keychain-commit Mailing List for Keychain Framework (Page 2)
Status: Abandoned
Brought to you by:
wadetregaskis
Menu
▾
▴
keychain-commit — SVN commit notices
You can subscribe to this list here.
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(65) |
Nov
|
Dec
(15) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2008 |
Jan
(2) |
Feb
|
Mar
(5) |
Apr
|
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2009 |
Jan
(7) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <wad...@us...> - 2007-12-09 21:56:43
|
Revision: 439
http://keychain.svn.sourceforge.net/keychain/?rev=439&view=rev
Author: wadetregaskis
Date: 2007-12-09 13:56:48 -0800 (Sun, 09 Dec 2007)
Log Message:
-----------
* Renamed setIsValid: to setPasswordIsValid:.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-12-09 21:40:09 UTC (rev 438)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-12-09 21:56:48 UTC (rev 439)
@@ -387,7 +387,7 @@
- (void)setIsVisible:(BOOL)visible;
-/*! @method setIsValid:
+/*! @method setPasswordIsValid:
@abstract Sets whether or not the receiver's data is valid.
@discussion You may wish to add an entry to a keychain which is not actually valid, as a way of saying that you do not want to remember the real data for that item. For example, if your application has the option to add passwords to the keychain when you first enter them, if the user decides not to do so you could add a placeholder item (with an empty password) and mark it invalid. Then when your application, in future, searches for the password it will find the invalid item and know that it must prompt the user, and shouldn't try to store the password.
@@ -400,7 +400,7 @@
The default value, for new KeychainItems, is YES.
@param valid Whether or not the receiver's content (@link data data@/link) is valid. */
-- (void)setIsValid:(BOOL)valid;
+- (void)setPasswordIsValid:(BOOL)valid;
/*! @method setHasCustomIcon:
@abstract Sets whether or not the receiver has a custom icon.
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-12-09 21:40:09 UTC (rev 438)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-12-09 21:56:48 UTC (rev 439)
@@ -158,8 +158,8 @@
}
- (void)setData:(NSData*)data {
- uint32_t dataLength = [data length];
- const void *dataBytes = [data bytes];
+ uint32_t dataLength = ((nil != data) ? [data length] : 0);
+ const void *dataBytes = ((nil != data) ? [data bytes] : "");
_error = SecKeychainItemModifyContent(_keychainItem, NULL, dataLength, dataBytes);
@@ -174,22 +174,22 @@
}
- (NSData*)data {
- UInt32 length;
- char *result;
- NSData *res = nil;
-
- _error = SecKeychainItemCopyContent(_keychainItem, NULL, NULL, &length, (void**)&result);
+ NSData *res = nil;
+ UInt32 length;
+ char *result;
+
+ _error = SecKeychainItemCopyContent(_keychainItem, NULL, NULL, &length, (void**)&result);
+
+ if (noErr == _error) {
+ res = [NSData dataWithBytes:result length:length];
- if (noErr == _error) {
- res = [NSData dataWithBytes:result length:length];
+ OSStatus _freeError = SecKeychainItemFreeContent(NULL, result);
- OSStatus _freeError = SecKeychainItemFreeContent(NULL, result);
-
- if (noErr != _freeError) {
+ if (noErr != _freeError) {
PSYSLOGND(LOG_WARNING, @"Unable to free temporary buffer of KeychainItem data - error %@.\n", OSStatusAsString(_freeError));
PDEBUG(@"SecKeychainItemFreeContent(NULL, %p) returned error %@.\n", result, OSStatusAsString(_freeError));
- }
- } else {
+ }
+ } else {
PSYSLOGND(LOG_ERR, @"Unable to get KeychainItem data - error %@.\n", OSStatusAsString(_error));
PDEBUG(@"SecKeychainItemCopyContent(%p, NULL, NULL, %p [%lu], %p [%p]) returned error %@.\n", _keychainItem, &length, length, &result, result, OSStatusAsString(_error));
}
@@ -393,7 +393,7 @@
}
}
-- (void)setIsValid:(BOOL)valid {
+- (void)setPasswordIsValid:(BOOL)valid {
if (![self _setAttribute:kSecNegativeItemAttr boolValue:!valid]) {
PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's validity - error %@.\n", self, OSStatusAsString(_error));
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-12-09 21:40:04
|
Revision: 438
http://keychain.svn.sourceforge.net/keychain/?rev=438&view=rev
Author: wadetregaskis
Date: 2007-12-09 13:40:09 -0800 (Sun, 09 Dec 2007)
Log Message:
-----------
* NSStringFromNSData() now handles NSDatas with NULL contents correctly (returns an empty string), instead of creating a broken NSString instance.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Utilities/UtilitySupport.m
Modified: trunk/Frameworks/Keychain/Utilities/UtilitySupport.m
===================================================================
--- trunk/Frameworks/Keychain/Utilities/UtilitySupport.m 2007-12-02 23:29:16 UTC (rev 437)
+++ trunk/Frameworks/Keychain/Utilities/UtilitySupport.m 2007-12-09 21:40:09 UTC (rev 438)
@@ -237,15 +237,21 @@
// We use the following instead of the simple, single line above for one very good reason: the line above will fail for some data's that contain random bytes after the NULL terminator. So, to get around this somewhat odd behaviour of NSString, we go through an explicitly define the length of the string based on the position of the delimiter.
const char *bytes = [data bytes];
- unsigned int bytesLength = strlen(bytes);
- NSString *result = [[NSString alloc] initWithBytes:bytes length:bytesLength encoding:NSUTF8StringEncoding];
-
- if (nil == result) {
- PSYSLOG(LOG_ERR, @"Cannot interpret the data \"%@\" in UTF-8 encoding.", data);
- return nil;
+ if (NULL == bytes) {
+ // It's possible to create an NSData which is 'valid', but has NULL for its "bytes". We equate this to an empty string.
+ return @"";
} else {
- return [result autorelease];
+ unsigned int bytesLength = strlen(bytes);
+
+ NSString *result = [[NSString alloc] initWithBytes:bytes length:bytesLength encoding:NSUTF8StringEncoding];
+
+ if (nil == result) {
+ PSYSLOG(LOG_ERR, @"Cannot interpret the data \"%@\" in UTF-8 encoding.", data);
+ return nil;
+ } else {
+ return [result autorelease];
+ }
}
} else {
PDEBUG(@"Invalid parameter - 'data' is nil.");
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-12-02 23:29:11
|
Revision: 437
http://keychain.svn.sourceforge.net/keychain/?rev=437&view=rev
Author: wadetregaskis
Date: 2007-12-02 15:29:16 -0800 (Sun, 02 Dec 2007)
Log Message:
-----------
* Fixed +[KeychainItem nameOfGetterForAttribute:] to return the proper names (case sensitivity issue) for the AppleShare attributes.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-12-02 23:28:23 UTC (rev 436)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-12-02 23:29:16 UTC (rev 437)
@@ -55,9 +55,9 @@
case kSecPathItemAttr:
return @"path";
case kSecVolumeItemAttr:
- return @"AppleShareVolume";
+ return @"appleShareVolume";
case kSecAddressItemAttr:
- return @"AppleShareAddress";
+ return @"appleShareAddress";
//case kSecScriptCodeItemAttr:
// TODO; WTF is this?
case kSecInvisibleItemAttr:
@@ -73,7 +73,7 @@
case kSecPortItemAttr:
return @"port";
case kSecSignatureItemAttr:
- return @"AppleShareSignature";
+ return @"appleShareSignature";
case kSecProtocolItemAttr:
return @"protocol";
case kSecCertificateType:
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-12-02 23:28:18
|
Revision: 436
http://keychain.svn.sourceforge.net/keychain/?rev=436&view=rev
Author: wadetregaskis
Date: 2007-12-02 15:28:23 -0800 (Sun, 02 Dec 2007)
Log Message:
-----------
* Updated test_keychainSearchByCreator & test_keychainSearchByType to use the 'AsString' versions of their respective getters.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainSearchTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainSearchTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainSearchTester.m 2007-12-02 23:05:40 UTC (rev 435)
+++ trunk/Frameworks/Keychain/Testers/KeychainSearchTester.m 2007-12-02 23:28:23 UTC (rev 436)
@@ -233,11 +233,11 @@
}
void test_keychainSearchByCreator(BOOL exhaustive) {
- template_searchByAttributeWithObjectValue(@"creator", @selector(creator), @selector(setCreator:), exhaustive);
+ template_searchByAttributeWithObjectValue(@"creatorAsString", @selector(creatorAsString), @selector(setCreator:), exhaustive);
}
void test_keychainSearchByType(BOOL exhaustive) {
- template_searchByAttributeWithObjectValue(@"type", @selector(type), @selector(setType:), exhaustive);
+ template_searchByAttributeWithObjectValue(@"typeAsString", @selector(typeAsString), @selector(setType:), exhaustive);
}
void test_keychainSearchByLabel(BOOL exhaustive) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-12-02 23:05:35
|
Revision: 435
http://keychain.svn.sourceforge.net/keychain/?rev=435&view=rev
Author: wadetregaskis
Date: 2007-12-02 15:05:40 -0800 (Sun, 02 Dec 2007)
Log Message:
-----------
* Added 'External Format Constants.strings', 'External Format Names.strings', 'External Item Type Constants.strings' and 'External Item Type Names.strings' to the project file (whoops; should have done this when I added them to svn originally).
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain.xcodeproj/project.pbxproj
Modified: trunk/Frameworks/Keychain/Keychain.xcodeproj/project.pbxproj
===================================================================
--- trunk/Frameworks/Keychain/Keychain.xcodeproj/project.pbxproj 2007-10-28 21:30:12 UTC (rev 434)
+++ trunk/Frameworks/Keychain/Keychain.xcodeproj/project.pbxproj 2007-12-02 23:05:40 UTC (rev 435)
@@ -36,6 +36,10 @@
751166810CA6012400A619CF /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = F566C81003E0D92B015C51F3 /* Security.framework */; };
7540B3ED0999D1C000469F46 /* Keychain.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 75A0750209438F8E008B9D9E /* Keychain.framework */; };
7540B3FE0999D1D600469F46 /* SKeyPlusTester.m in Sources */ = {isa = PBXBuildFile; fileRef = 7540B3FD0999D1D600469F46 /* SKeyPlusTester.m */; };
+ 7554346E0D037157003D0C29 /* External Item Type Names.strings in Resources */ = {isa = PBXBuildFile; fileRef = 755434660D037157003D0C29 /* External Item Type Names.strings */; };
+ 7554346F0D037157003D0C29 /* External Item Type Constants.strings in Resources */ = {isa = PBXBuildFile; fileRef = 755434680D037157003D0C29 /* External Item Type Constants.strings */; };
+ 755434700D037157003D0C29 /* External Format Names.strings in Resources */ = {isa = PBXBuildFile; fileRef = 7554346A0D037157003D0C29 /* External Format Names.strings */; };
+ 755434710D037157003D0C29 /* External Format Constants.strings in Resources */ = {isa = PBXBuildFile; fileRef = 7554346C0D037157003D0C29 /* External Format Constants.strings */; };
7556131A0A2090B5003428C2 /* Keychain.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 75A0750209438F8E008B9D9E /* Keychain.framework */; };
755613250A209100003428C2 /* CryptographicTester.m in Sources */ = {isa = PBXBuildFile; fileRef = 755613240A209100003428C2 /* CryptographicTester.m */; };
755613260A20910C003428C2 /* CertificateGenerationTester.m in Sources */ = {isa = PBXBuildFile; fileRef = 7594D49C0A20467E0090E497 /* CertificateGenerationTester.m */; };
@@ -212,23 +216,6 @@
75D25AA70CC1643600C8B443 /* Authorization Tag Names.strings in Resources */ = {isa = PBXBuildFile; fileRef = 75D25AA40CC1643600C8B443 /* Authorization Tag Names.strings */; };
/* End PBXBuildFile section */
-/* Begin PBXBuildStyle section */
- 75AB343A0C83D3A30070BBE2 /* Development */ = {
- isa = PBXBuildStyle;
- buildSettings = {
- COPY_PHASE_STRIP = NO;
- };
- name = Development;
- };
- 75AB343B0C83D3A30070BBE2 /* Deployment */ = {
- isa = PBXBuildStyle;
- buildSettings = {
- COPY_PHASE_STRIP = YES;
- };
- name = Deployment;
- };
-/* End PBXBuildStyle section */
-
/* Begin PBXContainerItemProxy section */
7506C03F0A3DB5EA000DB6BD /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
@@ -395,6 +382,10 @@
753F8AB80841F08F0060298F /* OutputStreamsTester.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = OutputStreamsTester.m; path = Testers/OutputStreamsTester.m; sourceTree = "<group>"; };
7540B3F20999D1C000469F46 /* SKeyPlusTester */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = SKeyPlusTester; sourceTree = BUILT_PRODUCTS_DIR; };
7540B3FD0999D1D600469F46 /* SKeyPlusTester.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = SKeyPlusTester.m; path = Testers/SKeyPlusTester.m; sourceTree = "<group>"; };
+ 755434670D037157003D0C29 /* English */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.strings; name = English; path = "English.lproj/External Item Type Names.strings"; sourceTree = "<group>"; };
+ 755434690D037157003D0C29 /* English */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.strings; name = English; path = "English.lproj/External Item Type Constants.strings"; sourceTree = "<group>"; };
+ 7554346B0D037157003D0C29 /* English */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.strings; name = English; path = "English.lproj/External Format Names.strings"; sourceTree = "<group>"; };
+ 7554346D0D037157003D0C29 /* English */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.strings; name = English; path = "English.lproj/External Format Constants.strings"; sourceTree = "<group>"; };
7556131F0A2090B5003428C2 /* CryptographyTester */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = CryptographyTester; sourceTree = BUILT_PRODUCTS_DIR; };
755613240A209100003428C2 /* CryptographicTester.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = CryptographicTester.m; path = Testers/CryptographicTester.m; sourceTree = "<group>"; };
7563708D08444F4F00F9E7D7 /* StringsTester.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = StringsTester.m; path = Testers/StringsTester.m; sourceTree = "<group>"; };
@@ -875,6 +866,10 @@
757A985A0CB98BF300513299 /* CSSM Error Names.strings */,
757A985C0CB98BF300513299 /* Extension Format Constants.strings */,
757A985E0CB98BF300513299 /* Extension Format Names.strings */,
+ 755434660D037157003D0C29 /* External Item Type Names.strings */,
+ 755434680D037157003D0C29 /* External Item Type Constants.strings */,
+ 7554346A0D037157003D0C29 /* External Format Names.strings */,
+ 7554346C0D037157003D0C29 /* External Format Constants.strings */,
757A98600CB98BF300513299 /* GUID Names.strings */,
757A98620CB98BF300513299 /* InfoPlist.strings */,
757A98640CB98BF300513299 /* Key Attribute Constants.strings */,
@@ -1230,16 +1225,12 @@
0867D690FE84028FC02AAC07 /* Project object */ = {
isa = PBXProject;
buildConfigurationList = 7528103408569F6900FEFBDC /* Build configuration list for PBXProject "Keychain" */;
- buildSettings = {
- };
- buildStyles = (
- 75AB343A0C83D3A30070BBE2 /* Development */,
- 75AB343B0C83D3A30070BBE2 /* Deployment */,
- );
+ compatibilityVersion = "Xcode 2.4";
hasScannedForEncodings = 1;
mainGroup = 0867D691FE84028FC02AAC07 /* Keychain */;
productRefGroup = 034768DFFF38A50411DB9C8B /* Products */;
projectDirPath = "";
+ projectRoot = "";
targets = (
75A0764A0943BA09008B9D9E /* World */,
75A0749209438F8E008B9D9E /* Keychain */,
@@ -1310,6 +1301,10 @@
757A98FA0CB98BF300513299 /* Protocol Type Constants.strings in Resources */,
757A98FB0CB98BF300513299 /* Protocol Type Long Names.strings in Resources */,
757A98FC0CB98BF300513299 /* Protocol Type Short Names.strings in Resources */,
+ 7554346E0D037157003D0C29 /* External Item Type Names.strings in Resources */,
+ 7554346F0D037157003D0C29 /* External Item Type Constants.strings in Resources */,
+ 755434700D037157003D0C29 /* External Format Names.strings in Resources */,
+ 755434710D037157003D0C29 /* External Format Constants.strings in Resources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -1577,6 +1572,38 @@
/* End PBXTargetDependency section */
/* Begin PBXVariantGroup section */
+ 755434660D037157003D0C29 /* External Item Type Names.strings */ = {
+ isa = PBXVariantGroup;
+ children = (
+ 755434670D037157003D0C29 /* English */,
+ );
+ name = "External Item Type Names.strings";
+ sourceTree = "<group>";
+ };
+ 755434680D037157003D0C29 /* External Item Type Constants.strings */ = {
+ isa = PBXVariantGroup;
+ children = (
+ 755434690D037157003D0C29 /* English */,
+ );
+ name = "External Item Type Constants.strings";
+ sourceTree = "<group>";
+ };
+ 7554346A0D037157003D0C29 /* External Format Names.strings */ = {
+ isa = PBXVariantGroup;
+ children = (
+ 7554346B0D037157003D0C29 /* English */,
+ );
+ name = "External Format Names.strings";
+ sourceTree = "<group>";
+ };
+ 7554346C0D037157003D0C29 /* External Format Constants.strings */ = {
+ isa = PBXVariantGroup;
+ children = (
+ 7554346D0D037157003D0C29 /* English */,
+ );
+ name = "External Format Constants.strings";
+ sourceTree = "<group>";
+ };
757A98320CB98BF300513299 /* Algorithm Constants.strings */ = {
isa = PBXVariantGroup;
children = (
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 21:30:07
|
Revision: 434
http://keychain.svn.sourceforge.net/keychain/?rev=434&view=rev
Author: wadetregaskis
Date: 2007-10-28 14:30:12 -0700 (Sun, 28 Oct 2007)
Log Message:
-----------
* Updated KeychainTester.m file encoding to UTF-8.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain.xcodeproj/project.pbxproj
Modified: trunk/Frameworks/Keychain/Keychain.xcodeproj/project.pbxproj
===================================================================
--- trunk/Frameworks/Keychain/Keychain.xcodeproj/project.pbxproj 2007-10-28 21:29:14 UTC (rev 433)
+++ trunk/Frameworks/Keychain/Keychain.xcodeproj/project.pbxproj 2007-10-28 21:30:12 UTC (rev 434)
@@ -536,12 +536,12 @@
757A98A30CB98BF300513299 /* x509.m */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.objc; path = x509.m; sourceTree = "<group>"; };
757A99240CB98D1600513299 /* Documentation */ = {isa = PBXFileReference; lastKnownFileType = folder; path = Documentation; sourceTree = "<group>"; };
7588AC770CA3916D00466BEF /* KeychainTester */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = KeychainTester; sourceTree = BUILT_PRODUCTS_DIR; };
- 7588AC8A0CA391B500466BEF /* KeychainTester.m */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.objc; name = KeychainTester.m; path = Testers/KeychainTester.m; sourceTree = "<group>"; };
+ 7588AC8A0CA391B500466BEF /* KeychainTester.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = KeychainTester.m; path = Testers/KeychainTester.m; sourceTree = "<group>"; };
7588ADD40CA3A23300466BEF /* AppKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = AppKit.framework; path = /System/Library/Frameworks/AppKit.framework; sourceTree = "<absolute>"; };
7594D4910A2045E00090E497 /* CertificateGenerationTester */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = CertificateGenerationTester; sourceTree = BUILT_PRODUCTS_DIR; };
7594D49C0A20467E0090E497 /* CertificateGenerationTester.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = CertificateGenerationTester.m; path = Testers/CertificateGenerationTester.m; sourceTree = "<group>"; };
75A0750209438F8E008B9D9E /* Keychain.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Keychain.framework; sourceTree = BUILT_PRODUCTS_DIR; };
- 75A0750C09438F8E008B9D9E /* CSSMUtilsTester */ = {isa = PBXFileReference; includeInIndex = 0; lastKnownFileType = "compiled.mach-o.executable"; path = CSSMUtilsTester; sourceTree = BUILT_PRODUCTS_DIR; };
+ 75A0750C09438F8E008B9D9E /* CSSMUtilsTester */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = CSSMUtilsTester; sourceTree = BUILT_PRODUCTS_DIR; };
75A0751709438F8E008B9D9E /* NSCalendarDateAdditionsTester */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = NSCalendarDateAdditionsTester; sourceTree = BUILT_PRODUCTS_DIR; };
75A0752209438F8F008B9D9E /* OutputStreamsTester */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = OutputStreamsTester; sourceTree = BUILT_PRODUCTS_DIR; };
75A0752E09438F8F008B9D9E /* StringsTester */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = StringsTester; sourceTree = BUILT_PRODUCTS_DIR; };
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 21:29:11
|
Revision: 433
http://keychain.svn.sourceforge.net/keychain/?rev=433&view=rev
Author: wadetregaskis
Date: 2007-10-28 14:29:14 -0700 (Sun, 28 Oct 2007)
Log Message:
-----------
* Made links (in HeaderDoc documentation) actual links.
