All Projects → kishikawakatsumi → Uickeychainstore

kishikawakatsumi / Uickeychainstore

Licence: mit
UICKeyChainStore is a simple wrapper for Keychain on iOS, watchOS, tvOS and macOS. Makes using Keychain APIs as easy as NSUserDefaults.

Programming Languages

objective c
16641 projects - #2 most used programming language
ruby
36898 projects - #4 most used programming language

Projects that are alternatives of or similar to Uickeychainstore

Keychainaccess
Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.
Stars: ✭ 6,611 (+118.26%)
Mutual labels:  keychain, touch-id
Valet
Valet lets you securely store data in the iOS, tvOS, or macOS Keychain without knowing a thing about how the Keychain works. It’s easy. We promise.
Stars: ✭ 3,712 (+22.55%)
Mutual labels:  keychain, touch-id
Secureenclavecrypto
Demonstration library for using the Secure Enclave on iOS
Stars: ✭ 251 (-91.71%)
Mutual labels:  keychain
lockd
Generate strong passwords and save them in Keychain. Made with SwiftUI
Stars: ✭ 38 (-98.75%)
Mutual labels:  keychain
alks-cli
CLI for working with the ALKS service.
Stars: ✭ 40 (-98.68%)
Mutual labels:  keychain
kubectl-passman
kubectl plugin that provides the missing link/glue between common password managers and kubectl
Stars: ✭ 69 (-97.72%)
Mutual labels:  keychain
MSession
A simple and sophisticated session and authentication solution written in Swift
Stars: ✭ 26 (-99.14%)
Mutual labels:  keychain
Redux Persist Sensitive Storage
redux-persist storage engine for react-native-sensitive-info
Stars: ✭ 209 (-93.1%)
Mutual labels:  keychain
pinentry-touchid
Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain.
Stars: ✭ 152 (-94.98%)
Mutual labels:  keychain
fortify
Fortify enables web applications to use smart cards, local certificate stores and do certificate enrollment. This is the desktop application repository.
Stars: ✭ 88 (-97.09%)
Mutual labels:  keychain
swift-standard-clients
Client declarations and live implementations for standard iOS managers
Stars: ✭ 28 (-99.08%)
Mutual labels:  keychain
vault-token-helper
@hashicorp Vault Token Helper for macOS, Linux and Windows with support for secure token storage and multiple Vault servers 🔐
Stars: ✭ 74 (-97.56%)
Mutual labels:  keychain
BiometricAutomationDemo
Dependency free iOS biometric automation example.
Stars: ✭ 53 (-98.25%)
Mutual labels:  touch-id
osx-callhistory-decryptor
macOS (incl big sur) call history decryptor/converter to CSV format.
Stars: ✭ 19 (-99.37%)
Mutual labels:  keychain
2ami
Your easy 2FA companion that keep the secrets secret.
Stars: ✭ 24 (-99.21%)
Mutual labels:  keychain
KeychainWrapper
A lightweight, pure-Swift library for the iOS keychain.
Stars: ✭ 51 (-98.32%)
Mutual labels:  keychain
Alfred Workflow
Full-featured library for writing Alfred 3 & 4 workflows
Stars: ✭ 2,622 (-13.44%)
Mutual labels:  keychain
vault
Is a plugin for project management system Redmine. Allows you to store various passwords/keys in one place for the project.
Stars: ✭ 44 (-98.55%)
Mutual labels:  keychain
cordova-plugin-gctouch-id
Touch ID Plugin (Cordova) for iOS
Stars: ✭ 20 (-99.34%)
Mutual labels:  touch-id
Csvkeychain
Import/export between Apple Keychain.app and plain CSV file.
Stars: ✭ 281 (-90.72%)
Mutual labels:  keychain

UICKeyChainStore

CI Status Coverage Status Carthage compatible Version License Platform

UICKeyChainStore is a simple wrapper for Keychain that works on iOS and OS X. Makes using Keychain APIs as easy as NSUserDefaults.

Looking for the library written in Swift?

Try KeychainAccess.
KeychainAccess is next generation of UICKeyChainStore.

Transitioning from 1.x to 2.0

synchronize method is deprecated. Calling this method is no longer required (Just ignored).

