security-rs 0.4.2

Safe Rust bindings for Apple's Security framework — keychain, identity, certificates, trust, authorization, CMS, SecureTransport, and cryptographic primitives on macOS
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

import Foundation
import Security

private func executeTransform(
    _ transform: SecTransform,
    input: Data,
    statusOut: UnsafeMutablePointer<Int32>?,
    errorOut: UnsafeMutablePointer<UnsafeMutableRawPointer?>?
) -> UnsafeMutableRawPointer? {
    var error: Unmanaged<CFError>?
    guard SecTransformSetAttribute(transform, kSecTransformInputAttributeName, input as CFData, &error) else {
        setStatus(statusOut, errSecParam)
        setError(errorOut, error)
        return nil
    }

    let result = SecTransformExecute(transform, &error)
    if let error {
        setStatus(statusOut, errSecParam)
        setError(errorOut, error)
        return nil
    }

    if let data = result as? Data {
        return dataHandle(data)
    }
    if let string = result as? String {
        return dataHandle(Data(string.utf8))
    }

    setStatus(statusOut, errSecParam)
    setError(errorOut, "SecTransformExecute returned unsupported result type")
    return nil
}

@_cdecl("security_transform_encode_base64")
public func securityTransformEncodeBase64(
    _ dataPointer: UnsafeRawPointer?,
    _ dataLength: Int,
    _ statusOut: UnsafeMutablePointer<Int32>?,
    _ errorOut: UnsafeMutablePointer<UnsafeMutableRawPointer?>?
) -> UnsafeMutableRawPointer? {
    clearError(errorOut)
    setStatus(statusOut, errSecSuccess)

    guard let input = dataFromPointer(dataPointer, length: dataLength) else {
        setStatus(statusOut, errSecParam)
        setError(errorOut, "input bytes are required")
        return nil
    }

    var error: Unmanaged<CFError>?
    guard let transform = SecEncodeTransformCreate(kSecBase64Encoding, &error) else {
        setStatus(statusOut, errSecParam)
        setError(errorOut, error)
        return nil
    }

    return executeTransform(transform, input: input, statusOut: statusOut, errorOut: errorOut)
}

@_cdecl("security_transform_decode_base64")
public func securityTransformDecodeBase64(
    _ dataPointer: UnsafeRawPointer?,
    _ dataLength: Int,
    _ statusOut: UnsafeMutablePointer<Int32>?,
    _ errorOut: UnsafeMutablePointer<UnsafeMutableRawPointer?>?
) -> UnsafeMutableRawPointer? {
    clearError(errorOut)
    setStatus(statusOut, errSecSuccess)

    guard let input = dataFromPointer(dataPointer, length: dataLength) else {
        setStatus(statusOut, errSecParam)
        setError(errorOut, "input bytes are required")
        return nil
    }

    var error: Unmanaged<CFError>?
    guard let transform = SecDecodeTransformCreate(kSecBase64Encoding, &error) else {
        setStatus(statusOut, errSecParam)
        setError(errorOut, error)
        return nil
    }

    return executeTransform(transform, input: input, statusOut: statusOut, errorOut: errorOut)
}