Modified Paths:
--------------
trunk/Frameworks/Keychain/CDSA/CSSMDefaults.h
trunk/Frameworks/Keychain/Certificates/ABPersonAdditions.h
trunk/Frameworks/Keychain/Cryptography/NSDataAdditions.h
trunk/Frameworks/Keychain/Hashcash/Hashcash.h
trunk/Frameworks/Keychain/Utilities/NSCalendarDateAdditions.h
Modified: trunk/Frameworks/Keychain/CDSA/CSSMDefaults.h
===================================================================
--- trunk/Frameworks/Keychain/CDSA/CSSMDefaults.h 2007-10-28 21:28:30 UTC (rev 432)
+++ trunk/Frameworks/Keychain/CDSA/CSSMDefaults.h 2007-10-28 21:29:14 UTC (rev 433)
@@ -81,7 +81,7 @@
@abstract Returns the default encryption mode for a given algorithm.
@discussion This function returns a safe default mode for a particular algorithm, and is used automatically by the Keychain framework when necessary. For example, for any AES cryptographic operations, the framework will use this function to determine that the mode should be CSSM_ALGMODE_CBCPadIV8 (at time of writing).
- At time of writing there is no way to override these defaults, neither here nor on a per-operation basis. If you require such functionality, submit a feature request to the author or on Sourceforge (http://www.sourceforge.net/projects/keychain/) to voice your interest.
+ At time of writing there is no way to override these defaults, neither here nor on a per-operation basis. If you require such functionality, submit a feature request to the author or on Sourceforge (<a href="http://www.sourceforge.net/projects/keychain/">http://www.sourceforge.net/projects/keychain</a>) to voice your interest.
@param algorithm The algorithm. Note that not all algorithms are known or supported, in which case CSSM_ALGMODE_NONE is returned.
@result Returns a [hopefully] appropriate default mode for the given algorithm, or CSSM_ALGMODE_NONE if the algorithm is not explicitly supported. */
@@ -91,7 +91,7 @@
@abstract Returns the default padding mode for a given algorithm.
@discussion This function returns a safe default padding mode for a particular algorithm, and is used automatically by the Keychain framework when necessary. For example, for any AES cryptographic operations, the framework will use this function to determine that the mode should be CSSM_PADDING_PKCS7 (at time of writing).
- At time of writing there is no way to override these defaults, neither here nor on a per-operation basis. If you require such functionality, submit a feature request to the author or on Sourceforge (http://www.sourceforge.net/projects/keychain/) to voice your interest.
+ At time of writing there is no way to override these defaults, neither here nor on a per-operation basis. If you require such functionality, submit a feature request to the author or on Sourceforge (<a href="http://www.sourceforge.net/projects/keychain/">http://www.sourceforge.net/projects/keychain</a>) to voice your interest.
@param algorithm The algorithm. Note that not all algorithms are known or supported, in which case CSSM_PADDING_NONE is returned.
@result Returns a [hopefully] appropriate default padding mode for the given algorithm, or CSSM_PADDING_NONE if the algorithm is not explicitly supported. */
@@ -101,7 +101,7 @@
@abstract Returns the default digest algorithm for a given algorithm.
@discussion This function returns a safe default digest algorithm for a particular algorithm, and is used automatically by the Keychain framework when necessary. This is used when performing public-key cryptographic operations, to determine for example an appropriate digest for RSA/DSA/FEE/etc.
- At time of writing there is no way to override these defaults, neither here nor on a per-operation basis. If you require such functionality, submit a feature request to the author or on Sourceforge (http://www.sourceforge.net/projects/keychain/) to voice your interest.
+ At time of writing there is no way to override these defaults, neither here nor on a per-operation basis. If you require such functionality, submit a feature request to the author or on Sourceforge (<a href="http://www.sourceforge.net/projects/keychain/">http://www.sourceforge.net/projects/keychain</a>) to voice your interest.
@param algorithm The algorithm. Note that not all algorithms are known or supported, in which case CSSM_ALGID_NONE is returned.
@result Returns a [hopefully] appropriate default digest algorithm for the given algorithm, or CSSM_ALGID_NONE if the algorithm is not explicitly supported. */
Modified: trunk/Frameworks/Keychain/Certificates/ABPersonAdditions.h
===================================================================
--- trunk/Frameworks/Keychain/Certificates/ABPersonAdditions.h 2007-10-28 21:28:30 UTC (rev 432)
+++ trunk/Frameworks/Keychain/Certificates/ABPersonAdditions.h 2007-10-28 21:29:14 UTC (rev 433)
@@ -25,7 +25,7 @@
/*! @category ABPerson (KeychainFramework)
@abstract Extensions to the ABPerson class from the AddressBook framework, for dealing with certificates associated with address book entries.
- @discussion This category extends the ABPerson class so that ABPersons may have certificates associated with them. The current implementation is potentially obsolete, however, and it is recommended you avoid using this API for the moment if you can. If you wish to see it updated and validated, please submit a support request or bug report at http://sourceforge.net/projects/keychain/. */
+ @discussion This category extends the ABPerson class so that ABPersons may have certificates associated with them. The current implementation is potentially obsolete, however, and it is recommended you avoid using this API for the moment if you can. If you wish to see it updated and validated, please submit a support request or bug report at <a href="http://www.sourceforge.net/projects/keychain/">http://www.sourceforge.net/projects/keychain/</a>. */
// XXX: I seem to remember being told by the Security guys that this was a bad way to do things... I think the official way of associating certificates with AddressBook entries is simply by name or somesuch... need to find out for sure, and update this.
Modified: trunk/Frameworks/Keychain/Cryptography/NSDataAdditions.h
===================================================================
--- trunk/Frameworks/Keychain/Cryptography/NSDataAdditions.h 2007-10-28 21:28:30 UTC (rev 432)
+++ trunk/Frameworks/Keychain/Cryptography/NSDataAdditions.h 2007-10-28 21:29:14 UTC (rev 433)
@@ -73,7 +73,7 @@
@abstract Computes and returns the MAC of the receiver, signed by the given key.
@discussion MACs (Message Authentication Codes) are conceptually like hashes or digests, except that in addition to detecting modification of the data they also include a 'signature' from a key, which also provides authentication of the code itself (using the same key).
- Note that, despite the above conceptual description, this is distinctly not equivalent to simply calculating the digest of the data and signing or encrypting it, as separate operations. If you require verification and authentication, use MACs - don't try to do it yourself. MAC algorithms possess additional properties - see http://en.wikipedia.org/wiki/Message_authentication_code for additional information.
+ Note that, despite the above conceptual description, this is distinctly not equivalent to simply calculating the digest of the data and signing or encrypting it, as separate operations. If you require verification and authentication, use MACs - don't try to do it yourself. MAC algorithms possess additional properties - see <a href="http://en.wikipedia.org/wiki/Message_authentication_code">http://en.wikipedia.org/wiki/Message_authentication_code</a> for additional information.
@param key The key to compute the MAC with. Should not be nil.
@result Returns the MAC of the receiver's contents 'signed' by the receiver, or nil if an error occurs. */
Modified: trunk/Frameworks/Keychain/Hashcash/Hashcash.h
===================================================================
--- trunk/Frameworks/Keychain/Hashcash/Hashcash.h 2007-10-28 21:28:30 UTC (rev 432)
+++ trunk/Frameworks/Keychain/Hashcash/Hashcash.h 2007-10-28 21:29:14 UTC (rev 433)
@@ -60,7 +60,7 @@
Naturally as computers increase in speed the cost to compute stamps decreases, so a 20-bit stamp (20 leading 0's) that used to take many minutes can now be computed in seconds. As such, you will need to adapt your use as appropriate. Also keep in mind that there is no guaranteed minimum time required to generate a sufficient stamp - it could be the very first value that is tried. Statistically, however, there is an average cost associated with a given stamp value, so over a sufficient number of transactions this theoretical average should be approximated reasonably well.
<b>More Information</b>
- The official website for Hashcash is http://www.hashcash.org/. Of particular interest is the FAQ at http://www.hashcash.org/faq/, which provides much more information about all aspects of Hashcash. Source code and pre-built binaries for various platforms and in numerous languages are also available.
+ The official website for Hashcash is <a href="http://www.hashcash.org/">http://www.hashcash.org/</a>. Of particular interest is the FAQ at <a href="http://www.hashcash.org/faq/">http://www.hashcash.org/faq/</a>, which provides much more information about all aspects of Hashcash. Source code and pre-built binaries for various platforms and in numerous languages are also available.
Note that the implementation used presently by the Keychain framework is based on Apple's implementation of the CDSA, not the standalone source from the website. It is compatible, but performance may differ (to be honest, this implementation is if anything slower than the reference - in future a new, faster implementaton may be chosen).
Modified: trunk/Frameworks/Keychain/Utilities/NSCalendarDateAdditions.h
===================================================================
--- trunk/Frameworks/Keychain/Utilities/NSCalendarDateAdditions.h 2007-10-28 21:28:30 UTC (rev 432)
+++ trunk/Frameworks/Keychain/Utilities/NSCalendarDateAdditions.h 2007-10-28 21:29:14 UTC (rev 433)
@@ -22,7 +22,7 @@
/*! @method dateWithClassicMacLongDateTime:timeZone:
@abstract Creates a new NSCalendarDate with the given Classic Mac LongDateTime and timezone.
- @discussion For a very poor description of LongDateTimes, refer to http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html. In a nutshell, it's the number of seconds from the start of January 1st, 1904, <i>in an undefined time zone</i>. Which is to say, the timezone information is not encoded into the time itself, nor are they standardised to GMT time or similar. In fact, the default behaviour with most MacOS X functions that deal with these is to assume they are in the default time zone for the current application. As such, they are not easily portable.
+ @discussion For a very poor description of LongDateTimes, refer to <a href="http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html">http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html</a>. In a nutshell, it's the number of seconds from the start of January 1st, 1904, <i>in an undefined time zone</i>. Which is to say, the timezone information is not encoded into the time itself, nor are they standardised to GMT time or similar. In fact, the default behaviour with most MacOS X functions that deal with these is to assume they are in the default time zone for the current application. As such, they are not easily portable.
So, typically if you have a LongDateTime and you're not sure what time zone its in, use +[NSTimeZone defaultTimeZone].
@@ -35,7 +35,7 @@
/*! @method dateWithClassicMacDateTime:timeZone:
@abstract Creates a new NSCalendarDate with the given Classic Mac DateTime and timezone.
- @discussion For a very poor description of DateTimes, refer to http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html. In a nutshell, it's the number of seconds from the start of January 1st, 1904, <i>in an undefined time zone</i>. Which is to say, the timezone information is not encoded into the time itself, nor are they standardised to GMT time or similar. In fact, the default behaviour with most MacOS X functions that deal with these is to assume they are in the default time zone for the current application. As such, they are not easily portable.
+ @discussion For a very poor description of DateTimes, refer to <a href="http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html">http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html</a>. In a nutshell, it's the number of seconds from the start of January 1st, 1904, <i>in an undefined time zone</i>. Which is to say, the timezone information is not encoded into the time itself, nor are they standardised to GMT time or similar. In fact, the default behaviour with most MacOS X functions that deal with these is to assume they are in the default time zone for the current application. As such, they are not easily portable.
So, typically if you have a DateTime and you're not sure what time zone its in, use +[NSTimeZone defaultTimeZone].
@@ -105,7 +105,7 @@
/*! @method classicMacLongDateTimeForTimeZone:
@abstract Returns a Classic Mac LongDateTime, in the given timezone, representing the receiver.
- @discussion For a very poor description of LongDateTimes, refer to http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html. In a nutshell, it's the number of seconds from the start of January 1st, 1904, <i>in an undefined time zone</i>. Which is to say, the timezone information is not encoded into the time itself, nor are they standardised to GMT time or similar. In fact, the default behaviour with most MacOS X functions that deal with these is to assume they are in the default time zone for the current application. As such, they are not easily portable.
+ @discussion For a very poor description of LongDateTimes, refer to <a href="http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html">http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html</a>. In a nutshell, it's the number of seconds from the start of January 1st, 1904, <i>in an undefined time zone</i>. Which is to say, the timezone information is not encoded into the time itself, nor are they standardised to GMT time or similar. In fact, the default behaviour with most MacOS X functions that deal with these is to assume they are in the default time zone for the current application. As such, they are not easily portable.
This was originally only necessary because Keychain searches could seemingly only specify creation and modification dates in this form, an issue which I believe was officially acknowlegded (although I don't have the email handy - check the apple-cdsa mailing list archives if you're eager) as due to an implementation oversight in the Security framework. In future the Security framework will hopefully support more common date formats, but for now this function must remain to fill that gap.
@param timeZone The time zone that the result will be treated as being in. If nil, GMT is assumed.
@@ -115,7 +115,7 @@
/*! @method classicMacDateTimeForTimeZone:
@abstract Returns a Classic Mac DateTime, in the given timezone, representing the receiver.
- @discussion For a very poor description of DateTimes, refer to http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html. In a nutshell, it's the number of seconds from the start of January 1st, 1904, <i>in an undefined time zone</i>. Which is to say, the timezone information is not encoded into the time itself, nor are they standardised to GMT time or similar. In fact, the default behaviour with most MacOS X functions that deal with these is to assume they are in the default time zone for the current application. As such, they are not easily portable.
+ @discussion For a very poor description of DateTimes, refer to <a href="http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html">http://developer.apple.com/documentation/Carbon/Reference/Date_Time_an_nt_Utilities/Reference/reference.html</a>. In a nutshell, it's the number of seconds from the start of January 1st, 1904, <i>in an undefined time zone</i>. Which is to say, the timezone information is not encoded into the time itself, nor are they standardised to GMT time or similar. In fact, the default behaviour with most MacOS X functions that deal with these is to assume they are in the default time zone for the current application. As such, they are not easily portable.
This was originally only necessary because Keychain searches could seemingly only specify creation and modification dates in this form, an issue which I believe was officially acknowlegded (although I don't have the email handy - check the apple-cdsa mailing list archives if you're eager) as due to an implementation oversight in the Security framework. In future the Security framework will hopefully support more common date formats, but for now this function must remain to fill that gap.
@param timeZone The time zone that the result will be treated as being in. If nil, GMT is assumed.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 21:28:25
|
Revision: 432
http://keychain.svn.sourceforge.net/keychain/?rev=432&view=rev
Author: wadetregaskis
Date: 2007-10-28 14:28:30 -0700 (Sun, 28 Oct 2007)
Log Message:
-----------
* Removed obsolete comments.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Utilities/NSCalendarDateAdditions.m
Modified: trunk/Frameworks/Keychain/Utilities/NSCalendarDateAdditions.m
===================================================================
--- trunk/Frameworks/Keychain/Utilities/NSCalendarDateAdditions.m 2007-10-28 21:28:11 UTC (rev 431)
+++ trunk/Frameworks/Keychain/Utilities/NSCalendarDateAdditions.m 2007-10-28 21:28:30 UTC (rev 432)
@@ -65,13 +65,8 @@
// The above could be wrong, I think. We're giving it the absoluteTime pretending it's really an absolute time, but it's not - it's offset by some amount. If that offset crosses a daylight-savings boundary, we could read the wrong offset. That would put us off by +/- 1 hour. This needs to be proven, one way or another, experimentally.
}
- //CFGregorianDate splitDate = CFAbsoluteTimeGetGregorianDate(absoluteTime, NULL /*timeZone*/);
-
- //NSCalendarDate *result = [NSCalendarDate dateWithYear:splitDate.year month:splitDate.month day:splitDate.day hour:splitDate.hour minute:splitDate.minute second:splitDate.second timeZone:[NSTimeZone timeZoneForSecondsFromGMT:0 /*offsetFromGMT*/]];
NSCalendarDate *result = [NSCalendarDate dateWithTimeIntervalSinceReferenceDate:absoluteTime];
- //[result setTimeZone:[NSTimeZone defaultTimeZone]];
-
return result;
}
@@ -90,26 +85,7 @@
return result;
}
-/*
- * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
- *
- * The following method, classicMacDateTime,
- * constitutes Original Code as defined in and is subject to the Apple Public
- * Source License Version 2.0 (the 'License').