Features

Usage

Basics

Saving Application Password

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];
keychain[@"kishikawakatsumi"] = @"01234567-89ab-cdef-0123-456789abcdef";

Saving Internet Password

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithServer:[NSURL URLWithString:@"https://github.com"]
                                                          protocolType:UICKeyChainStoreProtocolTypeHTTPS];
keychain[@"kishikawakatsumi"] = @"01234567-89ab-cdef-0123-456789abcdef";

Instantiation

Create Keychain for Application Password

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];
UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"kishikawakatsumi.git"
                                                            accessGroup:@"12ABCD3E4F.shared"];

Create Keychain for Internet Password

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithServer:[NSURL URLWithString:@"https://github.com"]
                                                          protocolType:UICKeyChainStoreProtocolTypeHTTPS];
UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithServer:[NSURL URLWithString:@"https://github.com"]
                                                          protocolType:UICKeyChainStoreProtocolTypeHTTPS
                                                    authenticationType:UICKeyChainStoreAuthenticationTypeHTMLForm];

Adding an item

subscripting

keychain[@"kishikawakatsumi"] = @"01234567-89ab-cdef-0123-456789abcdef"

set method

[keychain setString:@"01234567-89ab-cdef-0123-456789abcdef" forKey:@"kishikawakatsumi"];

error handling

if (![keychain setString:@"01234567-89ab-cdef-0123-456789abcdef" forKey:@"kishikawakatsumi"]) {
    // error has occurred
}
NSError *error;
[keychain setString:@"01234567-89ab-cdef-0123-456789abcdef" forKey:@"kishikawakatsumi" error:&error];
if (error) {
    NSLog(@"%@", error.localizedDescription);
}

Obtaining an item

subscripting (automatically converts to string)

NSString *token = keychain[@"kishikawakatsumi"]

get methods

as String
NSString *token = [keychain stringForKey:@"kishikawakatsumi"];
as NSData
NSData *data = [keychain dataForKey:@"kishikawakatsumi"];

error handling

First, get the failable (value or error) object

NSError *error;
NSString *token = [keychain stringForKey:@"" error:&error];
if (error) {
    NSLog(@"%@", error.localizedDescription);
}

Removing an item

subscripting

keychain[@"kishikawakatsumi"] = nil

remove method

[keychain removeItemForKey:@"kishikawakatsumi"];

error handling

if (![keychain removeItemForKey:@"kishikawakatsumi"]) {
    // error has occurred
}
NSError *error;
[keychain removeItemForKey:@"kishikawakatsumi" error:&error];
if (error) {
    NSLog(@"%@", error.localizedDescription);
}

Label and Comment

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithServer:[NSURL URLWithString:@"https://github.com"]
                                                          protocolType:UICKeyChainStoreProtocolTypeHTTPS];
[keychain setString:@"01234567-89ab-cdef-0123-456789abcdef"
             forKey:@"kishikawakatsumi"
              label:@"github.com (kishikawakatsumi)"
            comment:@"github access token"];

Configuration (Accessibility, Sharing, iCould Sync)

Accessibility

Default accessibility matches background application (=kSecAttrAccessibleAfterFirstUnlock)
UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];
For background application
Creating instance
UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];
keychain.accessibility = UICKeyChainStoreAccessibilityAfterFirstUnlock;

keychain[@"kishikawakatsumi"] = @"01234567-89ab-cdef-0123-456789abcdef"
For foreground application
Creating instance
UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];
keychain.accessibility = UICKeyChainStoreAccessibilityWhenUnlocked;

keychain[@"kishikawakatsumi"] = @"01234567-89ab-cdef-0123-456789abcdef"

Sharing Keychain items

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"kishikawakatsumi.git"
                                                            accessGroup:@"12ABCD3E4F.shared"];

Synchronizing Keychain items with iCloud

Creating instance
UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];
keychain.synchronizable = YES;

keychain[@"kishikawakatsumi"] = @"01234567-89ab-cdef-0123-456789abcdef"

Touch ID integration

Any Operation that require authentication must be run in the background thread.
If you run in the main thread, UI thread will lock for the system to try to display the authentication dialog.

Adding a Touch ID protected item

If you want to store the Touch ID protected Keychain item, specify accessibility and authenticationPolicy attributes.

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];

dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_BACKGROUND, 0), ^{
    [keychain setAccessibility:UICKeyChainStoreAccessibilityWhenPasscodeSetThisDeviceOnly
          authenticationPolicy:UICKeyChainStoreAuthenticationPolicyUserPresence];

    keychain[@"kishikawakatsumi"] = @"01234567-89ab-cdef-0123-456789abcdef"
});

Updating a Touch ID protected item

The same way as when adding.

