2020
2121@implementation BNCKeyChain
2222
23+ // Wraps OSStatus in an NSError
24+ // Security errors are defined in Security/SecBase.h
2325+ (NSError *) errorWithKey : (NSString *)key OSStatus : (OSStatus)status {
24- // Security errors are defined in Security/SecBase.h
2526 if (status == errSecSuccess) return nil ;
2627 NSString *reason = (__bridge_transfer NSString *) SecCopyErrorMessageString (status, NULL );
27- NSString *description = [NSString stringWithFormat: @" Security error with key '%@ ': code %ld ." long ) status];
28+ NSString *description = [NSString stringWithFormat: @" Branch Keychain error for key '%@ ': OSStatus %ld ." long ) status];
2829
2930 if (!reason) {
3031 reason = @" Sec OSStatus error."
@@ -37,7 +38,7 @@ + (NSError *) errorWithKey:(NSString *)key OSStatus:(OSStatus)status {
3738 return error;
3839}
3940
40- + (NSDate *) retrieveDateForService : (NSString *)service key : (NSString *)key error : (NSError **)error {
41+ + (NSDate *)retrieveDateForService : (NSString *)service key : (NSString *)key error : (NSError **)error {
4142 if (error) *error = nil ;
4243 if (service == nil || key == nil ) {
4344 NSError *localError = [self errorWithKey: key OSStatus: errSecParam];
@@ -57,7 +58,8 @@ + (NSDate *) retrieveDateForService:(NSString *)service key:(NSString *)key erro
5758 OSStatus status = SecItemCopyMatching ((__bridge CFDictionaryRef)dictionary, (CFTypeRef *)&valueData);
5859 if (status != errSecSuccess) {
5960 NSError *localError = [self errorWithKey: key OSStatus: status];
60- [[BranchLogger shared ] logDebug: @" Can't retrieve key" error: localError];
61+ [[BranchLogger shared ] logVerbose: @" Key not found" error: localError];
62+
6163 if (error) *error = localError;
6264 if (valueData) CFRelease (valueData);
6365 return nil ;
@@ -82,9 +84,10 @@ + (NSError *) storeDate:(NSDate *)date
8284 key : (NSString *)key
8385 cloudAccessGroup : (NSString *)accessGroup {
8486
85- if (date == nil || service == nil || key == nil )
87+ if (date == nil || service == nil || key == nil ) {
8688 return [self errorWithKey: key OSStatus: errSecParam];
87-
89+ }
90+
8891 NSData * valueData = nil ;
8992 @try {
9093 valueData = [NSKeyedArchiver archivedDataWithRootObject: date requiringSecureCoding: YES error: NULL ];
@@ -106,7 +109,7 @@ + (NSError *) storeDate:(NSDate *)date
106109 OSStatus status = SecItemDelete ((__bridge CFDictionaryRef)dictionary);
107110 if (status != errSecSuccess && status != errSecItemNotFound) {
108111 NSError *error = [self errorWithKey: key OSStatus: status];
109- [[BranchLogger shared ] logDebug: @" Can't clear to store key" error: error];
112+ [[BranchLogger shared ] logDebug: @" Failed to save key" error: error];
110113 }
111114
112115 dictionary[(__bridge id )kSecValueData ] = valueData;
@@ -122,7 +125,7 @@ + (NSError *) storeDate:(NSDate *)date
122125 status = SecItemAdd ((__bridge CFDictionaryRef)dictionary, NULL );
123126 if (status) {
124127 NSError *error = [self errorWithKey: key OSStatus: status];
125- [[BranchLogger shared ] logDebug: @" Can't store key" error: error];
128+ [[BranchLogger shared ] logDebug: @" Failed to save key" error: error];
126129 return error;
127130 }
128131 return nil ;
@@ -140,24 +143,24 @@ + (NSError*) removeValuesForService:(NSString *)service key:(NSString *)key {
140143 if (status == errSecItemNotFound) status = errSecSuccess;
141144 if (status) {
142145 NSError *error = [self errorWithKey: key OSStatus: status];
143- [[BranchLogger shared ] logDebug: @" Can't remove key" error: error ];
146+ [[BranchLogger shared ] logDebug: @" Failed to remove key" error: [ self errorWithKey: key OSStatus: status] ];
144147 return error;
145148 }
146149 return nil ;
147150}
148151
149- + ( NSString * _Nullable) securityAccessGroup {
150- // https://stackoverflow.com/questions/11726672/access-app-identifier-prefix-programmatically
152+ // The security access group string is prefixed with the Apple Developer Team ID
153+ + ( NSString * _Nullable) securityAccessGroup {
151154 @synchronized (self) {
152- static NSString *_securityAccessGroup = nil ;
155+ static NSString *_securityAccessGroup = nil ;
153156 if (_securityAccessGroup) return _securityAccessGroup;
154-
155- // First store a value:
157+
158+ // The keychain cannot be empty prior to requesting the security access group string. Add a tmp variable.
156159 NSError *error = [self storeDate: [NSDate date ] forService: @" BranchKeychainService" key: @" Temp" cloudAccessGroup: nil ];
157160 if (error) {
158- [[BranchLogger shared ] logDebug :@" Error storing temp value" error: error];
161+ [[BranchLogger shared ] logWarning :@" Failed to store temp value" error: error];
159162 }
160-
163+
161164 NSDictionary * dictionary = @{
162165 (__bridge id )kSecClass : (__bridge id )kSecClassGenericPassword ,
163166 (__bridge id )kSecAttrService : @" BranchKeychainService"
@@ -169,12 +172,13 @@ + (NSString * _Nullable) securityAccessGroup {
169172 OSStatus status = SecItemCopyMatching ((__bridge CFDictionaryRef)dictionary, (CFTypeRef*)&resultDictionary);
170173 if (status == errSecItemNotFound) return nil ;
171174 if (status != errSecSuccess) {
172- [[BranchLogger shared ] logDebug :NSString stringWithFormat: @" Get securityAccessGroup returned( %ld ): %@ . " , ( long ) status, [self errorWithKey: nil OSStatus: status]] error: nil ];
175+ [[BranchLogger shared ] logWarning :NSString stringWithFormat: @" Failed to retrieve security access group " ] error: [self errorWithKey: nil OSStatus: status]];
173176 return nil ;
174177 }
175- NSString *group =
176- [(__bridge NSDictionary *)resultDictionary objectForKey: (__bridge NSString *)kSecAttrAccessGroup ];
177- if (group.length > 0 ) _securityAccessGroup = [group copy ];
178+ NSString *group = [(__bridge NSDictionary *)resultDictionary objectForKey: (__bridge NSString *)kSecAttrAccessGroup ];
179+ if (group.length > 0 ) {
180+ _securityAccessGroup = [group copy ];
181+ }
178182 CFRelease (resultDictionary);
179183 return _securityAccessGroup;
180184 }
0 commit comments