaged algo = new AesManaged();
algo.GenerateKey();
byte[] rawBytes = algo.Key;
NSData byteData = NSData.FromArray(rawBytes);
record = new SecRecord(SecKind.GenericPassword)
{
Generic = NSData.FromString(LocalSettingsContainerName),
Service = "Broker Key Service",
Account = "Broker Key Account",
Label = "Broker Key Label",
Comment = "Broker Key Comment",
Description = "Storage for broker key",
ValueData = byteData
};
SecStatusCode code = SecKeyChain.Add(record);
brokerKey = byteData.ToArray();
}
else
{
brokerKey = key.ToArray();
}
return(brokerKey);
}
public void SetToken(string token)
{
byte[] password_bytes = Encoding.UTF8.GetBytes(token);
SecStatusCode result = SecKeyChain.AddGenericPassword(
SERVICE, ACCOUNT, password_bytes);
if (result == SecStatusCode.DuplicateItem)
{
// TODO: Replace the token
// SecKeyChain.Remove ();
// StoreToken (token);
return;
}
if (result != SecStatusCode.Success)
{
throw new Exception("Could not store token in Keychain");
}
}
public override void Delete(string key)
{
try
{
key = key.ToLower();
if (string.IsNullOrEmpty(key))
{
return;
}
SecRecord queryRec = new SecRecord(SecKind.GenericPassword)
{
Service = serviceId, Label = serviceId, Account = key, Synchronizable = false
};
SecStatusCode code = SecKeyChain.Remove(queryRec);
}
catch (Exception)
{
}
}
private void TryWriteBrokerApplicationTokenToKeychain(string clientId, string applicationToken)
{
iOSTokenCacheAccessor iOSTokenCacheAccessor = new iOSTokenCacheAccessor();
try
{
SecStatusCode secStatusCode = iOSTokenCacheAccessor.SaveBrokerApplicationToken(clientId, applicationToken);
_logger.Info(string.Format(
CultureInfo.CurrentCulture,
iOSBrokerConstants.AttemptToSaveBrokerApplicationToken + "SecStatusCode: {0}",
secStatusCode));
}
catch (Exception ex)
{
throw new MsalClientException(
MsalError.WritingApplicationTokenToKeychainFailed,
MsalErrorMessage.WritingApplicationTokenToKeychainFailed + ex.Message);
}
}
static unsafe string GetUsernameFromKeychainItemRef(IntPtr itemRef)
{
int[] formatConstants = { (int)CssmDbAttributeFormat.String };
int[] attributeTags = { (int)SecItemAttr.Account };
fixed(int *tags = attributeTags, formats = formatConstants)
{
var attributeInfo = new SecKeychainAttributeInfo {
Count = 1,
Tag = tags,
Format = formats
};
SecKeychainAttributeList *attributeList = null;
SecItemClass itemClass = 0;
try {
SecStatusCode status = SecKeychainItemCopyAttributesAndData(itemRef, &attributeInfo, ref itemClass, &attributeList, IntPtr.Zero, IntPtr.Zero);
if (status == SecStatusCode.ItemNotFound)
{
throw new Exception("Could not add internet password to keychain: " + status.GetStatusDescription());
}
if (status != SecStatusCode.Success)
{
throw new Exception("Could not find internet username and password: " + status.GetStatusDescription());
}
var userNameAttr = (SecKeychainAttribute *)attributeList->Attrs;
if (userNameAttr->Length == 0)
{
return(null);
}
return(Marshal.PtrToStringAuto(userNameAttr->Data, (int)userNameAttr->Length));
} finally {
SecKeychainItemFreeAttributesAndData(attributeList, IntPtr.Zero);
}
}
}
static bool AddItem(Epitech.Intra.SharedApp.Security.Credit credit)
{
var secObject = new SecAccessControl(SecAccessible.AfterFirstUnlockThisDeviceOnly);
if (secObject == null)
{
return(false);
}
var securityRecord = new SecRecord(SecKind.GenericPassword)
{
Service = "com.Epitech.uIntra",
ValueData = new NSString(credit.Login + "|" + credit.Password).Encode(NSStringEncoding.UTF8),
UseNoAuthenticationUI = true,
AccessControl = secObject,
};
SecStatusCode status = SecKeyChain.Add(securityRecord);
return(status == SecStatusCode.Success);
}
static bool UpdateItem(Epitech.Intra.SharedApp.Security.Credit credit)
{
var securityRecord = new SecRecord(SecKind.GenericPassword)
{
Service = "com.Epitech.uIntra",
UseOperationPrompt = "Authentifiez-vous pour mettre à jours vos identifiants"
};
var recordUpdates = new SecRecord(SecKind.Identity)
{
ValueData = new NSString(credit.Login + "|" + credit.Password).Encode(NSStringEncoding.UTF8),
};
SecStatusCode status = SecStatusCode.ItemNotFound;
UIApplication.SharedApplication.InvokeOnMainThread(() => {
status = SecKeyChain.Update(securityRecord, recordUpdates);
});
return(status == SecStatusCode.Success);
}
public void KeyEncryption()
{
const int keySize = 512;
string keyIdentifier = Guid.NewGuid().ToString();
string publicKeyIdentifier = GetPublicKeyIdentifierWithTag(keyIdentifier);
string privateKeyIdentifier = GetPrivateKeyIdentifierWithTag(keyIdentifier);
// Configure parameters for the joint keypair.
