+++ /dev/null
-/*
- * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-/*!
- @header SecPasswordGenerate
- SecPassword implements logic to use the system facilities for acquiring a password,
- optionally stored and retrieved from the user's keychain.
- */
-
-#ifndef _SECURITY_SECPASSWORDGENERATE_H_
-#define _SECURITY_SECPASSWORDGENERATE_H_
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <CoreFoundation/CoreFoundation.h>
-#include <Security/SecBase.h>
-
-typedef uint32_t SecPasswordType;
-enum {
- kSecPasswordTypeSafari = 0,
- kSecPasswordTypeiCloudRecovery = 1,
- kSecPasswordTypeWifi = 2,
- kSecPasswordTypePIN = 3
-} __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-// Keys for external dictionaries with password generation requirements we read from plist.
-extern CFStringRef kSecPasswordDefaultForType
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-extern CFStringRef kSecPasswordMinLengthKey
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordMaxLengthKey
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordAllowedCharactersKey
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordRequiredCharactersKey
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-extern CFStringRef kSecPasswordDisallowedCharacters
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordCantStartWithChars
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordCantEndWithChars
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-extern CFStringRef kSecPasswordContainsNoMoreThanNSpecificCharacters
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordContainsAtLeastNSpecificCharacters
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordContainsNoMoreThanNConsecutiveIdenticalCharacters
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-extern CFStringRef kSecPasswordCharacters
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordCharacterCount
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-extern CFStringRef kSecPasswordGroupSize
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordNumberOfGroups
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-extern CFStringRef kSecPasswordSeparator
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-
-/*
- @function SecPasswordCopyDefaultPasswordLength
- @abstract Returns the default length/number of tuples of a defaultly generated password
- @param type: default password types kSecPasswordTypeSafari, kSecPasswordTypeiCloudRecovery, kSecPasswordTypeWifi, kSecPasswordTypePIN
- @param error: An error code will be returned if an unrecognized password type is passed to the routine.
- @result Dictionary consisting of length of tuple and number of tuples or a NULL if the passed type isn't recognized.
-*/
-CFDictionaryRef SecPasswordCopyDefaultPasswordLength(SecPasswordType type, CFErrorRef *error)
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-
-/*
- @function SecPasswordIsPasswordWeak
- @abstract Evalutes the weakness of a passcode. This function can take any type of passcode. Currently
- the function evaluates passcodes with only ASCII characters
- @param passcode a string of any length and type (4 digit PIN, complex passcode)
- @result True if the password is weak, False if the password is strong.
- */
-
-bool SecPasswordIsPasswordWeak(CFStringRef passcode)
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-/*
- @function SecPasswordGenerate. Supports generating passwords for Safari, iCloud, Personal
- Hotspot clients. Will also generate 4 digit pins.
- @abstract Returns a generated password based on a set of constraints
- @param type: type of password to generate. Pass enum types
- kSecPasswordTypeSafari, kSecPasswordTypeiCloudRecovery, kSecPasswordTypeWifi, or kSecPasswordTypePIN
- @param error: An error code will be returned if an error is encountered. Check SecBase.h for the list of codes.
- @param passwordRequirements: a dictionary containing a set of password requirements.
- ex: password type 'safari' requires at least: minLength, maxLength, string
- of allowed characters, required characters
- @return NULL or a CFStringRef password
-
- *Note: This parameters is not required if kSecPasswordTypeiCloudRecovery or kSecPasswordTypePIN is supplied as the type.
- If kSecPasswordTypeSafari or kSecPasswordTypeWifi is supplied, you must include these dictionary key/value pairs:
- kSecPasswordMinLengthKey / CFNumberRef
- kSecPasswordMaxLengthKey / CFNumberRef
- kSecPasswordAllowedCharactersKey / CFStringRef
- kSecPasswordRequiredCharactersKey / CFArrayRef of CFCharacterSetRefs
-
- *Note: Be sure to release the returned password when done using it.
- */
-CF_RETURNS_RETAINED CFStringRef SecPasswordGenerate(SecPasswordType type, CFErrorRef *error, CFDictionaryRef passwordRequirements)
- __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* !_SECURITY_SECPASSWORDGENERATE_H_ */
projects / apple / security.git / blobdiff