1*6777b538SAndroid Build Coastguard Worker // Copyright 2024 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker #ifndef CRYPTO_FAKE_APPLE_KEYCHAIN_V2_H_ 6*6777b538SAndroid Build Coastguard Worker #define CRYPTO_FAKE_APPLE_KEYCHAIN_V2_H_ 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Worker #import <Foundation/Foundation.h> 9*6777b538SAndroid Build Coastguard Worker 10*6777b538SAndroid Build Coastguard Worker #include <string> 11*6777b538SAndroid Build Coastguard Worker #include <vector> 12*6777b538SAndroid Build Coastguard Worker 13*6777b538SAndroid Build Coastguard Worker #include "base/apple/scoped_cftyperef.h" 14*6777b538SAndroid Build Coastguard Worker #include "crypto/apple_keychain_v2.h" 15*6777b538SAndroid Build Coastguard Worker #include "crypto/crypto_export.h" 16*6777b538SAndroid Build Coastguard Worker #include "crypto/scoped_fake_apple_keychain_v2.h" 17*6777b538SAndroid Build Coastguard Worker 18*6777b538SAndroid Build Coastguard Worker namespace crypto { 19*6777b538SAndroid Build Coastguard Worker 20*6777b538SAndroid Build Coastguard Worker // FakeAppleKeychainV2 is an implementation of AppleKeychainV2 for testing. It 21*6777b538SAndroid Build Coastguard Worker // works around behavior that can't be relied on in tests, such as writing to 22*6777b538SAndroid Build Coastguard Worker // the actual Keychain or using functionality that requires code-signed, 23*6777b538SAndroid Build Coastguard Worker // entitled builds. 24*6777b538SAndroid Build Coastguard Worker class CRYPTO_EXPORT FakeAppleKeychainV2 : public AppleKeychainV2 { 25*6777b538SAndroid Build Coastguard Worker public: 26*6777b538SAndroid Build Coastguard Worker using UVMethod = ScopedFakeAppleKeychainV2::UVMethod; 27*6777b538SAndroid Build Coastguard Worker 28*6777b538SAndroid Build Coastguard Worker explicit FakeAppleKeychainV2(const std::string& keychain_access_group); 29*6777b538SAndroid Build Coastguard Worker FakeAppleKeychainV2(const FakeAppleKeychainV2&) = delete; 30*6777b538SAndroid Build Coastguard Worker FakeAppleKeychainV2& operator=(const FakeAppleKeychainV2&) = delete; 31*6777b538SAndroid Build Coastguard Worker ~FakeAppleKeychainV2() override; 32*6777b538SAndroid Build Coastguard Worker items()33*6777b538SAndroid Build Coastguard Worker const std::vector<base::apple::ScopedCFTypeRef<CFDictionaryRef>>& items() { 34*6777b538SAndroid Build Coastguard Worker return items_; 35*6777b538SAndroid Build Coastguard Worker } 36*6777b538SAndroid Build Coastguard Worker set_secure_enclave_available(bool is_secure_enclave_available)37*6777b538SAndroid Build Coastguard Worker void set_secure_enclave_available(bool is_secure_enclave_available) { 38*6777b538SAndroid Build Coastguard Worker is_secure_enclave_available_ = is_secure_enclave_available; 39*6777b538SAndroid Build Coastguard Worker } 40*6777b538SAndroid Build Coastguard Worker set_uv_method(UVMethod uv_method)41*6777b538SAndroid Build Coastguard Worker void set_uv_method(UVMethod uv_method) { uv_method_ = uv_method; } 42*6777b538SAndroid Build Coastguard Worker 43*6777b538SAndroid Build Coastguard Worker // AppleKeychainV2: 44*6777b538SAndroid Build Coastguard Worker NSArray* GetTokenIDs() override; 45*6777b538SAndroid Build Coastguard Worker base::apple::ScopedCFTypeRef<SecKeyRef> KeyCreateRandomKey( 46*6777b538SAndroid Build Coastguard Worker CFDictionaryRef params, 47*6777b538SAndroid Build Coastguard Worker CFErrorRef* error) override; 48*6777b538SAndroid Build Coastguard Worker base::apple::ScopedCFTypeRef<CFDictionaryRef> KeyCopyAttributes( 49*6777b538SAndroid Build Coastguard Worker SecKeyRef key) override; 50*6777b538SAndroid Build Coastguard Worker OSStatus ItemCopyMatching(CFDictionaryRef query, CFTypeRef* result) override; 51*6777b538SAndroid Build Coastguard Worker OSStatus ItemDelete(CFDictionaryRef query) override; 52*6777b538SAndroid Build Coastguard Worker OSStatus ItemUpdate(CFDictionaryRef query, 53*6777b538SAndroid Build Coastguard Worker CFDictionaryRef keychain_data) override; 54*6777b538SAndroid Build Coastguard Worker #if !BUILDFLAG(IS_IOS) 55*6777b538SAndroid Build Coastguard Worker base::apple::ScopedCFTypeRef<CFTypeRef> TaskCopyValueForEntitlement( 56*6777b538SAndroid Build Coastguard Worker SecTaskRef task, 57*6777b538SAndroid Build Coastguard Worker CFStringRef entitlement, 58*6777b538SAndroid Build Coastguard Worker CFErrorRef* error) override; 59*6777b538SAndroid Build Coastguard Worker #endif // !BUILDFLAG(IS_IOS) 60*6777b538SAndroid Build Coastguard Worker BOOL LAContextCanEvaluatePolicy(LAPolicy policy, 61*6777b538SAndroid Build Coastguard Worker NSError* __autoreleasing* error) override; 62*6777b538SAndroid Build Coastguard Worker 63*6777b538SAndroid Build Coastguard Worker private: 64*6777b538SAndroid Build Coastguard Worker bool is_secure_enclave_available_ = true; 65*6777b538SAndroid Build Coastguard Worker 66*6777b538SAndroid Build Coastguard Worker UVMethod uv_method_ = UVMethod::kBiometrics; 67*6777b538SAndroid Build Coastguard Worker 68*6777b538SAndroid Build Coastguard Worker // items_ contains the keychain items created by `KeyCreateRandomKey`. 69*6777b538SAndroid Build Coastguard Worker std::vector<base::apple::ScopedCFTypeRef<CFDictionaryRef>> items_; 70*6777b538SAndroid Build Coastguard Worker // keychain_access_group_ is the value of `kSecAttrAccessGroup` that this 71*6777b538SAndroid Build Coastguard Worker // keychain expects to operate on. 72*6777b538SAndroid Build Coastguard Worker base::apple::ScopedCFTypeRef<CFStringRef> keychain_access_group_; 73*6777b538SAndroid Build Coastguard Worker }; 74*6777b538SAndroid Build Coastguard Worker 75*6777b538SAndroid Build Coastguard Worker } // namespace crypto 76*6777b538SAndroid Build Coastguard Worker 77*6777b538SAndroid Build Coastguard Worker #endif // CRYPTO_FAKE_APPLE_KEYCHAIN_V2_H_ 78