keychain/headers/SecKeyProxy.h

   1 /*
   2  * Copyright (c) 2006-2010,2012-2017 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*!
  25  @header SecKeyProxy
  26  Declaration of SecKey proxy object allowing SecKeyRef to be accessed remotely through XPC.
  27  */
  28
  29 #ifndef _SECURITY_SECKEYPROXY_H_
  30 #define _SECURITY_SECKEYPROXY_H_
  31
  32 #import <Foundation/Foundation.h>
  33 #include <Security/SecBase.h>
  34 #include <Security/SecKey.h>
  35
  36 NS_ASSUME_NONNULL_BEGIN
  37
  38 @interface SecKeyProxy : NSObject {
  39 @private
  40     id _key;
  41     NSData * _Nullable _certificate;
  42     NSXPCListener *_listener;
  43 }
  44
  45 // Creates new proxy instance. Proxy holds reference to the target key or identity and allows remote access to that target key as long as the proxy instance is kept alive.
  46 - (instancetype)initWithKey:(SecKeyRef)key;
  47 - (instancetype)initWithIdentity:(SecIdentityRef)identity;
  48
  49 // Retrieve endpoint to this proxy instance.  Endpoint can be transferred over NSXPCConnection and passed to +[createKeyFromEndpoint:error:] method.
  50 @property (readonly, nonatomic) NSXPCListenerEndpoint *endpoint;
  51
  52 // Invalidates all connections to this proxy.
  53 - (void)invalidate;
  54
  55 // Creates new SecKey/SecIdentity object which forwards all operations to the target SecKey identified by endpoint. Returned SecKeyRef can be used as long as target SecKeyProxy instance is kept alive.
  56 + (nullable SecKeyRef)createKeyFromEndpoint:(NSXPCListenerEndpoint *)endpoint error:(NSError **)error;
  57 + (nullable SecIdentityRef)createIdentityFromEndpoint:(NSXPCListenerEndpoint *)endpoint error:(NSError **)error;
  58
  59 @end
  60
  61 NS_ASSUME_NONNULL_END
  62
  63 #endif /* !_SECURITY_SECKEYPROXY_H_ */