- * You may not use this method except in compliance with the License. Please obtain
- * a copy of the License at http://www.apple.com/publicsource and read it before
- * using this method.
- *
- * This Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
- * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
- * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
- * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
- * specific language governing rights and limitations under the License.
- */
-
- (uint32_t)classicMacDateTimeForTimeZone:(NSTimeZone*)timeZone {
- // This function courtesy of Ken McLeod, on the apple-cdsa mailing list, 23rd of June, 2006
int64_t longDateTime = [self classicMacLongDateTimeForTimeZone:timeZone];
if (0 > longDateTime) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 21:28:07
|
Revision: 431
http://keychain.svn.sourceforge.net/keychain/?rev=431&view=rev
Author: wadetregaskis
Date: 2007-10-28 14:28:11 -0700 (Sun, 28 Oct 2007)
Log Message:
-----------
* Made kind constants bold, so they're easier to see in the HTML docs.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 20:55:33 UTC (rev 430)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 21:28:11 UTC (rev 431)
@@ -89,7 +89,7 @@
@discussion You can refer to the Apple CDSA documentation in the file <a href="file:///System/Library/Frameworks/Security.framework/Headers/SecKeychainItem.h">SecKeychainItem.h</a> for a list of 'kinds'. At time of writing these are:
<ul>
- <li>kSecInternetPasswordItemClass - Internet password. These are uniquely identified by the following attributes:
+ <li><b>kSecInternetPasswordItemClass</b> - Internet password. These are uniquely identified by the following attributes:
<ul>
<li>@link account account@/link</li>
@@ -118,7 +118,7 @@
</ul>
</li>
- <li>kSecGenericPasswordItemClass - Generic password. These are uniquely identified by the following attributes:
+ <li><b>kSecGenericPasswordItemClass</b> - Generic password. These are uniquely identified by the following attributes:
<ul>
<li>@link account account@/link</li>
@@ -143,7 +143,7 @@
</ul>
</li>
- <li>kSecAppleSharePasswordItemClass - AppleShare password. These are uniquely identified by the following attributes:
+ <li><b>kSecAppleSharePasswordItemClass</b> - AppleShare password. These are uniquely identified by the following attributes:
<ul>
<li>@link account account@/link</li>
@@ -171,7 +171,7 @@
</ul>
</li>
- <li>kSecCertificateItemClass - Certificate. These are uniquely identified by the following attributes:
+ <li><b>kSecCertificateItemClass</b> - Certificate. These are uniquely identified by the following attributes:
<ul>
<li>@link certificateType certificateType@/link</li>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 20:55:32
|
Revision: 430
http://keychain.svn.sourceforge.net/keychain/?rev=430&view=rev
Author: wadetregaskis
Date: 2007-10-28 13:55:33 -0700 (Sun, 28 Oct 2007)
Log Message:
-----------
* Replaced '&' with 'and' to avoid tripping up HeaderDoc.
* Removed ':(' from a comment because, ironically, it was making HeaderDoc unhappy.
* Added note to KeychainItem class doc about uniquing attributes.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 20:46:16 UTC (rev 429)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 20:55:33 UTC (rev 430)
@@ -39,8 +39,14 @@
You don't usually create KeychainItem's directly, but rather acquire them (as existing items) from a keychain, or as new items created as a result of using a Keychain method such as @link addGenericPassword:onService:forAccount:replaceExisting: addGenericPassword:onService:forAccount:replaceExisting:@/link, @link addInternetPassword:onServer:forAccount:port:path:inSecurityDomain:protocol:auth:replaceExisting: addInternetPassword:onServer:forAccount:port:path:inSecurityDomain:protocol:auth:replaceExisting:@/link and @link addCertificate: addCertificate:@/link, among others.
- Although it's not usually something you need to think about, it so happens that keychains are implemented on Mac OS X as special CDSA data stores (a combined CSP/DL). This means that Certificates are actually KeychainItems for most intents and purposes, and you can easily translate between them using the @link certificate certificate@/link and @link keychainItem keychainItem@/link methods. */
+ Although it's not usually something you need to think about, it so happens that keychains are implemented on Mac OS X as special CDSA data stores (a combined CSP/DL). This means that Certificates are actually KeychainItems for most intents and purposes, and you can easily translate between them using the @link certificate certificate@/link and @link keychainItem keychainItem@/link methods.
+ <b>Uniquing Attributes</b>
+
+ All KeychainItems have some subset of attributes which <i>uniquely</i> identify that KeychainItem. For example, a combination of volumen name, server address, signature and account name, for AppleShare passwords. No two items can exist, in the same keychain, with the same values for all their uniquing attributes. It is quite possible, however, to have two items which differ only by one unique attribute (e.g. an Internet password for the same server, path, port, etc, but with a different account name).
+
+ The documentation for each attribute's getter and setter makes note of which types of KeychainItems it applies to (if not all), and if it is a uniquing attribute. Alternatively, for a complete list see the description of the @link kind kind@/link method. */
+
@interface KeychainItem : NSCachedObject {
@protected
SecKeychainItemRef _keychainItem;
@@ -186,6 +192,7 @@
</li>
</ul>
+ TODO: determine what this returns for other types of keychain items (e.g. keys).
@result Returns one of the constants specified above, or -1 if an error occurs. */
- (SecItemClass)kind;
@@ -270,17 +277,21 @@
Note that Keychain Access does not follow this behaviour. Indeed, the built-in behaviour may or may not be as described. TODO: verify this.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
The default value, for new KeychainItems, is the time at which the item was created.
@param date The new creation date for the receiver. Should not be nil. */
- (void)setCreationDate:(NSDate*)date;
-#if 0 // This doesn't work yet. :(
+#if 0 // This doesn't work yet.
/*! @method setModificationDate:
@abstract Sets the modification date of the receiver.
@discussion The modification date should reflect the date at which the receiver's data or attributes were last modified (which does not include it's addition to the owning keychain). The modification date is updated automatically when you modify the receiver's data or attributes.
Note that Keychain Access does not follow this behaviour. TODO: describe Keychain Access's behaviour.
+
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
@param date The new modification date for the receiver. Should not be nil. */
- (void)setModificationDate:(NSDate*)date;
@@ -288,10 +299,12 @@
/*! @method setTypeDescription:
@abstract Sets the human-readable description of the receiver's type.
- @discussion KeychainItem's can (and 'generic' or custom types <i>should</i>) have a type description associated with them, which concisely summarises their type & purpose. Examples include "Proteus Service Password", or "Web Forms Password", etc.
+ @discussion KeychainItem's can (and 'generic' or custom types <i>should</i>) have a type description associated with them, which concisely summarises their type and purpose. Examples include "Proteus Service Password", or "Web Forms Password", etc.
Note that this is distinct from the item's label (@link setLabel: setLabel:@/link/@link label label@/link) and comment (@link setComment: setComment:@/link/@link comment comment@/link); it describes the <i>type</i> of item the receiver is, not the receiver specifically.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
The default value, for new KeychainItems, is an empty string.
@param desc The description for the receiver. Should not be nil. */
@@ -301,6 +314,8 @@
@abstract Sets a human-readable comment for the receiver.
@discussion The comment can be anything; it is intended to be end-user readable, in a similar manner to file comments in the Finder. This attribute should be considered user-editable.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
The default value, for new KeychainItems, is an empty string.
@param comment The comment. Should not be nil. */
@@ -310,6 +325,8 @@
@abstract Sets the creator code of the receiver.
@discussion The creator code is the Classic MacOS document creator code, identifying which application created (or otherwise presently "owns") a given item.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
The default value, for new KeychainItems, is the creator code of the main bundle (i.e. your application). This may be 0.
@param creator The creator of the receiver, which may be 0 (meaning essentially 'no creator'). */
@@ -319,6 +336,8 @@
@abstract Sets the creator code of the receiver from the given string.
@discussion This is a convenience method which converts the given string to a FourCharCode and passes that to @link setCreator: setCreator:@/link. The given string should be either empty (to clear the creator code) or contain four ASCII characters. Note that NULLs are valid in the string.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
// TODO: verify how bytes > 127 are interpretted... I suspect MacRoman, but this needs to be tested.
@param creator The creator of the receiver, which should be either an empty string or a string containing exactly four ASCII characters. */
@@ -328,6 +347,8 @@
@abstract Sets the type code of the receiver.
@discussion The type code is the Classic MacOS document type code, identifying the document type of a given item. This is very distinct from the @link kind kind@/link of a KeychainItem; the 'type' does not describe the type of KeychainItem, but rather the document type with which it is associated. This is largely just a hang-over from Classic MacOS, and is neither commonly used nor recommended for future use.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
The default value, for new KeychainItems, is 0.
@param type The type of the receiver, which may be 0 (meaning essentially 'no type'). */
@@ -337,6 +358,8 @@
@abstract Sets the type code of the receiver from the given string.
@discussion This is a convenience method which converts the given string to a FourCharCode and passes that to @link setType: setType:@/link. The given string should be either empty (to clear the type code) or contain four ASCII characters. Note that NULLs are valid in the string.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
// TODO: verify how bytes > 127 are interpretted... I suspect MacRoman, but this needs to be tested.
@param type The type of the receiver, which should be either an empty string or a string containing exactly four ASCII characters. */
@@ -357,6 +380,8 @@
Note that in 10.4 I believe Keychain Access ignores this attribute and displays all items regardless. TODO: verify this.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
The default value, for new KeychainItems, is YES.
@param visible Whether or not the receiver should be visible to the end-user. */
@@ -370,6 +395,8 @@
Note that as an end-developer you are responsible for handling validity appropriately; the setting of this attribute does not influence how the Keychain framework operates.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
The default value, for new KeychainItems, is YES.
@param valid Whether or not the receiver's content (@link data data@/link) is valid. */
@@ -381,6 +408,8 @@
This attribute is more or less deprecated, and not recommended for future use.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass).
+
The default value, for new KeychainItems, is NO.
@param icon Whether or not the receiver has a custom icon. */
@@ -390,6 +419,8 @@
@abstract Sets the account of the receiver.
@discussion The account is the login name or similar of a password. It is not encrypted when stored in the keychain. Only password KeychainItems have this attribute; not certificates.
+ This attribute applies only to password items (kSecInternetPasswordItemClass, kSecAppleSharePasswordItemClass and kSecGenericPasswordItemClass). It is a uniquing attribute for all three types.
+
The default value for new KeychainItems, if not otherwise defined at creation time, is an empty string.
@param account The account for the receiver. Should not be nil (but may be an empty string). */
@@ -397,7 +428,9 @@
/*! @method setService:
@abstract Sets the 'service' of the receiver.
- @discussion i.e. the type of thing it is a password for. e.g. ".Mac". This attribute is only available on generic password (kSecGenericPasswordItemClass) KeychainItems.
+ @discussion i.e. the type of thing it is a password for. e.g. ".Mac".
+
+ This attribute applies only to Generic passwords (kSecGenericPasswordItemClass), where it is a uniquing attribute.
The default value for new KeychainItems, if not otherwise defined at creation time, is an empty string.
@param service The service for the receiver. Should not be nil (but may be an empty string). */
@@ -417,6 +450,8 @@
@abstract Sets the security domain of the receiver.
@discussion The security domain (also know as a realm) is a way of identifying a subsection of a website which uses the same login. For example, on www.example.com there may be a "PHPmyAdmin" domain and a "User" domain. Where you have knowledge of the domain of a password, it is wise to reference the domain in preference to a particular path, as the user should not be prompted multiple times for the same login, for the same domain.
+ This attribute applies only to Internet passwords (kSecInternetPasswordItemClass, @link isInternetItem isInternetItem@/link), where is is a uniquing attribute.
+
The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
@param securityDomain The security domain for the receiver. Should not be nil (but may be an empty string). */
@@ -426,6 +461,8 @@
@abstract Sets the server of the receiver.
@discussion The server is just the domain name or IP address of the server, e.g. "www.google.com" or "192.168.0.1".
+ This attribute applies only to AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link) and Internet passwords (kSecInternetPasswordItemClass, @link isInternetItem isInternetItem@/link). It is a uniquing attribute for Internet passwords.
+
The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
@param server The server. Should not be nil (but may be an empty string). */
@@ -433,14 +470,16 @@
/*! @method setAuthenticationType:
@abstract Sets the authentication type to which the receiver applies.
- @discussion Since this is one of the uniquing attributes for internet passwords (kSecInternetPasswordItemClass), it is possible to have two otherwise-identical passwords with different authentication types. e.g. one for HTTP basic and one for HTTP digest. If the authentication type is irrelevant, use kSecAuthenticationTypeDefault.
+ @discussion It is possible to have two otherwise-identical passwords with different authentication types. e.g. one for HTTP basic and one for HTTP digest. If the authentication type is irrelevant, use kSecAuthenticationTypeDefault.
+
+ This attribute applies only to Internet passwords (kSecInternetPasswordItemClass, @link isInternetItem isInternetItem@/link), where is is a uniquing attribute.
@param authType The authentication type of the receiver. */
- (void)setAuthenticationType:(SecAuthenticationType)authType;
/*! @method setPort:
@abstract Sets the port of the receiver.
- @discussion This attribute applies only to internet passwords (kSecInternetPasswordItemClass).
+ @discussion This attribute applies only to Internet passwords (kSecInternetPasswordItemClass, @link isInternetItem isInternetItem@/link), where is is a uniquing attribute.
The default for new KeychainItems, if not otherwise defined at creation time, is 0.
@param port The port. */
@@ -449,7 +488,7 @@
/*! @method setPath:
@abstract Sets the path of the reciever.
- @discussion This attribute applies only for internet passwords (kSecInternetPasswordItemClass).
+ @discussion This attribute applies only to Internet passwords (kSecInternetPasswordItemClass, @link isInternetItem isInternetItem@/link), where is is a uniquing attribute.
The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
@param path The path. Should not be nil (but may be an empty string). */
@@ -458,7 +497,7 @@
/*! @method setAppleShareVolume:
@abstract Sets the AppleShare volume name of the receiver.
- @discussion This attribute applies only for AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link). It is the name of the volume to which the receiver applies.
+ @discussion This attribute applies only to AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link), where it is a uniquing attribute.
The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
@param volume The volume name. Should not be nil (but may be an empty string). */
@@ -467,7 +506,7 @@
/*! @method setAppleShareAddress:
@abstract Sets the AppleShare address of the receiver.
- @discussion This attribute applies only for AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link). It is the address of the AppleShare server to which the receiver applies.
+ @discussion This attribute applies only to AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link), where it is a uniquing attribute.
The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
@param address The address. Should not be nil (but may be an empty string). */
@@ -476,14 +515,14 @@
/*! @method setAppleShareSignature:
@abstract Sets the AppleShare signature of the receiver.
- @discussion This attribute applies only for AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link).
+ @discussion This attribute applies only to AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link), where it is a uniquing attribute.
@param sig The signature. Should not be NULL. */
- (void)setAppleShareSignature:(SecAFPServerSignature*)sig;
/*! @method setProtocol:
@abstract Sets the protocol of the receiver.
- @discussion This attribute applies only for internet passwords (kSecInternetPasswordItemClass, @link isInternetItem isInternetItem@/link) and AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link).
+ @discussion This attribute applies only for internet passwords (kSecInternetPasswordItemClass, @link isInternetItem isInternetItem@/link) and AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link). For Internet passwords it is a uniquing attribute.
There is no "default" or "generic" protocol. If you cannot find a value the applies for your use, make up your own.
@param protocol The protocol. */
@@ -492,7 +531,7 @@
/*! @method setCertificateType:
@abstract Sets the certificate type of the receiver.
- @discussion This attribute applies only to certificates (kSecCertificateItemClass, @link isCertificate isCertificate@/link).
+ @discussion This attribute applies only to certificates (kSecCertificateItemClass, @link isCertificate isCertificate@/link), where it is a uniquing attribute.
// TODO: should this be settable? Shouldn't we ensure this is in sync with the actual certificate data, automatically?
@param certType The certificate type. */
@@ -524,7 +563,6 @@
// TODO: should this be settable? Shouldn't we ensure this is in sync with the actual CRL data, automatically?
@param encoding The CRL encoding. */
-
- (void)setCRLEncoding:(CSSM_CRL_ENCODING)encoding;
/*! @method setAlias:
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 20:46:12
|
Revision: 429
http://keychain.svn.sourceforge.net/keychain/?rev=429&view=rev
Author: wadetregaskis
Date: 2007-10-28 13:46:16 -0700 (Sun, 28 Oct 2007)
Log Message:
-----------
* Missing period.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/AccessControlList.h
Modified: trunk/Frameworks/Keychain/Keychain/AccessControlList.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/AccessControlList.h 2007-10-28 20:45:05 UTC (rev 428)
+++ trunk/Frameworks/Keychain/Keychain/AccessControlList.h 2007-10-28 20:46:16 UTC (rev 429)
@@ -47,7 +47,7 @@
Note that this method caches each unique object, such that additional calls with the same SecACLRef will return the existing AccessControlList for that particular SecACLRef, not new instances
@param AC The SecACLRef from which to derive the result
- @result An AccessControlList representing and wrapping around the SecACLRef provided */
+ @result An AccessControlList representing and wrapping around the SecACLRef provided. */
+ (AccessControlList*)accessControlListWithACLRef:(SecACLRef)AC;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 20:45:02
|
Revision: 428
http://keychain.svn.sourceforge.net/keychain/?rev=428&view=rev
Author: wadetregaskis
Date: 2007-10-28 13:45:05 -0700 (Sun, 28 Oct 2007)
Log Message:
-----------
* Fixed documentation copy-paste glitch (hadn't updated a method name).
Modified Paths:
--------------
trunk/Frameworks/Keychain/CDSA/CSSMUtils.h
Modified: trunk/Frameworks/Keychain/CDSA/CSSMUtils.h
===================================================================
--- trunk/Frameworks/Keychain/CDSA/CSSMUtils.h 2007-10-28 05:53:27 UTC (rev 427)
+++ trunk/Frameworks/Keychain/CDSA/CSSMUtils.h 2007-10-28 20:45:05 UTC (rev 428)
@@ -328,7 +328,7 @@
NSString* descriptionOfAuthorizations(NSArray *authorizations);
-/*! @function descriptionOfAuthorizations
+/*! @function descriptionOfAuthorizationsUsingConstants
@abstract Returns a description (using constants) of all the authorizations in the given array.
