1*6777b538SAndroid Build Coastguard Worker// Copyright 2024 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker// Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker// found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker#import <CryptoTokenKit/CryptoTokenKit.h> 6*6777b538SAndroid Build Coastguard Worker#import <Foundation/Foundation.h> 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Worker#include "crypto/apple_keychain_v2.h" 9*6777b538SAndroid Build Coastguard Worker#include "base/apple/foundation_util.h" 10*6777b538SAndroid Build Coastguard Worker#include "base/apple/scoped_cftyperef.h" 11*6777b538SAndroid Build Coastguard Worker#include "base/no_destructor.h" 12*6777b538SAndroid Build Coastguard Worker 13*6777b538SAndroid Build Coastguard Workernamespace crypto { 14*6777b538SAndroid Build Coastguard Worker 15*6777b538SAndroid Build Coastguard Workerstatic AppleKeychainV2* g_keychain_instance_override = nullptr; 16*6777b538SAndroid Build Coastguard Worker 17*6777b538SAndroid Build Coastguard Worker// static 18*6777b538SAndroid Build Coastguard WorkerAppleKeychainV2& AppleKeychainV2::GetInstance() { 19*6777b538SAndroid Build Coastguard Worker if (g_keychain_instance_override) { 20*6777b538SAndroid Build Coastguard Worker return *g_keychain_instance_override; 21*6777b538SAndroid Build Coastguard Worker } 22*6777b538SAndroid Build Coastguard Worker static base::NoDestructor<AppleKeychainV2> k; 23*6777b538SAndroid Build Coastguard Worker return *k; 24*6777b538SAndroid Build Coastguard Worker} 25*6777b538SAndroid Build Coastguard Worker 26*6777b538SAndroid Build Coastguard Worker// static 27*6777b538SAndroid Build Coastguard Workervoid AppleKeychainV2::SetInstanceOverride(AppleKeychainV2* AppleKeychainV2) { 28*6777b538SAndroid Build Coastguard Worker CHECK(!g_keychain_instance_override); 29*6777b538SAndroid Build Coastguard Worker g_keychain_instance_override = AppleKeychainV2; 30*6777b538SAndroid Build Coastguard Worker} 31*6777b538SAndroid Build Coastguard Worker 32*6777b538SAndroid Build Coastguard Worker// static 33*6777b538SAndroid Build Coastguard Workervoid AppleKeychainV2::ClearInstanceOverride() { 34*6777b538SAndroid Build Coastguard Worker CHECK(g_keychain_instance_override); 35*6777b538SAndroid Build Coastguard Worker g_keychain_instance_override = nullptr; 36*6777b538SAndroid Build Coastguard Worker} 37*6777b538SAndroid Build Coastguard Worker 38*6777b538SAndroid Build Coastguard WorkerAppleKeychainV2::AppleKeychainV2() = default; 39*6777b538SAndroid Build Coastguard WorkerAppleKeychainV2::~AppleKeychainV2() = default; 40*6777b538SAndroid Build Coastguard Worker 41*6777b538SAndroid Build Coastguard WorkerNSArray* AppleKeychainV2::GetTokenIDs() { 42*6777b538SAndroid Build Coastguard Worker return [[TKTokenWatcher alloc] init].tokenIDs; 43*6777b538SAndroid Build Coastguard Worker} 44*6777b538SAndroid Build Coastguard Worker 45*6777b538SAndroid Build Coastguard Workerbase::apple::ScopedCFTypeRef<SecKeyRef> AppleKeychainV2::KeyCreateRandomKey( 46*6777b538SAndroid Build Coastguard Worker CFDictionaryRef params, 47*6777b538SAndroid Build Coastguard Worker CFErrorRef* error) { 48*6777b538SAndroid Build Coastguard Worker return base::apple::ScopedCFTypeRef<SecKeyRef>( 49*6777b538SAndroid Build Coastguard Worker SecKeyCreateRandomKey(params, error)); 50*6777b538SAndroid Build Coastguard Worker} 51*6777b538SAndroid Build Coastguard Worker 52*6777b538SAndroid Build Coastguard Workerbase::apple::ScopedCFTypeRef<CFDataRef> AppleKeychainV2::KeyCreateSignature( 53*6777b538SAndroid Build Coastguard Worker SecKeyRef key, 54*6777b538SAndroid Build Coastguard Worker SecKeyAlgorithm algorithm, 55*6777b538SAndroid Build Coastguard Worker CFDataRef data, 56*6777b538SAndroid Build Coastguard Worker CFErrorRef* error) { 57*6777b538SAndroid Build Coastguard Worker