1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/apple_keychain.h"
7 #include "base/memory/raw_ptr.h"
8 #include "base/synchronization/lock.h"
9 #include "crypto/mac_security_services_lock.h"
13 // Supports the pattern where a function F(T* out) allows |out| to be nullptr
14 // but its implementation requires a T variable even in the absence of |out|.
15 // Such a function can maintain a local OptionalOutParameter<T> to provide the
16 // internal T value, assigning its value to *out on destruction if possible.
18 class OptionalOutParameter {
20 OptionalOutParameter(const OptionalOutParameter&) = delete;
21 OptionalOutParameter& operator=(const OptionalOutParameter&) = delete;
23 OptionalOutParameter(T* out, T value = T()) : out_(out), value_(value) {}
25 ~OptionalOutParameter() {
31 OptionalOutParameter& operator=(T value) {
35 operator T() const { return value_; }
38 const raw_ptr<T> out_;
44 // Much of the Keychain API was marked deprecated as of the macOS 13 SDK.
45 // Removal of its use is tracked in https://crbug.com/1348251 but deprecation
46 // warnings are disabled in the meanwhile.
47 #pragma clang diagnostic push
48 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
52 AppleKeychain::AppleKeychain() = default;
54 AppleKeychain::~AppleKeychain() = default;
56 OSStatus AppleKeychain::FindGenericPassword(
57 UInt32 service_name_length,
58 const char* service_name,
59 UInt32 account_name_length,
60 const char* account_name,
61 UInt32* password_length,
63 AppleSecKeychainItemRef* item) const {
64 base::AutoLock lock(GetMacSecurityServicesLock());
65 return SecKeychainFindGenericPassword(
66 nullptr, service_name_length, service_name, account_name_length,
67 account_name, password_length, password_data, item);
70 OSStatus AppleKeychain::ItemFreeContent(void* data) const {
71 base::AutoLock lock(GetMacSecurityServicesLock());
72 return SecKeychainItemFreeContent(nullptr, data);
75 OSStatus AppleKeychain::AddGenericPassword(
76 UInt32 service_name_length,
77 const char* service_name,
78 UInt32 account_name_length,
79 const char* account_name,
80 UInt32 password_length,
81 const void* password_data,
82 AppleSecKeychainItemRef* item) const {
83 base::AutoLock lock(GetMacSecurityServicesLock());
84 return SecKeychainAddGenericPassword(
85 nullptr, service_name_length, service_name, account_name_length,
86 account_name, password_length, password_data, item);
89 OSStatus AppleKeychain::ItemDelete(AppleSecKeychainItemRef item) const {
90 base::AutoLock lock(GetMacSecurityServicesLock());
91 return SecKeychainItemDelete(item);
94 ScopedKeychainUserInteractionAllowed::ScopedKeychainUserInteractionAllowed(
98 OptionalOutParameter<OSStatus> local_status(
99 status, SecKeychainGetUserInteractionAllowed(&was_allowed));
100 if (local_status != noErr) {
104 local_status = SecKeychainSetUserInteractionAllowed(allowed);
105 if (local_status != noErr) {
109 was_allowed_ = was_allowed;
112 ScopedKeychainUserInteractionAllowed::~ScopedKeychainUserInteractionAllowed() {
114 SecKeychainSetUserInteractionAllowed(*was_allowed_);
118 #pragma clang diagnostic pop
120 } // namespace crypto