@discussion The description is a list of comma-separated constants for each authorization constant (aside from the last delimiter, which is an ampersand instead). For example, the array {CSSM_ACL_AUTHORIZATION_SIGN, CSSM_ACL_AUTHORIZATION_ENCRYPT, CSSM_ACL_AUTHORIZATION_DECRYPT} would yield (localised) "CSSM_ACL_AUTHORIZATION_SIGN, CSSM_ACL_AUTHORIZATION_ENCRYPT & CSSM_ACL_AUTHORIZATION_DECRYPT".
@param authorizations An NSArray containing zero or more NSNumbers, each containing an CSSM_ACL_AUTHORIZATION_TAG as its integer value.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 05:53:23
|
Revision: 427
http://keychain.svn.sourceforge.net/keychain/?rev=427&view=rev
Author: wadetregaskis
Date: 2007-10-27 22:53:27 -0700 (Sat, 27 Oct 2007)
Log Message:
-----------
* Fixed the names of the KeychainItem methods setCRLencoding:/setCRLtype: to setCRLEncoding:/setCRLType:.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 05:51:17 UTC (rev 426)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 05:53:27 UTC (rev 427)
@@ -508,16 +508,16 @@
- (void)setCertificateEncoding:(CSSM_CERT_ENCODING)certEncoding;
-/*! @method setCRLtype:
+/*! @method setCRLType:
@abstract Sets the CRL type of the receiver.
@discussion This attribute applies only to CRLs (Certificate Revocation Lists). (TODO: how does one identify a KeychainItem as such?)
// TODO: should this be settable? Shouldn't we ensure this is in sync with the actual CRL data, automatically?
@param type The CRL type. */
-- (void)setCRLtype:(CSSM_CRL_TYPE)type;
+- (void)setCRLType:(CSSM_CRL_TYPE)type;
-/*! @method setCRLencoding:
+/*! @method setCRLEncoding:
@abstract Sets the CRL encoding of the receiver.
@discussion This attribute applies only to CRLs (Certificate Revocation Lists). (TODO: how does one identify a KeychainItem as such?)
@@ -525,7 +525,7 @@
@param encoding The CRL encoding. */
-- (void)setCRLencoding:(CSSM_CRL_ENCODING)encoding;
+- (void)setCRLEncoding:(CSSM_CRL_ENCODING)encoding;
/*! @method setAlias:
@abstract Sets the alias of the receiver.
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-28 05:51:17 UTC (rev 426)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-28 05:53:27 UTC (rev 427)
@@ -491,13 +491,13 @@
}
}
-- (void)setCRLtype:(CSSM_CRL_TYPE)type {
+- (void)setCRLType:(CSSM_CRL_TYPE)type {
if (![self _setAttribute:kSecCrlType bytes:(const void*)&type length:sizeof(CSSM_CRL_TYPE)]) {
PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's CRL type - error %@.\n", self, OSStatusAsString(_error));
}
}
-- (void)setCRLencoding:(CSSM_CRL_ENCODING)encoding {
+- (void)setCRLEncoding:(CSSM_CRL_ENCODING)encoding {
if (![self _setAttribute:kSecCrlEncoding bytes:(const void*)&encoding length:sizeof(CSSM_CRL_ENCODING)]) {
PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's CRL encoding - error %@.\n", self, OSStatusAsString(_error));
}
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-28 05:51:17 UTC (rev 426)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-28 05:53:27 UTC (rev 427)
@@ -403,10 +403,10 @@
[currentItem setCertificateEncoding:CSSM_CERT_ENCODING_BER];
TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tCannot change certificate encoding (not applicable to Internet passwords)");
- [currentItem setCRLtype:CSSM_CRL_TYPE_X_509v2];
+ [currentItem setCRLType:CSSM_CRL_TYPE_X_509v2];
TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tCannot change CRL type (not applicable to Internet passwords)");
- [currentItem setCRLencoding:CSSM_CRL_ENCODING_DER];
+ [currentItem setCRLEncoding:CSSM_CRL_ENCODING_DER];
TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tCannot change CRL encoding (not applicable to Internet passwords)");
[currentItem setAlias:@"Get lost, Rimmer"];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 05:51:14
|
Revision: 426
http://keychain.svn.sourceforge.net/keychain/?rev=426&view=rev
Author: wadetregaskis
Date: 2007-10-27 22:51:17 -0700 (Sat, 27 Oct 2007)
Log Message:
-----------
* Added more documentation for the KeychainItem class. Got all the setters covered (as a first pass) now.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 00:41:59 UTC (rev 425)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 05:51:17 UTC (rev 426)
@@ -82,10 +82,110 @@
@abstract Returns the kind of the receiver, e.g. key, certificate, password, etc.
@discussion You can refer to the Apple CDSA documentation in the file <a href="file:///System/Library/Frameworks/Security.framework/Headers/SecKeychainItem.h">SecKeychainItem.h</a> for a list of 'kinds'. At time of writing these are:
- kSecInternetPasswordItemClass - Internet password.
- kSecGenericPasswordItemClass - Generic password.
- kSecAppleSharePasswordItemClass - AppleShare password.
- kSecCertificateItemClass - Certificate.
+ <ul>
+ <li>kSecInternetPasswordItemClass - Internet password. These are uniquely identified by the following attributes:
+
+ <ul>
+ <li>@link account account@/link</li>
+ <li>@link securityDomain securityDomain@/link</li>
+ <li>@link server server@/link</li>
+ <li>@link protocol protocol@/link</li>
+ <li>@link authenticationType authenticationType@/link</li>
+ <li>@link port port@/link</li>
+ <li>@link path path@/link</li>
+ </ul>
+
+ They also support the following attributes:
+
+ <ul>
+ <li>@link creationDate creationDate@/link</li>
+ <li>@link modificationDate modificationDate@/link</li>
+ <li>@link typeDescription typeDescription@/link</li>
+ <li>@link comment comment@/link</li>
+ <li>@link creator creator@/link</li>
+ <li>@link type type@/link</li>
+ <li>@link label label@/link</li>
+ <li>@link alias alias@/link</li>
+ <li>@link isVisible isVisible@/link</li>
+ <li>@link passwordIsValid passwordIsValid@/link</li>
+ <li>@link hasCustomIcon hasCustomIcon@/link</li>
+ </ul>
+ </li>
+
+ <li>kSecGenericPasswordItemClass - Generic password. These are uniquely identified by the following attributes:
+
+ <ul>
+ <li>@link account account@/link</li>
+ <li>@link service service@/link</li>
+ </ul>
+
+ They also support the following attributes:
+
+ <ul>
+ <li>@link creationDate creationDate@/link</li>
+ <li>@link modificationDate modificationDate@/link</li>
+ <li>@link typeDescription typeDescription@/link</li>
+ <li>@link comment comment@/link</li>
+ <li>@link creator creator@/link</li>
+ <li>@link type type@/link</li>
+ <li>@link label label@/link</li>
+ <li>@link alias alias@/link</li>
+ <li>@link isVisible isVisible@/link</li>
+ <li>@link passwordIsValid passwordIsValid@/link</li>
+ <li>@link hasCustomIcon hasCustomIcon@/link</li>
+ <li>@link userDefinedAttribute userDefinedAttribute@/link</li>
+ </ul>
+ </li>
+
+ <li>kSecAppleSharePasswordItemClass - AppleShare password. These are uniquely identified by the following attributes:
+
+ <ul>
+ <li>@link account account@/link</li>
+ <li>@link appleShareVolume appleShareVolume@/link</li>
+ <li>@link appleShareAddress appleShareAddress@/link</li>
+ <li>@link appleShareSignature appleShareSignature@/link</li>
+ </ul>
+
+ They also support the following attributes:
+
+ <ul>
+ <li>@link creationDate creationDate@/link</li>
+ <li>@link modificationDate modificationDate@/link</li>
+ <li>@link typeDescription typeDescription@/link</li>
+ <li>@link comment comment@/link</li>
+ <li>@link creator creator@/link</li>
+ <li>@link type type@/link</li>
+ <li>@link label label@/link</li>
+ <li>@link alias alias@/link</li>
+ <li>@link isVisible isVisible@/link</li>
+ <li>@link passwordIsValid passwordIsValid@/link</li>
+ <li>@link hasCustomIcon hasCustomIcon@/link</li>
+ <li>@link server server@/link</li>
+ <li>@link protocol protocol@/link</li>
+ </ul>
+ </li>
+
+ <li>kSecCertificateItemClass - Certificate. These are uniquely identified by the following attributes:
+
+ <ul>
+ <li>@link certificateType certificateType@/link</li>
+ <li>@link issuer issuer@/link</li>
+ <li>@link serialNumber serialNumber@/link</li>
+ </ul>
+
+ They also support the following attributes:
+
+ <ul>
+ <li>@link certificateEncoding certificateEncoding@/link</li>
+ <li>@link label label@/link</li>
+ <li>@link alias alias@/link</li>
+ <li>@link subject subject@/link</li>
+ <li>Subject Key Identifier</li>
+ <li>Public Key Hash</li>
+ </ul>
+ </li>
+ </ul>
+
@result Returns one of the constants specified above, or -1 if an error occurs. */
- (SecItemClass)kind;
@@ -321,18 +421,117 @@
@param securityDomain The security domain for the receiver. Should not be nil (but may be an empty string). */
- (void)setSecurityDomain:(NSString*)securityDomain;
+
+/*! @method setServer:
+ @abstract Sets the server of the receiver.
+ @discussion The server is just the domain name or IP address of the server, e.g. "www.google.com" or "192.168.0.1".
+
+ The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
+ @param server The server. Should not be nil (but may be an empty string). */
+
- (void)setServer:(NSString*)server;
+
+/*! @method setAuthenticationType:
+ @abstract Sets the authentication type to which the receiver applies.
+ @discussion Since this is one of the uniquing attributes for internet passwords (kSecInternetPasswordItemClass), it is possible to have two otherwise-identical passwords with different authentication types. e.g. one for HTTP basic and one for HTTP digest. If the authentication type is irrelevant, use kSecAuthenticationTypeDefault.
+ @param authType The authentication type of the receiver. */
+
- (void)setAuthenticationType:(SecAuthenticationType)authType;
+
+/*! @method setPort:
+ @abstract Sets the port of the receiver.
+ @discussion This attribute applies only to internet passwords (kSecInternetPasswordItemClass).
+
+ The default for new KeychainItems, if not otherwise defined at creation time, is 0.
+ @param port The port. */
+
- (void)setPort:(uint32_t)port;
+
+/*! @method setPath:
+ @abstract Sets the path of the reciever.
+ @discussion This attribute applies only for internet passwords (kSecInternetPasswordItemClass).
+
+ The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
+ @param path The path. Should not be nil (but may be an empty string). */
+
- (void)setPath:(NSString*)path;
+
+/*! @method setAppleShareVolume:
+ @abstract Sets the AppleShare volume name of the receiver.
+ @discussion This attribute applies only for AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link). It is the name of the volume to which the receiver applies.
+
+ The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
+ @param volume The volume name. Should not be nil (but may be an empty string). */
+
- (void)setAppleShareVolume:(NSString*)volume;
+
+/*! @method setAppleShareAddress:
+ @abstract Sets the AppleShare address of the receiver.
+ @discussion This attribute applies only for AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link). It is the address of the AppleShare server to which the receiver applies.
+
+ The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
+ @param address The address. Should not be nil (but may be an empty string). */
+
- (void)setAppleShareAddress:(NSString*)address;
+
+/*! @method setAppleShareSignature:
+ @abstract Sets the AppleShare signature of the receiver.
+ @discussion This attribute applies only for AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link).
+ @param sig The signature. Should not be NULL. */
+
- (void)setAppleShareSignature:(SecAFPServerSignature*)sig;
+
+/*! @method setProtocol:
+ @abstract Sets the protocol of the receiver.
+ @discussion This attribute applies only for internet passwords (kSecInternetPasswordItemClass, @link isInternetItem isInternetItem@/link) and AppleShare passwords (kSecAppleSharePasswordItemClass, @link isAppleShareItem isAppleShareItem@/link).
+
+ There is no "default" or "generic" protocol. If you cannot find a value the applies for your use, make up your own.
+ @param protocol The protocol. */
+
- (void)setProtocol:(SecProtocolType)protocol;
+
+/*! @method setCertificateType:
+ @abstract Sets the certificate type of the receiver.
+ @discussion This attribute applies only to certificates (kSecCertificateItemClass, @link isCertificate isCertificate@/link).
+
+ // TODO: should this be settable? Shouldn't we ensure this is in sync with the actual certificate data, automatically?
+ @param certType The certificate type. */
+
- (void)setCertificateType:(CSSM_CERT_TYPE)certType;
+
+/*! @method setCertificateEncoding:
+ @abstract Sets the certificate encoding of the receiver.
+ @discussion This attribute applies only to certificates (kSecCertificateItemClass, @link isCertificate isCertificate@/link).
+
+ // TODO: should this be settable? Shouldn't we ensure this is in sync with the actual certificate data, automatically?
+ @param certEncoding The certificate encoding. */
+
- (void)setCertificateEncoding:(CSSM_CERT_ENCODING)certEncoding;
+
+/*! @method setCRLtype:
+ @abstract Sets the CRL type of the receiver.
+ @discussion This attribute applies only to CRLs (Certificate Revocation Lists). (TODO: how does one identify a KeychainItem as such?)
+
+ // TODO: should this be settable? Shouldn't we ensure this is in sync with the actual CRL data, automatically?
+ @param type The CRL type. */
+
- (void)setCRLtype:(CSSM_CRL_TYPE)type;
+
+/*! @method setCRLencoding:
+ @abstract Sets the CRL encoding of the receiver.
+ @discussion This attribute applies only to CRLs (Certificate Revocation Lists). (TODO: how does one identify a KeychainItem as such?)
+
+ // TODO: should this be settable? Shouldn't we ensure this is in sync with the actual CRL data, automatically?
+ @param encoding The CRL encoding. */
+
+
- (void)setCRLencoding:(CSSM_CRL_ENCODING)encoding;
+
+/*! @method setAlias:
+ @abstract Sets the alias of the receiver.
+ @discussion The alias is typically used for certificates as a convenient way of identifying the key attribute of the item, e.g. the email address the certificate applies to (which may in turn be useful for looking up related AddressBook entries, for example).
+ @param alias The alias. Should not be nil (but may be an empty string). */
+
- (void)setAlias:(NSString*)alias;
- (NSCalendarDate*)creationDate;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 00:41:55
|
Revision: 425
http://keychain.svn.sourceforge.net/keychain/?rev=425&view=rev
Author: wadetregaskis
Date: 2007-10-27 17:41:59 -0700 (Sat, 27 Oct 2007)
Log Message:
-----------
* Changed name of KeychainItem method setDataString: to setDataFromString: to be [slightly] less ambiguous.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 00:36:54 UTC (rev 424)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 00:41:59 UTC (rev 425)
@@ -122,7 +122,7 @@
@abstract Sets the data of the receiver.
@discussion The data for password items is the password itself. For certificates, it is the raw certificate (try to avoid setting the certificate in this manner; you may add Certificate instances to keychains directly).
- Typically you will want to use @link setDataString: setDataString:@/link to modify passwords, as it handles the string encoding and conversion for you.
+ Typically you will want to use @link setDataFromString: setDataFromString:@/link to modify passwords, as it handles the string encoding and conversion for you.
The data may be encrypted for storage in the keychain; this method expects the plaintext.
@@ -131,7 +131,7 @@
- (void)setData:(NSData*)data;
-/*! @method setDataString:
+/*! @method setDataFromString:
@abstract Sets the data (e.g. the password) of the receiver.
@discussion The data for password items is the password itself. For certificates, the data is the raw certificate (which should be set using @link setData: setData:@/link rather than this method, to avoid string encoding and conversion issues).
@@ -140,7 +140,7 @@
TODO: determine under what conditions this may fail, or prompt the user, if any. It appears that you can always set the data, but I haven't tested extensively.
@param data The data to set for the receiver, replacing any and all already set for it. Should not be nil. */
-- (void)setDataString:(NSString*)data;
+- (void)setDataFromString:(NSString*)data;
/*! @method data
@abstract Returns the data of the receiver.
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-28 00:36:54 UTC (rev 424)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-28 00:41:59 UTC (rev 425)
@@ -169,7 +169,7 @@
}
}
-- (void)setDataString:(NSString*)data {
+- (void)setDataFromString:(NSString*)data {
[self setData:[data dataUsingEncoding:NSUTF8StringEncoding]];
}
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-28 00:36:54 UTC (rev 424)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-28 00:41:59 UTC (rev 425)
@@ -315,7 +315,7 @@
// Now, try modifying each and every attribute.
- [currentItem setDataString:@"rimmerisanacehole"];
+ [currentItem setDataFromString:@"rimmerisanacehole"];
TEST_ISEQUAL([currentItem dataAsString], @"rimmerisanacehole", "\tCan change password");
NSDate *newCreationDate = [NSDate dateWithNaturalLanguageString:@"12 hours ago"];
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 00:36:52
|
Revision: 424
http://keychain.svn.sourceforge.net/keychain/?rev=424&view=rev
Author: wadetregaskis
Date: 2007-10-27 17:36:54 -0700 (Sat, 27 Oct 2007)
Log Message:
-----------
* Changed name of KeychainItem methods setDomain:/domain to setSecurityDomain:/securityDomain, to make it clearer that this isn't a domain-name domain, but rather a security domain or security realm or whatever you wish to call them.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/Keychain.h
trunk/Frameworks/Keychain/Keychain/Keychain.m
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
trunk/Frameworks/Keychain/Keychain/KeychainSearch.h
trunk/Frameworks/Keychain/Keychain/KeychainSearch.m
trunk/Frameworks/Keychain/Testers/KeychainSearchTester.m
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Keychain/Keychain.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/Keychain.h 2007-10-28 00:18:55 UTC (rev 423)
+++ trunk/Frameworks/Keychain/Keychain/Keychain.h 2007-10-28 00:36:54 UTC (rev 424)
@@ -358,7 +358,7 @@
/*! @method addInternetPassword:onServer:forAccount:port:path:inSecurityDomain:protocol:auth:replaceExisting:
@abstract Adds a password to the receiver for an internet service with the properties given.
- @discussion Most of the parameters are optional, or context-sensitive. For instance, you needn't specify a domain or protocol if they don't apply to your use.
+ @discussion Most of the parameters are optional, or context-sensitive. For instance, you needn't specify a security domain or protocol if they don't apply to your use.
