feat(search): add case-insensitive and subject item search options

kornelski · Apr 22, 2024 · 3619255 · 3619255
1 parent 17f4078
commit 3619255
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 0 deletions.
diff --git a/security-framework-sys/src/item.rs b/security-framework-sys/src/item.rs
@@ -12,6 +12,8 @@ extern "C" {
     pub static kSecMatchLimitAll: CFStringRef;
 
     pub static kSecMatchTrustedOnly: CFStringRef;
+    pub static kSecMatchCaseInsensitive: CFStringRef;
+    pub static kSecMatchSubjectWholeString: CFStringRef; 
 
     pub static kSecReturnData: CFStringRef;
     pub static kSecReturnAttributes: CFStringRef;

diff --git a/security-framework/src/item.rs b/security-framework/src/item.rs
@@ -131,6 +131,7 @@ pub struct ItemSearchOptions {
     keychains: Option<CFArray<SecKeychain>>,
     #[cfg(not(target_os = "macos"))]
     keychains: Option<CFArray<CFType>>,
+    case_insensitive: Option<bool>,
     class: Option<ItemClass>,
     key_class: Option<KeyClass>,
     load_refs: bool,
@@ -140,6 +141,7 @@ pub struct ItemSearchOptions {
     trusted_only: Option<bool>,
     label: Option<CFString>,
     service: Option<CFString>,
+    subject: Option<CFString>,
     account: Option<CFString>,
     access_group: Option<CFString>,
     pub_key_hash: Option<CFData>,
@@ -170,6 +172,13 @@ impl ItemSearchOptions {
         self
     }
 
+    /// Whether search for an item should be case insensitive or not.
+    #[inline(always)]
+    pub fn case_insensitive(&mut self, case_insensitive: Option<bool>) -> &mut Self {
+        self.case_insensitive = case_insensitive;
+        self
+    }
+
     /// Search only for keys of the specified class. Also sets self.class to
     /// `ItemClass::key()`.
     #[inline(always)]
@@ -232,6 +241,13 @@ impl ItemSearchOptions {
         self.service = Some(CFString::new(service));
         self
     }
+
+    /// Search for an item with the given subject.
+    #[inline(always)]
+    pub fn subject(&mut self, subject: &str) -> &mut Self {
+        self.subject = Some(CFString::new(subject));
+        self
+    }
 
     /// Search for an item with the given account.
     #[inline(always)]
@@ -291,6 +307,13 @@ impl ItemSearchOptions {
                 params.push((CFString::wrap_under_get_rule(kSecClass), class.to_value()));
             }
 
+            if let Some(case_insensitive) = self.case_insensitive {
+                params.push((
+                    CFString::wrap_under_get_rule(kSecMatchCaseInsensitive),
+                    CFBoolean::from(case_insensitive).as_CFType()
+                ));
+            }
+
             if let Some(key_class) = self.key_class {
                 params.push((CFString::wrap_under_get_rule(kSecAttrKeyClass), key_class.to_value()));
             }
@@ -343,6 +366,13 @@ impl ItemSearchOptions {
                     service.as_CFType(),
                 ));
             }
+
+            if let Some(ref subject) = self.subject {
+                params.push((
+                    CFString::wrap_under_get_rule(kSecMatchSubjectWholeString),
+                    subject.as_CFType(),
+                ));
+            }
 
             if let Some(ref account) = self.account {
                 params.push((