return base::apple::ScopedCFTypeRef<CFDataRef>( 58*6777b538SAndroid Build Coastguard Worker SecKeyCreateSignature(key, algorithm, data, error)); 59*6777b538SAndroid Build Coastguard Worker} 60*6777b538SAndroid Build Coastguard Worker 61*6777b538SAndroid Build Coastguard Workerbase::apple::ScopedCFTypeRef<SecKeyRef> AppleKeychainV2::KeyCopyPublicKey( 62*6777b538SAndroid Build Coastguard Worker SecKeyRef key) { 63*6777b538SAndroid Build Coastguard Worker return base::apple::ScopedCFTypeRef<SecKeyRef>(SecKeyCopyPublicKey(key)); 64*6777b538SAndroid Build Coastguard Worker} 65*6777b538SAndroid Build Coastguard Worker 66*6777b538SAndroid Build Coastguard Workerbase::apple::ScopedCFTypeRef<CFDataRef> 67*6777b538SAndroid Build Coastguard WorkerAppleKeychainV2::KeyCopyExternalRepresentation(SecKeyRef key, 68*6777b538SAndroid Build Coastguard Worker CFErrorRef* error) { 69*6777b538SAndroid Build Coastguard Worker return base::apple::ScopedCFTypeRef<CFDataRef>( 70*6777b538SAndroid Build Coastguard Worker SecKeyCopyExternalRepresentation(key, error)); 71*6777b538SAndroid Build Coastguard Worker} 72*6777b538SAndroid Build Coastguard Worker 73*6777b538SAndroid Build Coastguard Workerbase::apple::ScopedCFTypeRef<CFDictionaryRef> 74*6777b538SAndroid Build Coastguard WorkerAppleKeychainV2::KeyCopyAttributes(SecKeyRef key) { 75*6777b538SAndroid Build Coastguard Worker return base::apple::ScopedCFTypeRef<CFDictionaryRef>( 76*6777b538SAndroid Build Coastguard Worker SecKeyCopyAttributes(key)); 77*6777b538SAndroid Build Coastguard Worker} 78*6777b538SAndroid Build Coastguard Worker 79*6777b538SAndroid Build Coastguard WorkerOSStatus AppleKeychainV2::ItemCopyMatching( 80*6777b538SAndroid Build Coastguard Worker CFDictionaryRef query, CFTypeRef* result) { 81*6777b538SAndroid Build Coastguard Worker return SecItemCopyMatching(query, result); 82*6777b538SAndroid Build Coastguard Worker} 83*6777b538SAndroid Build Coastguard Worker 84*6777b538SAndroid Build Coastguard WorkerOSStatus AppleKeychainV2::ItemDelete(CFDictionaryRef query) { 85*6777b538SAndroid Build Coastguard Worker return SecItemDelete(query); 86*6777b538SAndroid Build Coastguard Worker} 87*6777b538SAndroid Build Coastguard Worker 88*6777b538SAndroid Build Coastguard WorkerOSStatus AppleKeychainV2::ItemUpdate(CFDictionaryRef query, 89*6777b538SAndroid Build Coastguard Worker CFDictionaryRef keychain_data) { 90*6777b538SAndroid Build Coastguard Worker return SecItemUpdate(query, keychain_data); 91*6777b538SAndroid Build Coastguard Worker} 92*6777b538SAndroid Build Coastguard Worker 93*6777b538SAndroid Build Coastguard Worker#if !BUILDFLAG(IS_IOS) 94*6777b538SAndroid Build Coastguard Workerbase::apple::ScopedCFTypeRef<CFTypeRef> 95*6777b538SAndroid Build Coastguard WorkerAppleKeychainV2::TaskCopyValueForEntitlement(SecTaskRef task, 96*6777b538SAndroid Build Coastguard Worker CFStringRef entitlement, 97*6777b538SAndroid Build Coastguard Worker CFErrorRef* error) { 98*6777b538SAndroid Build Coastguard Worker return base::apple::ScopedCFTypeRef<CFTypeRef>( 99*6777b538SAndroid Build Coastguard Worker SecTaskCopyValueForEntitlement(task, entitlement, error)); 100*6777b538SAndroid Build Coastguard Worker} 101*6777b538SAndroid Build Coastguard Worker#endif // !BUILDFLAG(IS_IOS) 102*6777b538SAndroid Build Coastguard Worker 103*6777b538SAndroid Build Coastguard WorkerBOOL AppleKeychainV2::LAContextCanEvaluatePolicy(LAPolicy policy, 104*6777b538SAndroid Build Coastguard Worker NSError** error) { 105*6777b538SAndroid Build Coastguard Worker LAContext* context = [[LAContext alloc] init]; 106*6777b538SAndroid Build Coastguard Worker return [context canEvaluatePolicy:policy error:error]; 107*6777b538SAndroid Build Coastguard Worker} 108*6777b538SAndroid Build Coastguard Worker 109*6777b538SAndroid Build Coastguard Worker} // namespace crypto 110