This method does not require the user's authentication or permission in order to add the password to the receiver. If an existing item is present with the same parameters, then it will be replaced if the replaceExisting parameter is YES. Otherwise, it will not, and an error will occur.
@param password The password.
@@ -366,13 +366,13 @@
@param account The login, username or account name on the server. This parameter may be nil.
@param port The port number, which may implicitly define a service type, for the server. This may be 0, indicating no port specified.
@param path The path of a resource on the server, to which this password applies. This may be nil.
- @param domain The security domain to add this entry in. This may (and most often will be) nil.
+ @param securityDomain The security domain to add this entry in. This may (and most often will be) nil.
@param protocol The protocol you are using. See <a href="file:///System/Library/Frameworks/Security.framework/Headers/SecKeychain.h>SecKeychain.h</a> for predefined types. This parameter is essentially just a Mac type (i.e. 4 bytes), and can be user-defined. This parameter is required.
@param authType The authentication type to be used. See <a href="file:///System/Library/Frameworks/Security.framework/Headers/SecKeychain.h>SecKeychain.h</a> for predefined types. You should use kSecAuthenticationTypeDefault if you have no preference or knowledge of the type to be used. Like the protocol parameter, this a 4-byte code, which may be user defined.
@param replace If YES then any existing item will have it's password changed, otherwise this method will fail if an item already exists.
@result Returns the resulting new KeychainItem, or nil if an error occurs. You can retrieve a corresponding error code using the lastError method. */
-- (KeychainItem*)addInternetPassword:(NSString*)password onServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)domain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType replaceExisting:(BOOL)replace;
+- (KeychainItem*)addInternetPassword:(NSString*)password onServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)securityDomain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType replaceExisting:(BOOL)replace;
/*! @method items
@abstract Returns every single item in the keychain, even invisible ones (e.g. keys).
@@ -394,7 +394,7 @@
/*! @method passwordForInternetServer:forAccount:port:path:inSecurityDomain:protocol:auth:
@abstract Searches for and returns the password for an internet entry matching the criteria given.
- @discussion Most of the parameters are optional, or context-sensitive. For instance, you needn't specify a domain or protocol if they don't apply to your intended use. If more than one item in the receiver matches the criteria given, only one will be returned.
+ @discussion Most of the parameters are optional, or context-sensitive. For instance, you needn't specify a security domain or protocol if they don't apply to your intended use. If more than one item in the receiver matches the criteria given, only one will be returned.
Note that this method will require the user to allow your application access to the password for the returned entry, and thus may take some time to complete while the user responds to the dialog.
@@ -403,12 +403,12 @@
@param account The login, username or account name on the server. This parameter may be nil.
@param port The port number, which may implicitly define a service type, for the server. This may be 0, to accept any port number.
@param path The path of a resource on the server, for which you are interesting in accessing. This may be nil.
- @param domain The security domain to look in. This may (and most often will be) nil.
+ @param securityDomain The security domain to look in. This may (and most often will be) nil.
@param protocol The protocol you are using. See <a href="file:///System/Library/Frameworks/Security.framework/Headers/SecKeychain.h>SecKeychain.h</a> for predefined types. This parameter is essentially just a Mac type (i.e. 4 bytes), and can be user-defined. This parameter is required.
@param authType The authentication type to be used. See <a href="file:///System/Library/Frameworks/Security.framework/Headers/SecKeychain.h>SecKeychain.h</a> for predefined types. You should use kSecAuthenticationTypeDefault if you have no preference or knowledge of the type to be used. Like the protocol parameter, this a 4-byte code, which may be user defined.
@result If a match is found, it is returned. Otherwise, or in case of an error, nil is returned. */
-- (NSString*)passwordForInternetServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)domain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType;
+- (NSString*)passwordForInternetServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)securityDomain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType;
/*! @method genericService:forAccount:
@abstract Searches for and returns a generic KeychainItem matching the criteria given.
@@ -421,19 +421,19 @@
/*! @method internetServer:forAccount:port:path:inSecurityDomain:protocol:auth:
@abstract Searches for and returns an internet KeychainItem matching the criteria given.
- @discussion Most of the parameters are optional, or context-sensitive. For instance, you needn't specify a domain or protocol if they don't apply to your intended use. If more than one item in the receiver matches the criteria given, only one will be returned.
+ @discussion Most of the parameters are optional, or context-sensitive. For instance, you needn't specify a security domain or protocol if they don't apply to your intended use. If more than one item in the receiver matches the criteria given, only one will be returned.
Note that this method will require the user to allow your application access to the returned entry, and thus may take some time to complete while the user responds to the dialog. If you wish to find a particular entry or entries without triggering such a dialog, see the KeychainSearch class.
@param server The domain name or IP address of the server you are accessing. This parameter may be nil.
@param account The login, username or account name on the server. This parameter may be nil.
@param port The port number, which may implicitly define a service type, for the server. This may be 0, to accept any port number.
@param path The path of a resource on the server, for which you are interesting in accessing. This may be nil.
- @param domain The security domain to look in. This may (and most often will be) nil.
+ @param securityDomain The security domain to look in. This may (and most often will be) nil.
@param protocol The protocol you are using. See <a href="file:///System/Library/Frameworks/Security.framework/Headers/SecKeychain.h>SecKeychain.h</a> for predefined types. This parameter is essentially just a Mac type (i.e. 4 bytes), and can be user-defined. This parameter is required.
@param authType The authentication type to be used. See <a href="file:///System/Library/Frameworks/Security.framework/Headers/SecKeychain.h>SecKeychain.h</a> for predefined types. You should use kSecAuthenticationTypeDefault if you have no preference or knowledge of the type to be used. Like the protocol parameter, this a 4-byte code, which may be user defined.
@result If a match is found, it is returned. Otherwise, or in case of an error, nil is returned. */
-- (KeychainItem*)internetServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)domain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType;
+- (KeychainItem*)internetServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)securityDomain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType;
/*! @method identitiesForUse:
@abstract Returns an array of identities in the receiver that are capable of performing the usage given.
Modified: trunk/Frameworks/Keychain/Keychain/Keychain.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/Keychain.m 2007-10-28 00:18:55 UTC (rev 423)
+++ trunk/Frameworks/Keychain/Keychain/Keychain.m 2007-10-28 00:36:54 UTC (rev 424)
@@ -1250,9 +1250,9 @@
return result;
}
-- (KeychainItem*)addInternetPassword:(NSString*)password onServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)domain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType replaceExisting:(BOOL)replace {
- const char *serverString, *accountString, *passwordString, *pathString, *domainString;
- uint32_t serverStringLength, accountStringLength, passwordStringLength, pathStringLength, domainStringLength;
+- (KeychainItem*)addInternetPassword:(NSString*)password onServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)securityDomain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType replaceExisting:(BOOL)replace {
+ const char *serverString, *accountString, *passwordString, *pathString, *securityDomainString;
+ uint32_t serverStringLength, accountStringLength, passwordStringLength, pathStringLength, securityDomainStringLength;
SecKeychainItemRef newItem;
KeychainItem *result = nil;
@@ -1260,22 +1260,22 @@
accountString = ((nil != account) ? [account UTF8String] : NULL);
serverString = ((nil != server) ? [server UTF8String] : NULL);
pathString = ((nil != path) ? [path UTF8String] : NULL);
- domainString = ((nil != domain) ? [domain UTF8String] : NULL);
+ securityDomainString = ((nil != securityDomain) ? [securityDomain UTF8String] : NULL);
passwordStringLength = ((NULL != passwordString) ? strlen(passwordString) : 0);
accountStringLength = ((NULL != accountString) ? strlen(accountString) : 0);
serverStringLength = ((NULL != serverString) ? strlen(serverString) : 0);
pathStringLength = ((NULL != pathString) ? strlen(pathString) : 0);
- domainStringLength = ((NULL != domainString) ? strlen(domainString) : 0);
+ securityDomainStringLength = ((NULL != securityDomainString) ? strlen(securityDomainString) : 0);
- _error = SecKeychainAddInternetPassword(_keychain, serverStringLength, serverString, domainStringLength, domainString, accountStringLength, accountString, pathStringLength, pathString, port, protocol, authType, passwordStringLength, passwordString, &newItem);
+ _error = SecKeychainAddInternetPassword(_keychain, serverStringLength, serverString, securityDomainStringLength, securityDomainString, accountStringLength, accountString, pathStringLength, pathString, port, protocol, authType, passwordStringLength, passwordString, &newItem);
if (noErr == _error) {
result = [KeychainItem keychainItemWithKeychainItemRef:newItem];
} else if ((_error == errSecDuplicateItem) && replace) {
SecKeychainItemRef existingItem;
- _error = SecKeychainFindInternetPassword(_keychain, serverStringLength, serverString, domainStringLength, domainString, accountStringLength, accountString, pathStringLength, pathString, port, protocol, authType, NULL, NULL, &existingItem);
+ _error = SecKeychainFindInternetPassword(_keychain, serverStringLength, serverString, securityDomainStringLength, securityDomainString, accountStringLength, accountString, pathStringLength, pathString, port, protocol, authType, NULL, NULL, &existingItem);
if (noErr == _error) {
_error = SecKeychainItemModifyAttributesAndData(existingItem, NULL, passwordStringLength, passwordString);
@@ -1297,8 +1297,8 @@
serverStringLength,
serverString,
- domainStringLength,
- domainString,
+ securityDomainStringLength,
+ securityDomainString,
accountStringLength,
accountString,
pathStringLength,
@@ -1318,8 +1318,8 @@
serverStringLength,
server,
- domainStringLength,
- domain,
+ securityDomainStringLength,
+ securityDomain,
accountStringLength,
account,
pathStringLength,
@@ -1471,28 +1471,28 @@
}
}
-- (NSString*)passwordForInternetServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)domain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType {
+- (NSString*)passwordForInternetServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)securityDomain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType {
char *passData;
UInt32 passLength;
- const char *serverString, *accountString, *pathString, *domainString;
- uint32_t serverStringLength, accountStringLength, pathStringLength, domainStringLength;
+ const char *serverString, *accountString, *pathString, *securityDomainString;
+ uint32_t serverStringLength, accountStringLength, pathStringLength, securityDomainStringLength;
accountString = ((nil != account) ? [account UTF8String] : NULL);
serverString = ((nil != server) ? [server UTF8String] : NULL);
pathString = ((nil != path) ? [path UTF8String] : NULL);
- domainString = ((nil != domain) ? [domain UTF8String] : NULL);
+ securityDomainString = ((nil != securityDomain) ? [securityDomain UTF8String] : NULL);
accountStringLength = ((NULL != accountString) ? strlen(accountString) : 0);
serverStringLength = ((NULL != serverString) ? strlen(serverString) : 0);
pathStringLength = ((NULL != pathString) ? strlen(pathString) : 0);
- domainStringLength = ((NULL != domainString) ? strlen(domainString) : 0);
+ securityDomainStringLength = ((NULL != securityDomainString) ? strlen(securityDomainString) : 0);
_error = SecKeychainFindInternetPassword(_keychain,
serverStringLength,
serverString,
- domainStringLength,
- domainString,
+ securityDomainStringLength,
+ securityDomainString,
accountStringLength,
accountString,
pathStringLength,
@@ -1513,8 +1513,8 @@
serverStringLength,
server,
- domainStringLength,
- domain,
+ securityDomainStringLength,
+ securityDomain,
accountStringLength,
account,
pathStringLength,
@@ -1550,28 +1550,28 @@
return keychainItem;
}
-- (KeychainItem*)internetServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)domain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType {
+- (KeychainItem*)internetServer:(NSString*)server forAccount:(NSString*)account port:(UInt16)port path:(NSString*)path inSecurityDomain:(NSString*)securityDomain protocol:(SecProtocolType)protocol auth:(SecAuthenticationType)authType {
KeychainItem *keychainItem = nil;
SecKeychainItemRef result = NULL;
- const char *serverString, *accountString, *pathString, *domainString;
- uint32_t serverStringLength, accountStringLength, pathStringLength, domainStringLength;
+ const char *serverString, *accountString, *pathString, *securityDomainString;
+ uint32_t serverStringLength, accountStringLength, pathStringLength, securityDomainStringLength;
accountString = ((nil != account) ? [account UTF8String] : NULL);
serverString = ((nil != server) ? [server UTF8String] : NULL);
pathString = ((nil != path) ? [path UTF8String] : NULL);
- domainString = ((nil != domain) ? [domain UTF8String] : NULL);
+ securityDomainString = ((nil != securityDomain) ? [securityDomain UTF8String] : NULL);
accountStringLength = ((NULL != accountString) ? strlen(accountString) : 0);
serverStringLength = ((NULL != serverString) ? strlen(serverString) : 0);
pathStringLength = ((NULL != pathString) ? strlen(pathString) : 0);
- domainStringLength = ((NULL != domainString) ? strlen(domainString) : 0);
+ securityDomainStringLength = ((NULL != securityDomainString) ? strlen(securityDomainString) : 0);
_error = SecKeychainFindInternetPassword(_keychain,
serverStringLength,
serverString,
- domainStringLength,
- domainString,
+ securityDomainStringLength,
+ securityDomainString,
accountStringLength,
accountString,
pathStringLength,
@@ -1593,8 +1593,8 @@
serverStringLength,
server,
- domainStringLength,
- domain,
+ securityDomainStringLength,
+ securityDomain,
accountStringLength,
account,
pathStringLength,
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 00:18:55 UTC (rev 423)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 00:36:54 UTC (rev 424)
@@ -313,14 +313,14 @@
- (void)setUserDefinedAttribute:(NSData*)attribute;
-/*! @method setDomain:
+/*! @method setSecurityDomain:
@abstract Sets the security domain of the receiver.
@discussion The security domain (also know as a realm) is a way of identifying a subsection of a website which uses the same login. For example, on www.example.com there may be a "PHPmyAdmin" domain and a "User" domain. Where you have knowledge of the domain of a password, it is wise to reference the domain in preference to a particular path, as the user should not be prompted multiple times for the same login, for the same domain.