var keyPairAttr = new NSMutableDictionary();
keyPairAttr[KSec.AttrKeyType] = KSec.AttrKeyTypeRSA;
keyPairAttr[KSec.AttrKeySizeInBits] = NSNumber.FromInt32(keySize);
// Configure parameters for the private key
var privateKeyAttr = new NSMutableDictionary();
privateKeyAttr[KSec.AttrIsPermanent] = NSNumber.FromBoolean(true);
privateKeyAttr[KSec.AttrApplicationTag] = NSData.FromString(privateKeyIdentifier, NSStringEncoding.UTF8);
// Configure parameters for the public key
var publicKeyAttr = new NSMutableDictionary();
publicKeyAttr[KSec.AttrIsPermanent] = NSNumber.FromBoolean(true);
publicKeyAttr[KSec.AttrApplicationTag] = NSData.FromString(publicKeyIdentifier, NSStringEncoding.UTF8);
// Parent the individual key parameters to the keypair one.
keyPairAttr[KSec.PublicKeyAttrs] = publicKeyAttr;
keyPairAttr[KSec.PrivateKeyAttrs] = privateKeyAttr;
// Generate the RSA key.
SecKey publicKey, privateKey;
SecStatusCode code = SecKey.GenerateKeyPair(keyPairAttr, out publicKey, out privateKey);
Verify.Operation(code == SecStatusCode.Success, "status was " + code);
byte[] plainText = new byte[0]; // when this buffer is non-empty, Encrypt works!
byte[] cipherText;
code = publicKey.Encrypt(SecPadding.OAEP, plainText, out cipherText);
Verify.Operation(code == SecStatusCode.Success, "status was " + code);
}
public static INativeObject[] QueryAsReference(SecRecord query, int max, out SecStatusCode result)
{
if (query == null)
{
result = SecStatusCode.Param;
return(null);
}
using (var copy = query.queryDict.MutableCopy()) {
copy.SetValue(CFBoolean.True.Handle, SecItem.ReturnRef);
SetLimit(copy, max);
IntPtr ptr;
result = SecItem.SecItemCopyMatching(copy.Handle, out ptr);
if ((result == SecStatusCode.Success) && (ptr != IntPtr.Zero))
{
var array = CFArray.ArrayFromHandle <INativeObject> (ptr, p => {
IntPtr cfType = CFType.GetTypeID(p);
if (cfType == SecCertificate.GetTypeID())
{
return(new SecCertificate(p, true));
}
else if (cfType == SecKey.GetTypeID())
{
return(new SecKey(p, true));
}
else if (cfType == SecIdentity.GetTypeID())
{
return(new SecIdentity(p, true));
}
else
{
throw new Exception(String.Format("Unexpected type: 0x{0:x}", cfType));
}
});
return(array);
}
return(null);
}
}
public static NSData[] QueryAsData(SecRecord query, bool wantPersistentReference, int max, out SecStatusCode status)
{
if (query == null)
throw new ArgumentNullException ("query");
using (var copy = NSMutableDictionary.FromDictionary (query.queryDict)){
var n = SetLimit (copy, max);
copy.LowlevelSetObject (CFBoolean.True.Handle, SecItem.ReturnData);
IntPtr ptr;
status = SecItem.SecItemCopyMatching (copy.Handle, out ptr);
n = null;
if (status == SecStatusCode.Success){
if (max == 1)
return new NSData [] { new NSData (ptr) };
else
return NSArray.ArrayFromHandle<NSData> (ptr);
}
return null;
}
}
public static NSData QueryAsData(SecRecord query, bool wantPersistentReference, out SecStatusCode status)
{
if (query == null)
throw new ArgumentNullException ("query");
using (var copy = NSMutableDictionary.FromDictionary (query.queryDict)){
SetLimit (copy, 1);
copy.LowlevelSetObject (CFBoolean.True.Handle, SecItem.ReturnData);
IntPtr ptr;
status = SecItem.SecItemCopyMatching (copy.Handle, out ptr);
if (status == SecStatusCode.Success)
return new NSData (ptr);
return null;
}
}
public static SecRecord[] QueryAsRecord(SecRecord query, int max, out SecStatusCode result)
{
if (query == null)
throw new ArgumentNullException ("query");
using (var copy = NSMutableDictionary.FromDictionary (query.queryDict)){
