sec/Security/SecPasswordGenerate.h

   1 /*
   2  * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*!
  25  @header SecPasswordGenerate
  26  SecPassword implements logic to use the system facilities for acquiring a password,
  27  optionally stored and retrieved from the user's keychain.
  28  */
  29
  30 #ifndef _SECURITY_SECPASSWORDGENERATE_H_
  31 #define _SECURITY_SECPASSWORDGENERATE_H_
  32
  33 #ifdef __cplusplus
  34 extern "C" {
  35 #endif
  36
  37 #include <CoreFoundation/CoreFoundation.h>
  38 #include <Security/SecBase.h>
  39
  40 typedef uint32_t SecPasswordType;
  41 enum {
  42     kSecPasswordTypeSafari = 0,
  43     kSecPasswordTypeiCloudRecovery = 1,
  44     kSecPasswordTypeWifi = 2,
  45     kSecPasswordTypePIN = 3
  46 } __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  47
  48 // Keys for external dictionaries with password generation requirements we read from plist.
  49 extern CFStringRef kSecPasswordDefaultForType
  50     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  51
  52 extern CFStringRef kSecPasswordMinLengthKey
  53     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  54 extern CFStringRef kSecPasswordMaxLengthKey
  55     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  56 extern CFStringRef kSecPasswordAllowedCharactersKey
  57     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  58 extern CFStringRef kSecPasswordRequiredCharactersKey
  59     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  60
  61 extern CFStringRef kSecPasswordDisallowedCharacters
  62     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  63 extern CFStringRef kSecPasswordCantStartWithChars
  64     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  65 extern CFStringRef kSecPasswordCantEndWithChars
  66     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  67
  68 extern CFStringRef kSecPasswordContainsNoMoreThanNSpecificCharacters
  69     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  70 extern CFStringRef kSecPasswordContainsAtLeastNSpecificCharacters
  71     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  72 extern CFStringRef kSecPasswordContainsNoMoreThanNConsecutiveIdenticalCharacters
  73     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  74
  75 extern CFStringRef kSecPasswordCharacters
  76     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  77 extern CFStringRef kSecPasswordCharacterCount
  78     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  79
  80 extern CFStringRef kSecPasswordGroupSize
  81     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  82 extern CFStringRef kSecPasswordNumberOfGroups
  83     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  84 extern CFStringRef kSecPasswordSeparator
  85     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  86
  87
  88 /*
  89     @function SecPasswordCopyDefaultPasswordLength
  90     @abstract Returns the default length/number of tuples of a defaultly generated password
  91     @param type: default password types kSecPasswordTypeSafari, kSecPasswordTypeiCloudRecovery, kSecPasswordTypeWifi, kSecPasswordTypePIN
  92     @param error: An error code will be returned if an unrecognized password type is passed to the routine.
  93     @result Dictionary consisting of length of tuple and number of tuples or a NULL if the passed type isn't recognized.
  94 */
  95 CFDictionaryRef SecPasswordCopyDefaultPasswordLength(SecPasswordType type, CFErrorRef *error)
  96     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
  97
  98
  99 /*
 100  @function SecPasswordIsPasswordWeak
 101  @abstract Evalutes the weakness of a passcode. This function can take any type of passcode.  Currently
 102     the function evaluates passcodes with only ASCII characters
 103  @param passcode a string of any length and type (4 digit PIN, complex passcode)
 104  @result True if the password is weak, False if the password is strong.
 105  */
 106
 107 bool SecPasswordIsPasswordWeak(CFStringRef passcode)
 108     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
 109
 110 /*
 111  @function SecPasswordGenerate.  Supports generating passwords for Safari, iCloud, Personal
 112  Hotspot clients.  Will also generate 4 digit pins.
 113  @abstract Returns a generated password based on a set of constraints
 114  @param type: type of password to generate. Pass enum types
 115  kSecPasswordTypeSafari, kSecPasswordTypeiCloudRecovery, kSecPasswordTypeWifi, or kSecPasswordTypePIN
 116  @param error: An error code will be returned if an error is encountered.  Check SecBase.h for the list of codes.
 117  @param passwordRequirements: a dictionary containing a set of password requirements.
 118  ex: password type 'safari' requires at least: minLength, maxLength, string
 119  of allowed characters, required characters
 120  @return NULL or a CFStringRef password
 121
 122  *Note: This parameters is not required if kSecPasswordTypeiCloudRecovery or kSecPasswordTypePIN is supplied as the type.
 123  If kSecPasswordTypeSafari or kSecPasswordTypeWifi is supplied, you must include these dictionary key/value pairs:
 124  kSecPasswordMinLengthKey / CFNumberRef
 125  kSecPasswordMaxLengthKey / CFNumberRef
 126  kSecPasswordAllowedCharactersKey / CFStringRef
 127  kSecPasswordRequiredCharactersKey / CFArrayRef of CFCharacterSetRefs
 128
 129  *Note: Be sure to release the returned password when done using it.
 130  */
 131 CF_RETURNS_RETAINED CFStringRef SecPasswordGenerate(SecPasswordType type, CFErrorRef *error, CFDictionaryRef passwordRequirements)
 132     __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
 133
 134 #ifdef __cplusplus
 135 }
 136 #endif
 137
 138 #endif /* !_SECURITY_SECPASSWORDGENERATE_H_ */