4632N/A#import <Security/Security.h>
4632N/A#import <Security/SecImportExport.h>
4632N/Astatic JNF_MEMBER_CACHE(jm_createTrustedCertEntry, jc_KeychainStore, "createTrustedCertEntry", "(Ljava/lang/String;JJ[B)V");
4632N/Astatic JNF_MEMBER_CACHE(jm_createKeyEntry, jc_KeychainStore, "createKeyEntry", "(Ljava/lang/String;JJ[J[[B)V");
4632N/A SecKeychainAttributeList attrList = { sizeof(itemAttrs) / sizeof(itemAttrs[0]), itemAttrs };
4632N/A return returnValue;
4632N/A SecKeychainAttributeList attrList = { sizeof(itemAttrs) / sizeof(itemAttrs[0]), itemAttrs };
4632N/A return returnValue;
4632N/A if(trustedAnchor) {
4632N/A switch(secTrustResult) {
4632N/A if(!includeRoot) {
4632N/A if(policySearch) {
4632N/A // Search the user keychain list for all identities. Identities are a certificate/private key association that
4632N/A (*env)->SetByteArrayRegion(env, encodedCertData, 0, currCertData.Length, (jbyte *)currCertData.Data);
4632N/A // Call back to the Java object to create Java objects corresponding to this security object.
4632N/A JNFCallVoidMethod(env, keyStore, jm_createKeyEntry, alias, creationDate, nativeKeyRef, certRefArray, javaCertArray);
4632N/A OSStatus err = SecKeychainSearchCreateFromAttributes(NULL, kSecCertificateItemClass, NULL, &keychainItemSearch);
4632N/A (*env)->SetByteArrayRegion(env, certData, 0, currCertificate.Length, (jbyte *)currCertificate.Data);
4632N/A // Call back to the Java object to create Java objects corresponding to this security object.
4632N/A JNFCallVoidMethod(env, keyStore, jm_createTrustedCertEntry, alias, nativeRef, creationDate, certData);
4632N/A if (passwordObj) {
4632N/A passwordStrRef = CFStringCreateWithCharacters(kCFAllocatorDefault, passwordChars, passwordLen);
4632N/A // Note that setting the flags field **requires** you to pass in a password of some kind. The keychain will not prompt you.
4632N/A (*env)->SetByteArrayRegion(env, returnValue, 0, size, (jbyte *)CFDataGetBytePtr(exportedData));
4632N/A return returnValue;
4632N/A // Search for these first, because a certificate that's found here as part of an identity will show up
4632N/A(JNIEnv *env, jobject this, jstring alias, jboolean isCertificate, jbyteArray rawDataObj, jcharArray passwordObj)
4632N/A SecExternalItemType dataType = (isCertificate == JNI_TRUE ? kSecFormatX509Cert : kSecFormatWrappedPKCS8);
4632N/A // Convert the password obj into a CFStringRef that the keychain importer can use for encryption.
4632N/A if (passwordObj) {
4632N/A passwordStrRef = CFStringCreateWithCharacters(kCFAllocatorDefault, passwordChars, passwordLen);
4632N/A // Note that setting the flags field **requires** you to pass in a password of some kind. The keychain will not prompt you.
4632N/A // Don't bother labeling keys. They become part of an identity, and are not an accessible part of the keychain.
4632N/A return returnValue;