NetIQ Mobile SDK for iOS
2.0
Access Manager iOS Framework for OAuth & OIDC
|
#import <MFSimpleKeychain.h>
Inherits NSObject.
Instance Methods | |
(NSData *) | - publicRSAKeyDataForTag: |
(BOOL) | - generateRSAKeyPairWithLength:publicKeyTag:privateKeyTag: |
(nullable NSData *) | - dataForRSAKeyWithTag: |
(BOOL) | - deleteRSAKeyWithTag: |
(SecKeyRef) | - keyRefOfRSAKeyWithTag: |
(BOOL) | - hasRSAKeyWithTag: |
Initialization | |
(instancetype) | - init |
(instancetype) | - initWithService: |
(instancetype) | - initWithService:accessGroup: |
Store values | |
(BOOL) | - setString:forKey: |
(BOOL) | - setData:forKey: |
(BOOL) | - setString:forKey:promptMessage: |
(BOOL) | - setData:forKey:promptMessage: |
Remove values | |
(BOOL) | - deleteEntryForKey: |
(void) | - clearAll |
Obtain values | |
(nullable NSString *) | - stringForKey: |
(nullable NSData *) | - dataForKey: |
(nullable NSString *) | - stringForKey:promptMessage: |
(nullable NSData *) | - dataForKey:promptMessage: |
(nullable NSData *) | - dataForKey:promptMessage:error: |
(BOOL) | - hasValueForKey: |
Class Methods | |
Create helper methods | |
(MFSimpleKeychain *) | + keychain |
(MFSimpleKeychain *) | + keychainWithService: |
(MFSimpleKeychain *) | + keychainWithService:accessGroup: |
Properties | |
NSString * | service |
NSString * | accessGroup |
MFSimpleKeychainItemAccessible | defaultAccessiblity |
BOOL | useAccessControl |
A simple helper class to deal with storing and retrieving values from iOS Keychain. It has support for sharing keychain items using Access Group and also for iOS 8 fine grained accesibility over a specific Kyechain Item (Using Access Control). The support is only available for iOS 8+, otherwise it will default using the coarse grained accesibility field. When a NSString
or NSData
is stored using Access Control and the accesibility flag MFSimpleKeychainItemAccessibleWhenPasscodeSetThisDeviceOnly
, iOS will prompt the user for it's passcode or pass a TouchID challenge (if available).
- (void) clearAll |
Remove all entries from the kechain with the service and access group values.
- (NSData *) dataForKey: | (NSString *) | key |
Fetches a NSData from the keychain
key | the key of the value to fetch |
- (nullable NSData *) dataForKey: | (NSString *) | key | |
promptMessage: | (nullable NSString *) | message | |
Fetches a NSData from the keychain
key | the key of the value to fetch |
message | prompt message to display for TouchID/passcode prompt if neccesary |
- (nullable NSData *) dataForKey: | (NSString *) | key | |
promptMessage: | (nullable NSString *) | message | |
error: | (NSError **) | err | |
Fetches a NSData from the keychain
key | the key of the value to fetch |
message | prompt message to display for TouchID/passcode prompt if neccesary |
err | Returns an error, if the item cannot be retrieved. F.e. item not found or user authentication failed in TouchId case. |
- (NSData *) dataForRSAKeyWithTag: | (NSString *) | keyTag |
Returns a RSA key as NSData.
keyTag | tag of the key |
Provided by category MFSimpleKeychain(KeyPair).
- (BOOL) deleteEntryForKey: | (NSString *) | key |
Removes an entry from the Keychain using its key
key | the key of the entry to delete. |
- (BOOL) deleteRSAKeyWithTag: | (NSString *) | keyTag |
Removes a key using its tag.
keyTag | tag of the key to remove |
Provided by category MFSimpleKeychain(KeyPair).
- (BOOL) generateRSAKeyPairWithLength: | (MFSimpleKeychainRSAKeySize) | keyLength | |
publicKeyTag: | (NSString *) | publicKeyTag | |
privateKeyTag: | (NSString *) | privateKeyTag | |
Generates a RSA key pair with a specific length and tags. Each key is marked as permanent in the Keychain
keyLength | number of bits of the keys. |
publicKeyTag | tag of the public key |
privateKeyTag | tag of the private key |
Provided by category MFSimpleKeychain(KeyPair).