copy.LowlevelSetObject (CFBoolean.True.Handle, SecItem.ReturnAttributes);
var n = SetLimit (copy, max);
IntPtr ptr;
result = SecItem.SecItemCopyMatching (copy.Handle, out ptr);
n = null;
if (result == SecStatusCode.Success){
var dicts = NSArray.ArrayFromHandle<NSDictionary> (ptr);
var records = new SecRecord [dicts.Length];
for (int i = 0; i < dicts.Length; i++)
records [i] = new SecRecord (new NSMutableDictionary (dicts [i]));
return records;
}
return null;
}
}
public static object QueryAsConcreteType(SecRecord query, out SecStatusCode result)
{
if (query == null){
result = SecStatusCode.Param;
return null;
}
using (var copy = NSMutableDictionary.FromDictionary (query.queryDict)){
copy.LowlevelSetObject (CFBoolean.True.Handle, SecItem.ReturnRef);
SetLimit (copy, 1);
IntPtr ptr;
result = SecItem.SecItemCopyMatching (copy.Handle, out ptr);
if (result == SecStatusCode.Success){
int cfType = CFType.GetTypeID (ptr);
if (cfType == SecCertificate.GetTypeID ())
return new SecCertificate (ptr, true);
else if (cfType == SecKey.GetTypeID ())
return new SecKey (ptr, true);
else if (cfType == SecIdentity.GetTypeID ())
return new SecIdentity (ptr, true);
else
throw new Exception (String.Format ("Unexpected type: 0x{0:x}", cfType));
}
return null;
}
}
public static SecRecord QueryAsRecord(SecRecord query, out SecStatusCode result)
{
if (query == null)
throw new ArgumentNullException ("query");
using (var copy = NSMutableDictionary.FromDictionary (query.queryDict)){
SetLimit (copy, 1);
copy.LowlevelSetObject (CFBoolean.True.Handle, SecItem.ReturnAttributes);
copy.LowlevelSetObject (CFBoolean.True.Handle, SecItem.ReturnData);
IntPtr ptr;
result = SecItem.SecItemCopyMatching (copy.Handle, out ptr);
if (result == SecStatusCode.Success)
return new SecRecord (new NSMutableDictionary (new NSDictionary (ptr)));
return null;
}
}
static string ToMessage(SecStatusCode code)
{
switch (code){
case SecStatusCode.Success:
case SecStatusCode.Unimplemented:
case SecStatusCode.Param:
case SecStatusCode.Allocate:
case SecStatusCode.NotAvailable:
case SecStatusCode.DuplicateItem:
case SecStatusCode.ItemNotFound:
case SecStatusCode.InteractionNotAllowed:
case SecStatusCode.Decode:
return code.ToString ();
}
return String.Format ("Unknown error: 0x{0:x}", code);
}
public SecurityException(SecStatusCode code)
: base(ToMessage (code))
{
}
public static NSData [] QueryAsData (SecRecord query, bool wantPersistentReference, int max, out SecStatusCode status)
{
if (query == null)
throw new ArgumentNullException ("query");
using (var copy = NSMutableDictionary.FromDictionary (query.queryDict)){
var n = SetLimit (copy, max);
copy.LowlevelSetObject (CFBoolean.True.Handle, SecItem.ReturnData);
IntPtr ptr;
status = SecItem.SecItemCopyMatching (copy.Handle, out ptr);
n = null;
if (status == SecStatusCode.Success){
if (max == 1)
return new NSData [] { new NSData (ptr, false) };
var array = new NSArray (ptr);
var records = new NSData [array.Count];
for (uint i = 0; i < records.Length; i++)
records [i] = new NSData (array.ValueAt (i), false);
return records;
}
return null;
}
}
/// <summary>
/// Retreives record from the store
/// </summary>
/// <returns>The record.</returns>
/// <param name="key">Key.</param>
/// <param name="ssc">Ssc.</param>
private SecRecord GetRecord(string key, out SecStatusCode ssc)
{
// create an instance of the record to query
var sr = new SecRecord(SecKind.GenericPassword);
sr.Account = key;
return SecKeyChain.QueryAsRecord(sr, out ssc);
}