The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
- @param domain The security domain for the receiver. Should not be nil (but may be an empty string). */
+ @param securityDomain The security domain for the receiver. Should not be nil (but may be an empty string). */
-- (void)setDomain:(NSString*)domain;
+- (void)setSecurityDomain:(NSString*)securityDomain;
- (void)setServer:(NSString*)server;
- (void)setAuthenticationType:(SecAuthenticationType)authType;
- (void)setPort:(uint32_t)port;
@@ -350,7 +350,7 @@
- (NSString*)account;
- (NSString*)service;
- (NSData*)userDefinedAttribute;
-- (NSString*)domain;
+- (NSString*)securityDomain;
- (NSString*)server;
- (SecAuthenticationType)authenticationType;
- (uint32_t)port;
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-28 00:18:55 UTC (rev 423)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-28 00:36:54 UTC (rev 424)
@@ -49,7 +49,7 @@
case kSecGenericItemAttr:
return @"userDefinedAttribute";
case kSecSecurityDomainItemAttr:
- return @"domain";
+ return @"securityDomain";
case kSecServerItemAttr:
return @"server";
case kSecPathItemAttr:
@@ -423,8 +423,8 @@
}
}
-- (void)setDomain:(NSString*)domain {
- if (![self _setAttribute:kSecSecurityDomainItemAttr string:domain encoding:NSUTF8StringEncoding]) {
+- (void)setSecurityDomain:(NSString*)securityDomain {
+ if (![self _setAttribute:kSecSecurityDomainItemAttr string:securityDomain encoding:NSUTF8StringEncoding]) {
PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's security domain - error %@.\n", self, OSStatusAsString(_error));
}
}
@@ -883,7 +883,7 @@
return result;
}
-- (NSString*)domain {
+- (NSString*)securityDomain {
return [self _attributeOfType:kSecSecurityDomainItemAttr asStringUsingEncoding:NSUTF8StringEncoding];
}
Modified: trunk/Frameworks/Keychain/Keychain/KeychainSearch.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainSearch.h 2007-10-28 00:18:55 UTC (rev 423)
+++ trunk/Frameworks/Keychain/Keychain/KeychainSearch.h 2007-10-28 00:36:54 UTC (rev 424)
@@ -67,7 +67,7 @@
- (void)setAccount:(NSString*)account;
- (void)setService:(NSString*)service;
- (void)setUserDefinedAttribute:(NSData*)attr;
-- (void)setDomain:(NSString*)domain;
+- (void)setSecurityDomain:(NSString*)securityDomain;
- (void)setServer:(NSString*)server;
- (void)setAuthenticationType:(SecAuthenticationType)type;
- (void)setPort:(UInt16)port;
Modified: trunk/Frameworks/Keychain/Keychain/KeychainSearch.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainSearch.m 2007-10-28 00:18:55 UTC (rev 423)
+++ trunk/Frameworks/Keychain/Keychain/KeychainSearch.m 2007-10-28 00:36:54 UTC (rev 424)
@@ -463,8 +463,8 @@
[self _setAttribute:kSecGenericItemAttr dataValue:attr];
}
-- (void)setDomain:(NSString*)domain {
- [self _setAttribute:kSecSecurityDomainItemAttr stringValue:domain];
+- (void)setSecurityDomain:(NSString*)securityDomain {
+ [self _setAttribute:kSecSecurityDomainItemAttr stringValue:securityDomain];
}
- (void)setServer:(NSString*)server {
Modified: trunk/Frameworks/Keychain/Testers/KeychainSearchTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainSearchTester.m 2007-10-28 00:18:55 UTC (rev 423)
+++ trunk/Frameworks/Keychain/Testers/KeychainSearchTester.m 2007-10-28 00:36:54 UTC (rev 424)
@@ -268,8 +268,8 @@
template_searchByAttributeWithObjectValue(@"user-defined attribute", @selector(userDefinedAttribute), @selector(setUserDefinedAttribute:), exhaustive);
}
-void test_keychainSearchByDomain(BOOL exhaustive) {
- template_searchByAttributeWithObjectValue(@"domain", @selector(domain), @selector(setDomain:), exhaustive);
+void test_keychainSearchBySecurityDomain(BOOL exhaustive) {
+ template_searchByAttributeWithObjectValue(@"securityDomain", @selector(securityDomain), @selector(setSecurityDomain:), exhaustive);
}
void test_keychainSearchByServer(BOOL exhaustive) {
@@ -347,7 +347,7 @@
test_keychainSearchByAccount(exhaustive);
test_keychainSearchByService(exhaustive);
test_keychainSearchByUserDefinedAttribute(exhaustive);
- test_keychainSearchByDomain(exhaustive);
+ test_keychainSearchBySecurityDomain(exhaustive);
test_keychainSearchByServer(exhaustive);
test_keychainSearchByAuthenticationType(exhaustive);
test_keychainSearchByPort(exhaustive);
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-28 00:18:55 UTC (rev 423)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-28 00:36:54 UTC (rev 424)
@@ -68,7 +68,7 @@
TEST_ISEQUAL([currentItem dataAsString], @"test123", "\tPassword is correct");
TEST_ISEQUAL([currentItem account], @"test", "\tAccount is correct");
- TEST_ISEQUAL([currentItem domain], @"", "\tDomain is correct (none)");
+ TEST_ISEQUAL([currentItem securityDomain], @"", "\tSecurity domain is correct (none)");
TEST_ISEQUAL([currentItem server], @"localhost", "\tServer is correct");
TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeDefault, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
TEST_INTSEQUAL([currentItem port], 123, "\tPort is correct");
@@ -114,7 +114,7 @@
TEST_ISEQUAL([originalItem dataAsString], @"test123", "\tOriginal item's password is unchanged");
TEST_ISEQUAL([originalItem account], @"test", "\tOriginal item's account is still correct");
- TEST_ISEQUAL([originalItem domain], @"", "\tOriginal item's domain is still correct (none)");
+ TEST_ISEQUAL([originalItem securityDomain], @"", "\tOriginal item's security domain is still correct (none)");
TEST_ISEQUAL([originalItem server], @"localhost", "\tOriginal item's server is still correct");
TEST_INTSEQUAL_F([originalItem authenticationType], kSecAuthenticationTypeDefault, nameOfAuthenticationTypeConstant, "\tOriginal item's authentication type is still correct");
TEST_INTSEQUAL([originalItem port], 123, "\tOriginal item's port is still correct");
@@ -160,7 +160,7 @@
TEST_ISEQUAL([currentItem dataAsString], @"overwritten", "\tPassword is correct");
TEST_ISEQUAL([currentItem account], @"test", "\tAccount is correct");
- TEST_ISEQUAL([currentItem domain], @"", "\tDomain is correct (none)");
+ TEST_ISEQUAL([currentItem securityDomain], @"", "\tSecurity domain is correct (none)");
TEST_ISEQUAL([currentItem server], @"localhost", "\tServer is correct");
TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeDefault, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
TEST_INTSEQUAL([currentItem port], 123, "\tPort is correct");
@@ -218,7 +218,7 @@
TEST_ISEQUAL([currentItem dataAsString], chinesePassword, "\tPassword is correct");
TEST_ISEQUAL([currentItem account], chineseAccount, "\tAccount is correct");
- TEST_ISEQUAL([currentItem domain], @"", "\tDomain is correct (none)");
+ TEST_ISEQUAL([currentItem securityDomain], @"", "\tSecurity domain is correct (none)");
TEST_ISEQUAL([currentItem server], chineseServer, "\tServer is correct");
TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeHTTPDigest, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
TEST_INTSEQUAL([currentItem port], 1337, "\tPort is correct");
@@ -274,7 +274,7 @@
TEST_ISEQUAL([currentItem dataAsString], @"smeg", "\tPassword is correct");
TEST_ISEQUAL([currentItem account], @"lister", "\tAccount is correct");
- TEST_ISEQUAL([currentItem domain], @"Red Dwarf", "\tDomain is correct (none)");
+ TEST_ISEQUAL([currentItem securityDomain], @"Red Dwarf", "\tSecurity domain is correct (none)");
TEST_ISEQUAL([currentItem server], @"reddwarf.org", "\tServer is correct");
TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeDefault, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
TEST_INTSEQUAL([currentItem port], 997, "\tPort is correct");
@@ -369,8 +369,8 @@
[currentItem setUserDefinedAttribute:userDefinedAttribute];
TEST_ISNIL([currentItem userDefinedAttribute], "\tCannot change user-defined attribute (not applicable to Internet passwords)");
- [currentItem setDomain:@"Red Dwarf Pilots"];
- TEST_ISEQUAL([currentItem domain], @"Red Dwarf Pilots", "\tCan change domain");
+ [currentItem setSecurityDomain:@"Red Dwarf Pilots"];
+ TEST_ISEQUAL([currentItem securityDomain], @"Red Dwarf Pilots", "\tCan change security domain");
[currentItem setServer:@"reddwarf.net"];
TEST_ISEQUAL([currentItem server], @"reddwarf.net", "\tCan change server");
@@ -418,7 +418,7 @@
TEST_ISEQUAL([currentItem dataAsString], @"rimmerisanacehole", "\tPassword is still correct");
TEST_ISEQUAL([currentItem account], @"Lister", "\tAccount is still correct");
- TEST_ISEQUAL([currentItem domain], @"Red Dwarf Pilots", "\tDomain is still correct (none)");
+ TEST_ISEQUAL([currentItem securityDomain], @"Red Dwarf Pilots", "\tSecurity domain is still correct (none)");
TEST_ISEQUAL([currentItem server], @"reddwarf.net", "\tServer is still correct");
TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeRPA, nameOfAuthenticationTypeConstant, "\tAuthentication type is still correct");
TEST_INTSEQUAL([currentItem port], 21, "\tPort is still correct");
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-28 00:18:52
|
Revision: 423
http://keychain.svn.sourceforge.net/keychain/?rev=423&view=rev
Author: wadetregaskis
Date: 2007-10-27 17:18:55 -0700 (Sat, 27 Oct 2007)
Log Message:
-----------
* Corrected older documentation, and added some new documentation. Still lots to go, though.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-27 23:06:13 UTC (rev 422)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-28 00:18:55 UTC (rev 423)
@@ -47,27 +47,33 @@
int _error;
}
+/*! @method nameOfGetterForAttribute:
+ @abstract Returns the method name of the getter corresponding to a given attribute type.
+ @discussion You wouldn't typically need to use this, as it's explicitly required only for some internal workings of the Keychain framework, but it is available (and supported going forward) if you need it for some reason.
+ @param type The type.
+ @result Returns the method name of the getter corresponding to the given attribute type, or nil if one doesn't exist. */
+
+ (NSString*)nameOfGetterForAttribute:(SecKeychainAttrType)type;
/*! @method keychainItemWithKeychainItemRef:
@abstract Creates and returns a KeychainItem instance based on a SecKeychainItemRef.
- @discussion The SecKeychainItemRef is retained by the new KeychainItem instance for the duration of it's life. This method caches existing KeychainItem instances, such that multiple calls with the same SecKeychainItemRef will return the same unique KeychainItem instance.
+ @discussion The SecKeychainItemRef is retained by the new KeychainItem instance. This method caches existing KeychainItem instances, such that multiple calls with the same SecKeychainItemRef will return the same unique KeychainItem instance (with its retain count suitably bumped).
@param ke The SecKeychainItemRef.
- @result If a KeychainItem instance already returns for the given SecKeychainItemRef, returns that existing instance. Otherwise, creates a new instance and returns it. In case of error, returns nil. */
+ @result If a KeychainItem instance already for the given SecKeychainItemRef, returns that existing instance. Otherwise, creates a new instance and returns it. In case of error, returns nil. */
+ (KeychainItem*)keychainItemWithKeychainItemRef:(SecKeychainItemRef)keychainIt;
/*! @method initWithKeychainItemRef:
@abstract Initiailizes the receiver with a SecKeychainItemRef.
- @discussion The SecKeychainItemRef is retained by the receiver for the duration of it's lifetime. Changes to the SecKeychainItemRef will reflect on the receiver, and vice versa. Note that this method caches existing KeychainItem instances, such that calling this with a SecKeychainItemRef that has already been used will release the receiver and return the existing instance.
+ @discussion The SecKeychainItemRef is retained by the receiver. Changes to the SecKeychainItemRef will reflect on the receiver, and vice versa. Note that this method caches existing KeychainItem instances, such that calling this with a SecKeychainItemRef that has already been used will release the receiver and return the existing instance.
@param ke The SecKeychainItemRef.
- @result If SecKeychainItemRef is a valid keychain item, returns the receiver or the existing instance, if available (releasing the receiver in the latter case). Otherwise, releases the receiver and returns nil. */
+ @result If a KeychainItem instance already exists for the given SecKeychainItemRef, releases the receiver and returns the existing instance (with its retain count suitably incremented). Otherwise, initialises the receiver with the given SecKeychainItemRef and returns it. If an error occurs, releases the receiver and returns nil. */
- (KeychainItem*)initWithKeychainItemRef:(SecKeychainItemRef)keychainIt;
/*! @method init
- @abstract Reject initialiser.
- @discussion You cannot initialise a KeychainItem using "init" - use one of the other initialisation methods.
+ @abstract Unsupported initialiser.
+ @discussion You cannot initialise a KeychainItem using "init" - use @link initWithKeychainItemRef: initWithKeychainItemRef:@/link.
@result This method always releases the receiver and returns nil. */
- (KeychainItem*)init;
@@ -113,38 +119,48 @@
- (BOOL)isCertificate;
/*! @method setData:
- @abstract Sets the data (e.g. the password) for the receiver.
- @discussion The data for password items is the password itself. For certificates, it is the raw certificate (try to avoid setting the certificate in this manner; you may add Certificate instances to keychains directly). To set passwords, naturally use the setDataString: method instead; otherwise any implicit character set conversions that are performed may yield strange results.
- @param data The data to set for the receiver. */
+ @abstract Sets the data of the receiver.
+ @discussion The data for password items is the password itself. For certificates, it is the raw certificate (try to avoid setting the certificate in this manner; you may add Certificate instances to keychains directly).
+
+ Typically you will want to use @link setDataString: setDataString:@/link to modify passwords, as it handles the string encoding and conversion for you.
+ The data may be encrypted for storage in the keychain; this method expects the plaintext.
+
+ TODO: determine under what conditions this may fail, or prompt the user, if any. It appears that you can always set the data, but I haven't tested extensively.
+ @param data The data to set for the receiver. Should not be nil. */
+
- (void)setData:(NSData*)data;
/*! @method setDataString:
- @abstract Sets the string data (e.g. the password) for the receiver.
- @discussion The data for password items is the password itself. For certificates, the data is the raw certificate, which needs to be set using setData: rather than this method (although Certificate instances can be added to keychains directly; avoid setting KeychainItem certificate data directly).
+ @abstract Sets the data (e.g. the password) of the receiver.
+ @discussion The data for password items is the password itself. For certificates, the data is the raw certificate (which should be set using @link setData: setData:@/link rather than this method, to avoid string encoding and conversion issues).
+
+ The data may be encrypted for storage in the keychain; this method expects the plaintext.
+
+ TODO: determine under what conditions this may fail, or prompt the user, if any. It appears that you can always set the data, but I haven't tested extensively.
+ @param data The data to set for the receiver, replacing any and all already set for it. Should not be nil. */
- Note: I'm not sure what permissions are required to edit an item; from memory you don't need *any*, meaning you can overwrite any item at will. This isn't a security flaw (since it doesn't expose any sensitive data), but you could argue it's a bit of a potential pitfall nonetheless.
- @param data The data to set for the receiver, replacing any and all already set for it. */
-
- (void)setDataString:(NSString*)data;
/*! @method data
- @abstract Returns the data of the receiver (e.g. the password).
- @discussion The data for password items is the password itself. For certificates, the data is the raw certificate. You can convert between KeychainItem's & Certificate's automagically using the appropriate methods. It is not recommended that you access a certificate's data directly using this method.
+ @abstract Returns the data of the receiver.
+ @discussion The data for password items is the password itself. For certificates, the data is the raw certificate (although it is recommended you obtain a Certificate instance using the @link certificate certificate@/link method, and use that to interrogate the contents).
- Note that unless your application is already in the receiver's Access with the appropriate privileges, the user will be prompted to enter their password and allow access to the receiver (unless of course you have disabled user interaction, in which case anything which requires user interaction will result in the operation failing). If the user denies access nil is returned.
- @result The data of the receiver, or nil if an error occurs (including insufficient privileges to read the receiver). */
+ Note that unless your application is already in the receiver's Access with read access, the user will be prompted to enter their password and allow access to the receiver (unless of course you have disabled user interaction, in which case anything which requires user interaction will result in the operation failing). If the user denies access nil is returned.
+ The returned data is the plaintext, not the encrypted form.
+ @result The data of the receiver, or nil if an error occurs (including insufficient privileges to read the receiver, or if the user denied access). */
+
- (NSData*)data;
/*! @method dataAsString
@abstract Returns the data of the receiver (e.g. the password) as a string.
- @discussion The data for password items is the password itself. For certificates, the data is the raw certificate. You should use the 'data' method for retrieving certificate data, as it does not convert well to a string.
+ @discussion The data for password items is the password itself. For certificates, the data is the raw certificate (which should be retrieved using @link data data@/link rather than this method, to avoid string encoding and conversion issues).
The data is assumed to be UTF-8 encoded. If it is not, this method may fail and return nil, or may return a string which is incorrect.
- Note that unless your application is already in the receiver's Access with the appropriate privileges, the user will be prompted to enter their password and allow access to the receiver (unless of course you have disabled user interaction, in which case anything which requires user interaction will result in the operation failing). If the user denies access nil is returned.
- @result The data of the receiver, or nil if an error occurs (including insufficient privileges to read the receiver). */
+ Note that unless your application is already in the receiver's Access with read access, the user will be prompted to enter their password and allow access to the receiver (unless of course you have disabled user interaction, in which case anything which requires user interaction will result in the operation failing). If the user denies access nil is returned.
+ @result The data of the receiver, or nil if an error occurs (including insufficient privileges to read the receiver, or if the user denied access). */
- (NSString*)dataAsString;
@@ -152,51 +168,158 @@
@abstract Sets the creation date of the receiver.
@discussion The creation date should reflect the date at which the receiver was created, *not* necessarily when it was first added to the keychain in which it currently resides. This is similar to copying files between volumes; the creation date remains the same. The creation date should be set automatically, as necessary.
- Note that Keychain Access does not follow this behaviour. Indeed, the built-in behaviour may or may not be as described. Damn.
- @param date The new creation date for the receiver. */
+ Note that Keychain Access does not follow this behaviour. Indeed, the built-in behaviour may or may not be as described. TODO: verify this.
+ The default value, for new KeychainItems, is the time at which the item was created.
+ @param date The new creation date for the receiver. Should not be nil. */
+
- (void)setCreationDate:(NSDate*)date;
#if 0 // This doesn't work yet. :(
/*! @method setModificationDate:
@abstract Sets the modification date of the receiver.
- @discussion The modification date should reflect the date at which the receiver was last modified, which does not include it's addition to the owning keychain. The modification date should be updated automatically as necessary.
+ @discussion The modification date should reflect the date at which the receiver's data or attributes were last modified (which does not include it's addition to the owning keychain). The modification date is updated automatically when you modify the receiver's data or attributes.
- Note that Keychain Access does not follow this behaviour. Indeed, the built-in behaviour may or may not be as described. Damn.
- @param date The new modification date for the receiver. */
+ Note that Keychain Access does not follow this behaviour. TODO: describe Keychain Access's behaviour.
+ @param date The new modification date for the receiver. Should not be nil. */
- (void)setModificationDate:(NSDate*)date;
#endif
/*! @method setTypeDescription:
- @abstract Sets the human description of the receiver's type.
- @discussion KeychainItem's can (and 'generic' or custom types <i>should</i>) have a type description associated with them, which concisely summarises their type & purpose. Obviously, this method can be used to set this description. Examples include "Proteus Service Password", or "Web Forms Password", etc.
- @param desc The description for the custom type. */
+ @abstract Sets the human-readable description of the receiver's type.
+ @discussion KeychainItem's can (and 'generic' or custom types <i>should</i>) have a type description associated with them, which concisely summarises their type & purpose. Examples include "Proteus Service Password", or "Web Forms Password", etc.
+ Note that this is distinct from the item's label (@link setLabel: setLabel:@/link/@link label label@/link) and comment (@link setComment: setComment:@/link/@link comment comment@/link); it describes the <i>type</i> of item the receiver is, not the receiver specifically.
+
+ The default value, for new KeychainItems, is an empty string.
+ @param desc The description for the receiver. Should not be nil. */
+
- (void)setTypeDescription:(NSString*)desc;
/*! @method setComment:
@abstract Sets a human-readable comment for the receiver.
- @discussion The comment can be anything; it is intended to be end-user readable, in a similar manner to file comments in the Finder.
- @param comment The comment. */
+ @discussion The comment can be anything; it is intended to be end-user readable, in a similar manner to file comments in the Finder. This attribute should be considered user-editable.
+ The default value, for new KeychainItems, is an empty string.
+ @param comment The comment. Should not be nil. */
+
- (void)setComment:(NSString*)comment;
/*! @method setCreator:
@abstract Sets the creator code of the receiver.
- @discussion The creator code should */
+ @discussion The creator code is the Classic MacOS document creator code, identifying which application created (or otherwise presently "owns") a given item.
+
+ The default value, for new KeychainItems, is the creator code of the main bundle (i.e. your application). This may be 0.
+ @param creator The creator of the receiver, which may be 0 (meaning essentially 'no creator'). */
- (void)setCreator:(FourCharCode)creator;
+
+/*! @method setCreatorFromString:
+ @abstract Sets the creator code of the receiver from the given string.
+ @discussion This is a convenience method which converts the given string to a FourCharCode and passes that to @link setCreator: setCreator:@/link. The given string should be either empty (to clear the creator code) or contain four ASCII characters. Note that NULLs are valid in the string.
+
+ // TODO: verify how bytes > 127 are interpretted... I suspect MacRoman, but this needs to be tested.
+ @param creator The creator of the receiver, which should be either an empty string or a string containing exactly four ASCII characters. */
+
- (void)setCreatorFromString:(NSString*)creator;
+
+/*! @method setType:
+ @abstract Sets the type code of the receiver.
+ @discussion The type code is the Classic MacOS document type code, identifying the document type of a given item. This is very distinct from the @link kind kind@/link of a KeychainItem; the 'type' does not describe the type of KeychainItem, but rather the document type with which it is associated. This is largely just a hang-over from Classic MacOS, and is neither commonly used nor recommended for future use.
+
+ The default value, for new KeychainItems, is 0.
+ @param type The type of the receiver, which may be 0 (meaning essentially 'no type'). */
+
- (void)setType:(FourCharCode)type;
+
+/*! @method setTypeFromString:
+ @abstract Sets the type code of the receiver from the given string.
+ @discussion This is a convenience method which converts the given string to a FourCharCode and passes that to @link setType: setType:@/link. The given string should be either empty (to clear the type code) or contain four ASCII characters. Note that NULLs are valid in the string.
