-
Notifications
You must be signed in to change notification settings - Fork 11
Expand file tree
/
Copy pathKeychainClient.swift
More file actions
64 lines (56 loc) · 1.88 KB
/
KeychainClient.swift
File metadata and controls
64 lines (56 loc) · 1.88 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
import CryptoKit
import Foundation
protocol KeychainClient: AnyObject {
var encryptionKey: SymmetricKey? { get }
var didInitializeKeychainData: Bool { get }
func getEncryptionKey() throws
func getQueryResults(item: KeychainItem) throws -> [KeychainQueryResult]
func valueExistsForItem(item: KeychainItem) -> Bool
func setValueForItem(value: KeychainItem.Value, item: KeychainItem) throws
func removeItem(item: KeychainItem) throws
}
extension KeychainClient {
func getFirstQueryResult(_ item: KeychainItem) throws -> KeychainQueryResult? {
try getQueryResults(item: item).first
}
func setPrivateKeyRegistration(
key: Data,
registration: BiometricPrivateKeyRegistration,
accessPolicy: KeychainItem.AccessPolicy
) throws {
try setValueForItem(
value: .init(
data: key,
account: nil, // By setting as nil, the primary key will be the KeychainItem.name and nil, thus allowing only one registration to be stored.
label: registration.userLabel,
generic: Current.jsonEncoder.encode(registration),
accessPolicy: accessPolicy
),
item: .privateKeyRegistration
)
}
}
struct KeychainQueryResult {
let data: Data
let createdAt: Date
let modifiedAt: Date
let label: String?
let account: String?
let generic: Data?
var stringValue: String? {
String(data: data, encoding: .utf8)
}
}
struct BiometricPrivateKeyRegistration: Codable {
let userId: User.ID
let userLabel: String
let registrationId: User.BiometricRegistration.ID
}
public enum KeychainError: Swift.Error, Equatable {
case resultMissingAccount
case resultMissingDates
case resultNotArray
case resultNotData
case unableToCreateAccessControl
case unhandledError(status: OSStatus)
}