]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_keychain/lib/SecIdentitySearchPriv.h
Security-57336.10.29.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / lib / SecIdentitySearchPriv.h
1 /*
2 * Copyright (c) 2002-2011 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #ifndef _SECURITY_SECIDENTITYSEARCHPRIV_H_
25 #define _SECURITY_SECIDENTITYSEARCHPRIV_H_
26
27 #include <Security/SecIdentitySearch.h>
28 #include <AvailabilityMacros.h>
29
30 #if defined(__cplusplus)
31 extern "C" {
32 #endif
33
34 /*!
35 @function SecIdentitySearchCreateWithAttributes
36 @abstract Creates a search reference for finding identities that match specified attributes.
37 @param attributes A dictionary containing optional attributes for controlling the search. Pass NULL to find all possible valid identities. See SecItem.h for a description of currently defined attributes.
38 @param searchRef On return, an identity search reference. You are responsible for releasing this reference by calling the CFRelease function.
39 @result A result code. See "Security Error Codes" (SecBase.h).
40 @discussion This function is an advanced version of SecIdentitySearchCreate which allows finer-grained control over the search. The returned search reference is used to obtain matching identities in subsequent calls to the SecIdentitySearchCopyNext function. You must release the identity search reference by calling the CFRelease function.
41
42 IMPORTANT: as of Mac OS X 10.7, this function is deprecated and will be removed in a future release.
43 In 10.7 and later, you should use SecItemCopyMatching (see SecItem.h) to find identities that match specified attributes.
44 */
45 OSStatus SecIdentitySearchCreateWithAttributes(CFDictionaryRef attributes, SecIdentitySearchRef* searchRef)
46 /*AVAILABLE_MAC_OS_X_VERSION_10_5_AND_LATER;*/
47 DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
48
49 /*!
50 @function SecIdentitySearchCreateWithPolicy
51 @abstract Creates a search reference for finding identities that match specified attributes.
52 @param policy An optional policy reference. If provided, returned identities must be valid for this policy. Pass NULL to ignore policy when searching.
53 @param idString An optional string containing a URI, RFC822 email address, DNS hostname, or other name which uniquely identifies the service requiring this identity. If a preferred identity has previously been specified for this name (see functions in SecIdentity.h), that identity will be returned first by the SecIdentitySearchCopyNext function. Pass NULL to ignore this string when searching.
54 @param keyUsage A key usage value, as defined in cssmtype.h. Pass 0 to ignore key usage when searching.
55 @param keychainOrArray A reference to an array of keychains to search, a single keychain, or NULL to search the user's default keychain search list.
56 @param returnOnlyValidIdentities Pass TRUE to find only valid (non-expired) identities, or FALSE to obtain all identities which match the search criteria.
57 @param searchRef On return, an identity search reference. You are responsible for releasing this reference by calling the CFRelease function.
58 @result A result code. See "Security Error Codes" (SecBase.h).
59 @discussion This function is an advanced version of SecIdentitySearchCreate which allows finer-grained control over the search. The returned search reference is used to obtain matching identities in subsequent calls to the SecIdentitySearchCopyNext function. You must release the identity search reference by calling the CFRelease function.
60
61 IMPORTANT: as of Mac OS X 10.7, this function is deprecated and will be removed in a future release.
62 In 10.7 and later, you should use SecItemCopyMatching (see SecItem.h) to find identities that match a given policy.
63
64 To specify the policy which the identity must match, add this key/value pair to the query dictionary:
65 - kSecMatchPolicy (value is the SecPolicyRef)
66
67 To specify the service name which requires this identity, add this dictionary key:
68 - kSecAttrService (value is a CFStringRef)
69
70 To specify key usage(s) which the identity must have, add one or more of the following (values are CFBooleanRef):
71 - kSecAttrCanEncrypt, kSecAttrCanDecrypt, kSecAttrCanDerive, kSecAttrCanSign, kSecAttrCanVerify, kSecAttrCanWrap, kSecAttrCanUnwrap
72
73 To specify a list of keychains to search, add this dictionary key:
74 - kSecMatchSearchList (value is a CFArrayRef containing one or more SecKeychainRef instances)
75
76 To specify that only valid identities be returned, add this dictionary key:
77 - kSecMatchTrustedOnly (value is a CFBooleanRef)
78 */
79 OSStatus SecIdentitySearchCreateWithPolicy(SecPolicyRef policy, CFStringRef idString, uint32 keyUsage, CFTypeRef keychainOrArray, Boolean returnOnlyValidIdentities, SecIdentitySearchRef* searchRef)
80 /*AVAILABLE_MAC_OS_X_VERSION_10_4_AND_LATER;*/
81 DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER;
82
83 #if defined(__cplusplus)
84 }
85 #endif
86
87 #endif /* !_SECURITY_SECIDENTITYSEARCHPRIV_H_ */