+
+ // TODO: verify how bytes > 127 are interpretted... I suspect MacRoman, but this needs to be tested.
+ @param type The type of the receiver, which should be either an empty string or a string containing exactly four ASCII characters. */
+
- (void)setTypeFromString:(NSString*)type;
+
+/*! @method setLabel:
+ @abstract Sets the human-readable label of the receiver.
+ @discussion The label is a human-readable, brief description of the receiver. This attribute should be considered user-editable.
+
+ The default value, for new KeychainItems, varies; it is automatically generated based on the receiver's contents to be some suitable default.
+ @param label The label for the receiver. Should not be nil. */
+
- (void)setLabel:(NSString*)label;
+
+/*! @method setIsVisible:
+ @abstract Sets whether or not the receiver is visible.
+ @discussion 'Visibility' applies to the end-user only, and is something that the end-developer should account for in their application; it has no bearing on how the Keychain framework works with KeychainItems. You might desire for an item to be invisible if it is internal to your application and not something the user needs to be aware of.
+
+ Note that in 10.4 I believe Keychain Access ignores this attribute and displays all items regardless. TODO: verify this.
+
+ The default value, for new KeychainItems, is YES.
+ @param visible Whether or not the receiver should be visible to the end-user. */
+
- (void)setIsVisible:(BOOL)visible;
+
+/*! @method setIsValid:
+ @abstract Sets whether or not the receiver's data is valid.
+ @discussion You may wish to add an entry to a keychain which is not actually valid, as a way of saying that you do not want to remember the real data for that item. For example, if your application has the option to add passwords to the keychain when you first enter them, if the user decides not to do so you could add a placeholder item (with an empty password) and mark it invalid. Then when your application, in future, searches for the password it will find the invalid item and know that it must prompt the user, and shouldn't try to store the password.
+
+ While you could use this to require the user to always enter a password, without the option of saving it, keep in mind that they ultimately could just choose to toggle this flag themselves, manually, if so inclined. As such, don't rely on this exclusively for setting policy. You may also want to make the receiver invisible (@link setIsVisible: setIsVisible:@/link), if it is invalid, to discourage user manipulation.
+
+ Note that as an end-developer you are responsible for handling validity appropriately; the setting of this attribute does not influence how the Keychain framework operates.
+
+ The default value, for new KeychainItems, is YES.
+ @param valid Whether or not the receiver's content (@link data data@/link) is valid. */
+
- (void)setIsValid:(BOOL)valid;
+
+/*! @method setHasCustomIcon:
+ @abstract Sets whether or not the receiver has a custom icon.
+ @discussion Custom icons are a hang-over from the Classic MacOS Keychain Manager. In a nutshell, if this attribute is set to YES, then a custom icon should be displayed (if available) by searching for the document icon corresponding to the receiver's @link creator creator@/link and @link type type@/link codes.
+
+ This attribute is more or less deprecated, and not recommended for future use.
+
+ The default value, for new KeychainItems, is NO.
+ @param icon Whether or not the receiver has a custom icon. */
+
- (void)setHasCustomIcon:(BOOL)icon;
+
+/*! @method setAccount:
+ @abstract Sets the account of the receiver.
+ @discussion The account is the login name or similar of a password. It is not encrypted when stored in the keychain. Only password KeychainItems have this attribute; not certificates.
+
+ The default value for new KeychainItems, if not otherwise defined at creation time, is an empty string.
+ @param account The account for the receiver. Should not be nil (but may be an empty string). */
+
- (void)setAccount:(NSString*)account;
+
+/*! @method setService:
+ @abstract Sets the 'service' of the receiver.
+ @discussion i.e. the type of thing it is a password for. e.g. ".Mac". This attribute is only available on generic password (kSecGenericPasswordItemClass) KeychainItems.
+
+ The default value for new KeychainItems, if not otherwise defined at creation time, is an empty string.
+ @param service The service for the receiver. Should not be nil (but may be an empty string). */
+
- (void)setService:(NSString*)service;
+
+/*! @method setUserDefinedAttribute:
+ @abstract Sets the user-defined attribute of the receiver.
+ @discussion This attribute is only available on generic password (kSecGenericPasswordItemClass) KeychainItems, and is simply a blob of arbitrary data. It is up to the end-developer to define what this attribute is, and the structure of it. In the interest of compatibility and openness the use of this attribute is discouraged. If you do use it, it's recommended you publish a description of its purpose and structure so that others may interoperate.
+
+ The default value, for new KeychainItems, is an empty NSData.
+ @param attribute The attribute value. Should not be nil (but may be empty). */
+
- (void)setUserDefinedAttribute:(NSData*)attribute;
+
+/*! @method setDomain:
+ @abstract Sets the security domain of the receiver.
+ @discussion The security domain (also know as a realm) is a way of identifying a subsection of a website which uses the same login. For example, on www.example.com there may be a "PHPmyAdmin" domain and a "User" domain. Where you have knowledge of the domain of a password, it is wise to reference the domain in preference to a particular path, as the user should not be prompted multiple times for the same login, for the same domain.
+
+ The default for new KeychainItems, if not otherwise defined at creation time, is an empty string.
+ @param domain The security domain for the receiver. Should not be nil (but may be an empty string). */
+
- (void)setDomain:(NSString*)domain;
- (void)setServer:(NSString*)server;
- (void)setAuthenticationType:(SecAuthenticationType)authType;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-27 23:06:15
|
Revision: 422
http://keychain.svn.sourceforge.net/keychain/?rev=422&view=rev
Author: wadetregaskis
Date: 2007-10-27 16:06:13 -0700 (Sat, 27 Oct 2007)
Log Message:
-----------
* Minor corrections in comments and so forth.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-27 23:04:10 UTC (rev 421)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-27 23:06:13 UTC (rev 422)
@@ -323,7 +323,7 @@
NSDate *creationDateAsSet = [currentItem creationDate];
TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDateAsSet, ==, newCreationDate, "\tCan change creation date");
- // Setting the modification date, well, sets the modification date. So this test isn't semantically valid or reliably passed.
+ // Setting the modification date doesn't currently work.
/*NSDate *newModificationDate = [NSDate dateWithNaturalLanguageString:@"10 minutes ago"];
[currentItem setModificationDate:newModificationDate];
NSDate *modificationDateAsSet = [currentItem modificationDate];
@@ -415,40 +415,41 @@
// Verify changes all together
- TEST_ISEQUAL([currentItem dataAsString], @"rimmerisanacehole", "\tPassword is correct");
+ TEST_ISEQUAL([currentItem dataAsString], @"rimmerisanacehole", "\tPassword is still correct");
- TEST_ISEQUAL([currentItem account], @"Lister", "\tAccount is correct");
- TEST_ISEQUAL([currentItem domain], @"Red Dwarf Pilots", "\tDomain is correct (none)");
- TEST_ISEQUAL([currentItem server], @"reddwarf.net", "\tServer is correct");
- TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeRPA, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
- TEST_INTSEQUAL([currentItem port], 21, "\tPort is correct");
- TEST_ISEQUAL([currentItem path], @"/StarBug2/Logs/Pilot", "\tPath is correct");
- TEST_INTSEQUAL_F([currentItem protocol], kSecProtocolTypeFTP, nameOfProtocolConstant, "\tProtocol is correct");
+ TEST_ISEQUAL([currentItem account], @"Lister", "\tAccount is still correct");
+ TEST_ISEQUAL([currentItem domain], @"Red Dwarf Pilots", "\tDomain is still correct (none)");
+ TEST_ISEQUAL([currentItem server], @"reddwarf.net", "\tServer is still correct");
+ TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeRPA, nameOfAuthenticationTypeConstant, "\tAuthentication type is still correct");
+ TEST_INTSEQUAL([currentItem port], 21, "\tPort is still correct");
+ TEST_ISEQUAL([currentItem path], @"/StarBug2/Logs/Pilot", "\tPath is still correct");
+ TEST_INTSEQUAL_F([currentItem protocol], kSecProtocolTypeFTP, nameOfProtocolConstant, "\tProtocol is still correct");
- TEST(![currentItem passwordIsValid], "\tPassword is noted as invalid");
- TEST(![currentItem isVisible], "\tPassword is invisible");
- TEST([currentItem hasCustomIcon], "\tHas custom icon");
+ TEST(![currentItem passwordIsValid], "\tPassword is still noted as invalid");
+ TEST(![currentItem isVisible], "\tPassword is still invisible");
+ TEST([currentItem hasCustomIcon], "\tStill has custom icon");
- TEST_COMPARE_DATES_WITHOUT_SUBSECONDS([currentItem creationDate], ==, newCreationDate, "\tCan change creation date");
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS([currentItem creationDate], ==, newCreationDate, "\tCreation date is still correct");
+ //TEST_COMPARE_DATES_WITHOUT_SUBSECONDS([currentItem modificationDate], ==, newModificationDate, "\tModification date is still correct");
- TEST_ISEQUAL([currentItem typeDescription], @"FTP password for Lister's pilot log on Red Dwarf", "\tType description is correct");
- TEST_ISEQUAL([currentItem comment], @"Like this will ever get used", "\tComment is correct");
- TEST_INTSEQUAL([currentItem creator], 'Admn', "\tCreator is correct (FourCharCode version)");
- TEST_ISEQUAL([currentItem creatorAsString], @"Admn", "\tCreator is correct (string version)");
- TEST_INTSEQUAL([currentItem type], 'RedD', "\tType is correct (FourCharCode version)");
- TEST_ISEQUAL([currentItem typeAsString], @"RedD", "\tType is correct (string version)");
- TEST_ISEQUAL([currentItem label], @"Lister's log access password", "\tLabel is correct");
- TEST_ISEQUAL([currentItem alias], @"Get lost, Rimmer", "\tAlias is correct");
+ TEST_ISEQUAL([currentItem typeDescription], @"FTP password for Lister's pilot log on Red Dwarf", "\tType description is still correct");
+ TEST_ISEQUAL([currentItem comment], @"Like this will ever get used", "\tComment is still correct");
+ TEST_INTSEQUAL([currentItem creator], 'Admn', "\tCreator is still correct (FourCharCode version)");
+ TEST_ISEQUAL([currentItem creatorAsString], @"Admn", "\tCreator is still correct (string version)");
+ TEST_INTSEQUAL([currentItem type], 'RedD', "\tType is still correct (FourCharCode version)");
+ TEST_ISEQUAL([currentItem typeAsString], @"RedD", "\tType is still correct (string version)");
+ TEST_ISEQUAL([currentItem label], @"Lister's log access password", "\tLabel is still correct");
+ TEST_ISEQUAL([currentItem alias], @"Get lost, Rimmer", "\tAlias is still correct");
- TEST_ISNIL([currentItem service], "\tDoesn't have a service (not applicable to interest passwords)");
- TEST_ISNIL([currentItem userDefinedAttribute], "\tDoesn't have user-defined attribute (not applicable to internet passwords)");
- TEST_ISNIL([currentItem appleShareVolume], "\tDoesn't have AppleShare volume (not applicable to internet passwords)");
- TEST_ISNIL([currentItem appleShareAddress], "\tDoesn't have AppleShare address (not applicable to internet passwords)");
- TEST_ISNIL([currentItem appleShareSignatureData], "\tDoesn't have AppleShare signature (not applicable to internet passwords)");
- TEST_INTSEQUAL_F([currentItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tDoesn't have a certificate type (not applicable to internet passwords)");
- TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tDoesn't have a certificate encoding (not applicable to internet passwords)");
- TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tDoesn't have a CRL type (not applicable to internet passwords)");
- TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tDoesn't have a CRL encoding (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem service], "\tStill doesn't have a service (not applicable to interest passwords)");
+ TEST_ISNIL([currentItem userDefinedAttribute], "\tStill doesn't have user-defined attribute (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareVolume], "\tStill doesn't have AppleShare volume (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareAddress], "\tStill doesn't have AppleShare address (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareSignatureData], "\tStill doesn't have AppleShare signature (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tStill doesn't have a certificate type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tStill doesn't have a certificate encoding (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tStill doesn't have a CRL type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tStill doesn't have a CRL encoding (not applicable to internet passwords)");
}
END_TEST();
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-27 23:04:07
|
Revision: 421
http://keychain.svn.sourceforge.net/keychain/?rev=421&view=rev
Author: wadetregaskis
Date: 2007-10-27 16:04:10 -0700 (Sat, 27 Oct 2007)
Log Message:
-----------
* Tried to make setModificationDate: work, but there appears to be a glitch in the Security framework which is blocking that, for the moment. #if'd out setModificationDate: until I can get it working.
* Added class documentation for KeychainItem.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-22 06:19:36 UTC (rev 420)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-27 23:04:10 UTC (rev 421)
@@ -33,6 +33,14 @@
extern BOOL KeychainFrameworkWarnForMissingKeychainItemAttributes;
+/*! @class KeychainItem
+ @abstract Represents a password, certificate, key, or other such keychain item.
+ @discussion The KeychainItem is, of course, what the Keychain centres around. A KeychainItem is in a nutshell just some data - optionally encrypted - with various associated attributes. Common types of keychain item are passwords (further categorised as "internet", "AppleShare" or "generic") and certificates. There is also support for storing keys, encrypted text and more, although presently these types are not fully supported by the KeychainItem class.
+
+ You don't usually create KeychainItem's directly, but rather acquire them (as existing items) from a keychain, or as new items created as a result of using a Keychain method such as @link addGenericPassword:onService:forAccount:replaceExisting: addGenericPassword:onService:forAccount:replaceExisting:@/link, @link addInternetPassword:onServer:forAccount:port:path:inSecurityDomain:protocol:auth:replaceExisting: addInternetPassword:onServer:forAccount:port:path:inSecurityDomain:protocol:auth:replaceExisting:@/link and @link addCertificate: addCertificate:@/link, among others.
+
+ Although it's not usually something you need to think about, it so happens that keychains are implemented on Mac OS X as special CDSA data stores (a combined CSP/DL). This means that Certificates are actually KeychainItems for most intents and purposes, and you can easily translate between them using the @link certificate certificate@/link and @link keychainItem keychainItem@/link methods. */
+
@interface KeychainItem : NSCachedObject {
@protected
SecKeychainItemRef _keychainItem;
@@ -149,6 +157,7 @@
- (void)setCreationDate:(NSDate*)date;
+#if 0 // This doesn't work yet. :(
/*! @method setModificationDate:
@abstract Sets the modification date of the receiver.
@discussion The modification date should reflect the date at which the receiver was last modified, which does not include it's addition to the owning keychain. The modification date should be updated automatically as necessary.
@@ -157,6 +166,7 @@
@param date The new modification date for the receiver. */
- (void)setModificationDate:(NSDate*)date;
+#endif
/*! @method setTypeDescription:
@abstract Sets the human description of the receiver's type.
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-22 06:19:36 UTC (rev 420)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-27 23:04:10 UTC (rev 421)
@@ -18,6 +18,7 @@
#import <Keychain/Trust.h>
#import <Keychain/SecurityUtils.h>
#import <Keychain/Logging.h>
+#import <Keychain/CSSMTypes.h>
BOOL KeychainFrameworkWarnForMissingKeychainItemAttributes = NO;
@@ -255,11 +256,66 @@
}
}
+#if 0
- (void)setModificationDate:(NSDate*)date {
- if (![self _setAttribute:kSecModDateItemAttr date:date]) {
+ // This is a special case. If we use any of the Sec* level API, it will automatically update the modification date, defeating our attempted change. D'oh. So we need to go down to the CSSM level and change it there, where there are no automatic behaviours like that.
+
+ // Unfortunately, it doesn't work. For some reason the myType parameter isn't accepted, and worse, whatever magic value it needs to be changes each time you run... I suspect at this point that it's accidentally comparing against a pointer, rather than the value, but I haven't checked that hypothesis yet.
+
+ SecKeychainItemRef keychainItemRef = [self keychainItemRef];
+ CSSM_DL_DB_HANDLE dldbHandle;
+
+ _error = SecKeychainItemGetDLDBHandle(keychainItemRef, &dldbHandle);
+
+ if (noErr == _error) {
+ const CSSM_DB_UNIQUE_RECORD *uniqueRecordID;
+
+ _error = SecKeychainItemGetUniqueRecordID(keychainItemRef, &uniqueRecordID);
+
+ if (noErr == _error) {
+ CSSM_DB_RECORD_ATTRIBUTE_DATA attributesToBeModified;
+ CSSM_DB_RECORDTYPE myType = ????; // God damn Security framework seems to change what this value's supposed to be every time, so it's impossible to get it right. //2442152336;//CSSM_DL_DB_RECORD_INTERNET_PASSWORD;//[self kind]; // Not sure if this will work, but then I don't know how to determine this properly..?
+ CSSM_DB_ATTRIBUTE_DATA attribute;
+ CSSM_DATA attributeValue;
+
+ resetCSSMData(&attributeValue);
+ copyNSDataToData([[date descriptionWithCalendarFormat:@"%Y%m%d%H%M%SZ" timeZone:[NSTimeZone timeZoneForSecondsFromGMT:0] locale:nil] dataUsingEncoding:NSASCIIStringEncoding], &attributeValue);
+
+ attribute.NumberOfValues = 1;
+ attribute.Info.AttributeFormat = CSSM_DB_ATTRIBUTE_FORMAT_BLOB;
+ attribute.Info.AttributeNameFormat = CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER;
+ attribute.Info.Label.AttributeID = kSecModDateItemAttr;
+ attribute.Value = &attributeValue;
+
+ attributesToBeModified.NumberOfAttributes = 1;
+ attributesToBeModified.SemanticInformation = 0;
+ attributesToBeModified.DataRecordType = myType;
+ attributesToBeModified.AttributeData = &attribute;
+
+ //do {
+ _error = CSSM_DL_DataModify(dldbHandle, myType/*++*/, (CSSM_DB_UNIQUE_RECORD*)uniqueRecordID, &attributesToBeModified, NULL, CSSM_DB_MODIFY_ATTRIBUTE_REPLACE);
+ //} while ((CSSM_OK != _error) && (myType != -1));
+
+ PDEBUG(@"myType = %"PRIu32".\n", myType);
+
+ if (CSSM_OK != _error) {
+ PSYSLOGND(LOG_ERR, @"Unable to modify KeychainItem %p's modification date - error %@.\n", self, CSSMErrorAsString(_error));
+ PDEBUG(@"CSSM_DL_DataModify(%"PRIdldbHandle", %"PRIu32", <pretty printing not supported>, %p, NULL, CSSM_DB_MODIFY_ATTRIBUTE_REPLACE) returned error %@.\n", dldbHandle, myType, &attributesToBeModified, CSSMErrorAsString(_error));
+ }
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to get KeychainItem %p's unique record ID - error %@.\n", self, OSStatusAsString(_error));
+ PDEBUG(@"SecKeychainItemGetUniqueRecordID(%p, %p) returned error %@.\n", keychainItemRef, &uniqueRecordID, OSStatusAsString(_error));
+ }
+ } else {
+ PSYSLOGND(LOG_ERR, @"Unable to get KeychainItem %p's DL/DB handle - error %@.\n", self, OSStatusAsString(_error));
+ PDEBUG(@"SecKeychainItemGetDLDBHandle(%p, %p) returned error %@.\n", keychainItemRef, &dldbHandle, OSStatusAsString(_error));
+ }
+
+ /*if (![self _setAttribute:kSecModDateItemAttr date:date]) {
PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's modification date - error %@.\n", self, OSStatusAsString(_error));
- }
+ }*/
}
+#endif
- (void)setTypeDescription:(NSString*)desc {
if (![self _setAttribute:kSecDescriptionItemAttr string:desc encoding:NSUTF8StringEncoding]) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-22 06:19:32
|
Revision: 420
http://keychain.svn.sourceforge.net/keychain/?rev=420&view=rev
Author: wadetregaskis
Date: 2007-10-21 23:19:36 -0700 (Sun, 21 Oct 2007)
Log Message:
-----------
* Added tests for FourCharCode variants of the creator & type attributes (in addition to the string versions already tested).
