security_framework/
lib.rs

1#![cfg(any(target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "watchos", target_os = "visionos"))]
2
3//! Wrappers around the OSX Security Framework.
4#![warn(missing_docs)]
5#![allow(non_upper_case_globals)]
6#![allow(clippy::manual_non_exhaustive)] // MSRV
7#![allow(clippy::bad_bit_mask)] // bitflags
8
9use core_foundation_sys::base::OSStatus;
10use security_framework_sys::base::errSecSuccess;
11
12use crate::base::{Error, Result};
13#[cfg(target_os = "macos")]
14use crate::os::macos::access::SecAccess;
15#[cfg(target_os = "macos")]
16use crate::os::macos::keychain::SecKeychain;
17
18#[cfg(test)]
19macro_rules! p {
20    ($e:expr) => {
21        match $e {
22            Ok(s) => s,
23            Err(e) => panic!("{:?}", e),
24        }
25    };
26}
27
28#[cfg(all(not(feature = "OSX_10_13"), any(feature = "alpn", feature = "session-tickets")))]
29#[macro_use]
30mod dlsym;
31
32pub mod access_control;
33#[cfg(target_os = "macos")]
34pub mod authorization;
35pub mod base;
36pub mod certificate;
37pub mod cipher_suite;
38#[cfg(target_os = "macos")]
39pub mod cms;
40pub mod identity;
41pub mod import_export;
42pub mod item;
43pub mod key;
44pub mod os;
45pub mod passwords;
46#[doc(hidden)]
47pub mod passwords_options;
48pub mod policy;
49pub mod random;
50pub mod secure_transport;
51pub mod trust;
52#[cfg(target_os = "macos")]
53pub mod trust_settings;
54
55#[cfg(target_os = "macos")]
56trait Pkcs12ImportOptionsInternals {
57    fn keychain(&mut self, keychain: SecKeychain) -> &mut Self;
58    fn access(&mut self, access: SecAccess) -> &mut Self;
59}
60
61#[cfg(target_os = "macos")]
62trait ItemSearchOptionsInternals {
63    fn keychains(&mut self, keychains: &[SecKeychain]) -> &mut Self;
64}
65
66trait AsInner {
67    type Inner;
68    fn as_inner(&self) -> Self::Inner;
69}
70
71#[inline(always)]
72fn cvt(err: OSStatus) -> Result<()> {
73    match err {
74        errSecSuccess => Ok(()),
75        err => Err(Error::from_code(err)),
76    }
77}
78
79#[cfg(test)]
80mod test {
81    use crate::certificate::SecCertificate;
82
83    pub fn certificate() -> SecCertificate {
84        let certificate = include_bytes!("../test/server.der");
85        p!(SecCertificate::from_der(certificate))
86    }
87}