- (BOOL) hasRSAKeyWithTag: | (NSString *) | keyTag |
Checks if a RSA key exists with a given tag.
keyTag | tag of RSA Key |
Provided by category MFSimpleKeychain(KeyPair).
- (BOOL) hasValueForKey: | (NSString *) | key |
Checks if a key has a value in the Keychain
key | the key to check if it has a value |
- (instancetype) init |
Initialise a MFSimpleKeychain
with default values.
- (instancetype) initWithService: | (NSString *) | service |
Initialise a MFSimpleKeychain
with a given service.
service | name of the service to use to save items. |
- (instancetype) initWithService: | (NSString *) | service | |
accessGroup: | (nullable NSString *) | accessGroup | |
Initialise a MFSimpleKeychain
with a given service and access group.
service | name of the service to use to save items. |
accessGroup | name of the access group to share items. |
+ (MFSimpleKeychain *) keychain |
Creates a new instance of MFSimpleKeychain
+ (MFSimpleKeychain *) keychainWithService: | (NSString *) | service |
Creates a new instance of MFSimpleKeychain
with a service name.
service | name of the service under all items will be stored. |
+ (MFSimpleKeychain *) keychainWithService: | (NSString *) | service | |
accessGroup: | (NSString *) | accessGroup | |
Creates a new instance of MFSimpleKeychain
with a service name and access group
service | name of the service under all items will be stored. |
accessGroup | name of the access group to share keychain items. |
- (SecKeyRef) keyRefOfRSAKeyWithTag: | (NSString *) | keyTag |
Returns a RSA key as SecKeyRef
. You must release it when you're done with it
keyTag | tag of the RSA Key |
Provided by category MFSimpleKeychain(KeyPair).
- (NSData *) publicRSAKeyDataForTag: | (NSString *) | keyTag |
Returns the public key as NSData.
keyTag | tag of the public key |
Provided by category MFSimpleKeychain(Deprecated).
- (BOOL) setData: | (NSData *) | data | |
forKey: | (NSString *) | key | |
Saves the NSData with the type kSecClassGenericPassword
in the keychain.
data | value to save in the keychain |
key | key for the keychain entry. |
- (BOOL) setData: | (NSData *) | data | |
forKey: | (NSString *) | key | |
promptMessage: | (nullable NSString *) | message | |
Saves the NSData with the type kSecClassGenericPassword
in the keychain.
data | value to save in the keychain |
key | key for the keychain entry. |
message | prompt message to display for TouchID/passcode prompt if neccesary |
- (BOOL) setString: | (NSString *) | string | |
forKey: | (NSString *) | key | |
Saves the NSString with the type kSecClassGenericPassword
in the keychain.
string | value to save in the keychain |
key | key for the keychain entry. |
- (BOOL) setString: | (NSString *) | string | |
forKey: | (NSString *) | key | |
promptMessage: | (nullable NSString *) | message | |
Saves the NSString with the type kSecClassGenericPassword
in the keychain.
string | value to save in the keychain |
key | key for the keychain entry. |
message | prompt message to display for TouchID/passcode prompt if neccesary |
- (NSString *) stringForKey: | (NSString *) | key |
Fetches a NSString from the keychain
key | the key of the value to fetch |
- (nullable NSString *) stringForKey: | (NSString *) | key | |
promptMessage: | (nullable NSString *) | message | |
Fetches a NSString from the keychain
key | the key of the value to fetch |
message | prompt message to display for TouchID/passcode prompt if neccesary |
|
readnonatomicassign |
Access Group for Keychain item sharing. If it's nil no keychain sharing is possible. Default value is nil.
|
readwritenonatomicassign |
What type of accessibility the items stored will have. All values are translated to kSecAttrAccessible
constants. Default value is MFSimpleKeychainItemAccessibleAfterFirstUnlock.
|
readnonatomicassign |
Service name under all items are saved. Default value is Bundle Identifier.
|
readwritenonatomicassign |
Tells MFSimpleKeychain to use kSecAttrAccessControl
instead of kSecAttrAccessible
. It will work only in iOS 8+, defaulting to kSecAttrAccessible
on lower version. Default value is NO.