* Added final full-attribute check in test_modifyInternetPassword().
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-22 02:52:36 UTC (rev 419)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-22 06:19:36 UTC (rev 420)
@@ -89,8 +89,10 @@
TEST_ISEQUAL([currentItem typeDescription], @"", "\tHas no type description");
TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
- TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator");
- TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type");
+ TEST_INTSEQUAL([currentItem creator], 0, "\tHas no creator (FourCharCode version)");
+ TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator (string version)");
+ TEST_INTSEQUAL([currentItem type], 0, "\tHas no type (FourCharCode version)");
+ TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type (string version)");
//TEST_ISEQUAL([currentItem label], @"", "\tHas no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
@@ -133,8 +135,10 @@
TEST_ISEQUAL([originalItem typeDescription], @"", "\tOriginal item still has no type description");
TEST_ISEQUAL([originalItem comment], @"", "\tOriginal item still has no comment");
- TEST_ISEQUAL([originalItem creatorAsString], @"", "\tOriginal item still has no creator");
- TEST_ISEQUAL([originalItem typeAsString], @"", "\tOriginal item still has no type");
+ TEST_INTSEQUAL([originalItem creator], 0, "\tOriginal item still has no creator (FourCharCode version)");
+ TEST_ISEQUAL([originalItem creatorAsString], @"", "\tOriginal item still has no creator (string version)");
+ TEST_INTSEQUAL([originalItem type], 0, "\tOriginal item still has no type (FourCharCode version)");
+ TEST_ISEQUAL([originalItem typeAsString], @"", "\tOriginal item still has no type (string version)");
//TEST_ISEQUAL([currentItem label], @"", "\tOriginal item's Has no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
TEST_ISEQUAL([originalItem alias], @"", "\tOriginal item still has no alias");
@@ -177,8 +181,10 @@
TEST_ISEQUAL([currentItem typeDescription], @"", "\tHas no type description");
TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
- TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator");
- TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type");
+ TEST_INTSEQUAL([currentItem creator], 0, "\tHas no creator (FourCharCode version)");
+ TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator (string version)");
+ TEST_INTSEQUAL([currentItem type], 0, "\tHas no type (FourCharCode version)");
+ TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type (string version)");
//TEST_ISEQUAL([currentItem label], @"", "\tHas no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
@@ -233,8 +239,10 @@
TEST_ISEQUAL([currentItem typeDescription], @"", "\tHas no type description");
TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
- TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator");
- TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type");
+ TEST_INTSEQUAL([currentItem creator], 0, "\tHas no creator (FourCharCode version)");
+ TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator (string version)");
+ TEST_INTSEQUAL([currentItem type], 0, "\tHas no type (FourCharCode version)");
+ TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type (string version)");
//TEST_ISEQUAL([currentItem label], @"", "\tHas no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
@@ -287,8 +295,10 @@
TEST_ISEQUAL([currentItem typeDescription], @"", "\tHas no type description");
TEST_ISEQUAL([currentItem comment], @"", "\tHas no comment");
- TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator");
- TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type");
+ TEST_INTSEQUAL([currentItem creator], 0, "\tHas no creator (FourCharCode version)");
+ TEST_ISEQUAL([currentItem creatorAsString], @"", "\tHas no creator (string version)");
+ TEST_INTSEQUAL([currentItem type], 0, "\tHas no type (FourCharCode version)");
+ TEST_ISEQUAL([currentItem typeAsString], @"", "\tHas no type (string version)");
//TEST_ISEQUAL([currentItem label], @"", "\tHas no label"); // A label is set by default ("localhost", in this example, at present), which is valid.. but I don't want to test against it explicitly, because really any default is valid.
TEST_ISEQUAL([currentItem alias], @"", "\tHas no alias");
@@ -401,6 +411,44 @@
[currentItem setAlias:@"Get lost, Rimmer"];
TEST_ISEQUAL([currentItem alias], @"Get lost, Rimmer", "\tCan change alias");
+
+
+ // Verify changes all together
+
+ TEST_ISEQUAL([currentItem dataAsString], @"rimmerisanacehole", "\tPassword is correct");
+
+ TEST_ISEQUAL([currentItem account], @"Lister", "\tAccount is correct");
+ TEST_ISEQUAL([currentItem domain], @"Red Dwarf Pilots", "\tDomain is correct (none)");
+ TEST_ISEQUAL([currentItem server], @"reddwarf.net", "\tServer is correct");
+ TEST_INTSEQUAL_F([currentItem authenticationType], kSecAuthenticationTypeRPA, nameOfAuthenticationTypeConstant, "\tAuthentication type is correct");
+ TEST_INTSEQUAL([currentItem port], 21, "\tPort is correct");
+ TEST_ISEQUAL([currentItem path], @"/StarBug2/Logs/Pilot", "\tPath is correct");
+ TEST_INTSEQUAL_F([currentItem protocol], kSecProtocolTypeFTP, nameOfProtocolConstant, "\tProtocol is correct");
+
+ TEST(![currentItem passwordIsValid], "\tPassword is noted as invalid");
+ TEST(![currentItem isVisible], "\tPassword is invisible");
+ TEST([currentItem hasCustomIcon], "\tHas custom icon");
+
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS([currentItem creationDate], ==, newCreationDate, "\tCan change creation date");
+
+ TEST_ISEQUAL([currentItem typeDescription], @"FTP password for Lister's pilot log on Red Dwarf", "\tType description is correct");
+ TEST_ISEQUAL([currentItem comment], @"Like this will ever get used", "\tComment is correct");
+ TEST_INTSEQUAL([currentItem creator], 'Admn', "\tCreator is correct (FourCharCode version)");
+ TEST_ISEQUAL([currentItem creatorAsString], @"Admn", "\tCreator is correct (string version)");
+ TEST_INTSEQUAL([currentItem type], 'RedD', "\tType is correct (FourCharCode version)");
+ TEST_ISEQUAL([currentItem typeAsString], @"RedD", "\tType is correct (string version)");
+ TEST_ISEQUAL([currentItem label], @"Lister's log access password", "\tLabel is correct");
+ TEST_ISEQUAL([currentItem alias], @"Get lost, Rimmer", "\tAlias is correct");
+
+ TEST_ISNIL([currentItem service], "\tDoesn't have a service (not applicable to interest passwords)");
+ TEST_ISNIL([currentItem userDefinedAttribute], "\tDoesn't have user-defined attribute (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareVolume], "\tDoesn't have AppleShare volume (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareAddress], "\tDoesn't have AppleShare address (not applicable to internet passwords)");
+ TEST_ISNIL([currentItem appleShareSignatureData], "\tDoesn't have AppleShare signature (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateType], CSSM_CERT_UNKNOWN, nameOfCertificateTypeConstant, "\tDoesn't have a certificate type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem certificateEncoding], CSSM_CERT_ENCODING_UNKNOWN, nameOfCertificateEncodingConstant, "\tDoesn't have a certificate encoding (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLType], CSSM_CRL_TYPE_UNKNOWN, nameOfCRLTypeConstant, "\tDoesn't have a CRL type (not applicable to internet passwords)");
+ TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tDoesn't have a CRL encoding (not applicable to internet passwords)");
}
END_TEST();
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-22 02:52:31
|
Revision: 419
http://keychain.svn.sourceforge.net/keychain/?rev=419&view=rev
Author: wadetregaskis
Date: 2007-10-21 19:52:36 -0700 (Sun, 21 Oct 2007)
Log Message:
-----------
* Updated test_modifyInternetPasswords to have correct expections for the service, userDefinedAttribute and alias attributes. All tests now pass (when combined with the necessary fixes to KeychainItem.m, already checked in)!
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-22 02:51:41 UTC (rev 418)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-22 02:52:36 UTC (rev 419)
@@ -353,11 +353,11 @@
TEST_ISEQUAL([currentItem account], @"Lister", "\tCan change account");
[currentItem setService:@"Impossible"];
- TEST_ISEQUAL([currentItem service], @"Impossible", "\tCan change service");
+ TEST_ISNIL([currentItem service], "\tCannot change service (not applicable to Internet passwords)");
NSData *userDefinedAttribute = [NSData dataWithBytes:"Arbitrary" length:9];
[currentItem setUserDefinedAttribute:userDefinedAttribute];
- TEST_ISEQUAL([currentItem userDefinedAttribute], userDefinedAttribute, "\tCan change user-defined attribute");
+ TEST_ISNIL([currentItem userDefinedAttribute], "\tCannot change user-defined attribute (not applicable to Internet passwords)");
[currentItem setDomain:@"Red Dwarf Pilots"];
TEST_ISEQUAL([currentItem domain], @"Red Dwarf Pilots", "\tCan change domain");
@@ -400,7 +400,7 @@
TEST_INTSEQUAL_F([currentItem CRLEncoding], CSSM_CRL_ENCODING_UNKNOWN, nameOfCRLEncodingConstant, "\tCannot change CRL encoding (not applicable to Internet passwords)");
[currentItem setAlias:@"Get lost, Rimmer"];
- TEST_ISNIL([currentItem alias], "\tCannot change alias (not applicable to Internet passwords)");
+ TEST_ISEQUAL([currentItem alias], @"Get lost, Rimmer", "\tCan change alias");
}
END_TEST();
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-22 02:51:40
|
Revision: 418
http://keychain.svn.sourceforge.net/keychain/?rev=418&view=rev
Author: wadetregaskis
Date: 2007-10-21 19:51:41 -0700 (Sun, 21 Oct 2007)
Log Message:
-----------
* Changed -[KeychainItem setAlias:] to use SecKeychainItemModifyContent instead of SecKeychainItemModifyAttributesAndData to work around a Security framework bug (rdar://problem/5551704).
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-22 02:35:46 UTC (rev 417)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-22 02:51:41 UTC (rev 418)
@@ -448,8 +448,28 @@
}
- (void)setAlias:(NSString*)alias {
- if (![self _setAttribute:kSecAlias string:alias encoding:NSUTF8StringEncoding]) {
- PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's alias - error %@.\n", self, OSStatusAsString(_error));
+ // This SHOULD be just the three lines below, except for a bug in the Security framework. rdar://problem/5551704
+ //
+ //if (![self _setAttribute:kSecAlias string:alias encoding:NSUTF8StringEncoding]) {
+ // PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's alias - error %@.\n", self, OSStatusAsString(_error));
+ //}
+
+ SecKeychainAttributeList list;
+ SecKeychainAttribute attr;
+ const char *utf8String = [alias UTF8String];
+
+ list.count = 1;
+ list.attr = &attr;
+
+ attr.tag = kSecAlias;
+ attr.length = strlen(utf8String);
+ attr.data = (void*)utf8String;
+
+ _error = SecKeychainItemModifyContent(_keychainItem, &list, 0, NULL);
+
+ if (noErr != _error) {
+ PSYSLOGND(LOG_ERR, @"Unable to set KeychainItem %p's alias - error %@.\n", self, OSStatusAsString(_error));
+ PDEBUG(@"SecKeychainItemModifyContent(%p, %p [attribute = kSecAlias, data = %p (length %lu)], 0, NULL) returned error %@.\n", _keychainItem, &list, attr.data, attr.length, OSStatusAsString(_error));
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-22 02:35:42
|
Revision: 417
http://keychain.svn.sourceforge.net/keychain/?rev=417&view=rev
Author: wadetregaskis
Date: 2007-10-21 19:35:46 -0700 (Sun, 21 Oct 2007)
Log Message:
-----------
* Commented out the test for setModificationDate:, because setting the modification date doesn't work (on Tiger, at least).
Modified Paths:
--------------
trunk/Frameworks/Keychain/Testers/KeychainTester.m
Modified: trunk/Frameworks/Keychain/Testers/KeychainTester.m
===================================================================
--- trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-22 02:34:26 UTC (rev 416)
+++ trunk/Frameworks/Keychain/Testers/KeychainTester.m 2007-10-22 02:35:46 UTC (rev 417)
@@ -313,10 +313,11 @@
NSDate *creationDateAsSet = [currentItem creationDate];
TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(creationDateAsSet, ==, newCreationDate, "\tCan change creation date");
- NSDate *newModificationDate = [NSDate dateWithNaturalLanguageString:@"10 minutes ago"];
+ // Setting the modification date, well, sets the modification date. So this test isn't semantically valid or reliably passed.
+ /*NSDate *newModificationDate = [NSDate dateWithNaturalLanguageString:@"10 minutes ago"];
[currentItem setModificationDate:newModificationDate];
- NSDate *modificationDateAsSet = [currentItem creationDate];
- TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDateAsSet, ==, newModificationDate, "\tCan change modification date");
+ NSDate *modificationDateAsSet = [currentItem modificationDate];
+ TEST_COMPARE_DATES_WITHOUT_SUBSECONDS(modificationDateAsSet, ==, newModificationDate, "\tCan change modification date");*/
[currentItem setTypeDescription:@"FTP password for Lister's pilot log on Red Dwarf"]; // Note that I don't think this is a good example, as it's not really the purpose of the type description afaik.
TEST_ISEQUAL([currentItem typeDescription], @"FTP password for Lister's pilot log on Red Dwarf", "\tCan change type description");
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-22 02:34:22
|
Revision: 416
http://keychain.svn.sourceforge.net/keychain/?rev=416&view=rev
Author: wadetregaskis
Date: 2007-10-21 19:34:26 -0700 (Sun, 21 Oct 2007)
Log Message:
-----------
* Changed -[KeychainItem _setAttribute:date:] to include the NULL terminator in the length it passes to the Security framework, which resolves bug #1817555.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-21 19:43:26 UTC (rev 415)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-22 02:34:26 UTC (rev 416)
@@ -232,7 +232,10 @@
}
- (BOOL)_setAttribute:(SecKeychainAttrType)type date:(NSDate*)date {
- return [self _setAttribute:type string:[date descriptionWithCalendarFormat:@"%Y%m%d%H%M%SZ" timeZone:[NSTimeZone timeZoneForSecondsFromGMT:0] locale:nil] encoding:NSASCIIStringEncoding];
+ NSString *dateString = [date descriptionWithCalendarFormat:@"%Y%m%d%H%M%SZ" timeZone:[NSTimeZone timeZoneForSecondsFromGMT:0] locale:nil];
+ const char *bytes = [dateString cStringUsingEncoding:NSASCIIStringEncoding];
+
+ return [self _setAttribute:type bytes:bytes length:([dateString lengthOfBytesUsingEncoding:NSASCIIStringEncoding] + 1)];
}
- (BOOL)_setAttribute:(SecKeychainAttrType)type boolValue:(BOOL)value {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <wad...@us...> - 2007-10-21 19:43:22
|
Revision: 415
http://keychain.svn.sourceforge.net/keychain/?rev=415&view=rev
Author: wadetregaskis
Date: 2007-10-21 12:43:26 -0700 (Sun, 21 Oct 2007)
Log Message:
-----------
* Changed the argument type for -[Keychainitem setCreationDate:] & -[KeychainItem setModificationDate:] from NSCalendarDate to NSDate.
Modified Paths:
--------------
trunk/Frameworks/Keychain/Keychain/KeychainItem.h
trunk/Frameworks/Keychain/Keychain/KeychainItem.m
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.h
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-21 19:42:41 UTC (rev 414)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.h 2007-10-21 19:43:26 UTC (rev 415)
@@ -147,7 +147,7 @@
Note that Keychain Access does not follow this behaviour. Indeed, the built-in behaviour may or may not be as described. Damn.
@param date The new creation date for the receiver. */
-- (void)setCreationDate:(NSCalendarDate*)date;
+- (void)setCreationDate:(NSDate*)date;
/*! @method setModificationDate:
@abstract Sets the modification date of the receiver.
@@ -156,7 +156,7 @@
Note that Keychain Access does not follow this behaviour. Indeed, the built-in behaviour may or may not be as described. Damn.
@param date The new modification date for the receiver. */
-- (void)setModificationDate:(NSCalendarDate*)date;
+- (void)setModificationDate:(NSDate*)date;
/*! @method setTypeDescription:
@abstract Sets the human description of the receiver's type.
Modified: trunk/Frameworks/Keychain/Keychain/KeychainItem.m
===================================================================
--- trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-21 19:42:41 UTC (rev 414)
+++ trunk/Frameworks/Keychain/Keychain/KeychainItem.m 2007-10-21 19:43:26 UTC (rev 415)
@@ -246,13 +246,13 @@
}
}
-- (void)setCreationDate:(NSCalendarDate*)date {
+- (void)setCreationDate:(NSDate*)date {
if (![self _setAttribute:kSecCreationDateItemAttr date:date]) {
PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's creation date - error %@.\n", self, OSStatusAsString(_error));
}
}
-- (void)setModificationDate:(NSCalendarDate*)date {
+- (void)setModificationDate:(NSDate*)date {
if (![self _setAttribute:kSecModDateItemAttr date:date]) {
PSYSLOG(LOG_ERR, @"Unable to set KeychainItem %p's modification date - error %@.\n", self, OSStatusAsString(_error));
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