Do not run in the main thread if there is a possibility that the item you are trying to add already exists, and protected. Because updating protected items requires authentication.

Additionally, you want to show custom authentication prompt message when updating, specify an authenticationPrompt attribute. If the item not protected, the authenticationPrompt parameter just be ignored.

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];

dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_BACKGROUND, 0), ^{
    [keychain setAccessibility:UICKeyChainStoreAccessibilityWhenPasscodeSetThisDeviceOnly
          authenticationPolicy:UICKeyChainStoreAuthenticationPolicyUserPresence];
    keychain.authenticationPrompt = @"Authenticate to update your access token";

    keychain[@"kishikawakatsumi"] = @"01234567-89ab-cdef-0123-456789abcdef"
});

Obtaining a Touch ID protected item

The same way as when you get a normal item. It will be displayed automatically Touch ID or passcode authentication If the item you try to get is protected.
If you want to show custom authentication prompt message, specify an authenticationPrompt attribute. If the item not protected, the authenticationPrompt parameter just be ignored.

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];

dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_BACKGROUND, 0), ^{
    [keychain setAccessibility:UICKeyChainStoreAccessibilityWhenPasscodeSetThisDeviceOnly
          authenticationPolicy:UICKeyChainStoreAuthenticationPolicyUserPresence];
    keychain.authenticationPrompt = @"Authenticate to update your access token";

    NSString *token = keychain[@"kishikawakatsumi"];
});

Removing a Touch ID protected item

The same way as when you remove a normal item. There is no way to show Touch ID or passcode authentication when removing Keychain items.

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithService:@"com.example.github-token"];

keychain[@"kishikawakatsumi"] = nil;

Shared Web Credentials

Shared web credentials is a programming interface that enables native iOS apps to share credentials with their website counterparts. For example, a user may log in to a website in Safari, entering a user name and password, and save those credentials using the iCloud Keychain. Later, the user may run a native app from the same developer, and instead of the app requiring the user to reenter a user name and password, shared web credentials gives it access to the credentials that were entered earlier in Safari. The user can also create new accounts, update passwords, or delete her account from within the app. These changes are then saved and used by Safari.
https://developer.apple.com/library/ios/documentation/Security/Reference/SharedWebCredentialsRef/

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithServer:[NSURL URLWithString:@"https://kishikawakatsumi.com"]
protocolType:UICKeyChainStoreProtocolTypeHTTPS];
NSString *username = @"[email protected]";
NSString *password = keychain[username];
if (password) {
    // If found password in the Keychain,
    // then log into the server
} else {
    // If not found password in the Keychain,
    // try to read from Shared Web Credentials
    [keychain sharedPasswordForAccount:username completion:^(NSString *password, NSError *error) {
        if (password) {
            // If found password in the Shared Web Credentials,
            // then log into the server
            // and save the password to the Keychain

            keychain[username] = password
        } else {
            // If not found password either in the Keychain also Shared Web Credentials,
            // prompt for username and password

            // Log into server

            // If the login is successful,
            // save the credentials to both the Keychain and the Shared Web Credentials.

            keychain[username] = password
            [keychain setSharedPassword:password forAccount:username completion:nil];
        }
    }];
}

Request all associated domain's credentials

[UICKeyChainStore requestSharedWebCredentialWithCompletion:^(NSArray *credentials, NSError *error) {

}];

Generate strong random password

Generate strong random password that is in the same format used by Safari autofill (xxx-xxx-xxx-xxx).

NSString *password = [UICKeyChainStore generatePassword];
NSLog(@"%@", password); // => Nhu-GKm-s3n-pMx

How to set up Shared Web Credentials

  1. Add a com.apple.developer.associated-domains entitlement to your app. This entitlement must include all the domains with which you want to share credentials.
  1. Add an apple-app-site-association file to your website. This file must include application identifiers for all the apps with which the site wants to share credentials, and it must be properly signed.
  1. When the app is installed, the system downloads and verifies the site association file for each of its associated domains. If the verification is successful, the app is associated with the domain.

More details:
https://developer.apple.com/library/ios/documentation/Security/Reference/SharedWebCredentialsRef/

Debugging

Display all stored items if print keychain object

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithServer:[NSURL URLWithString:@"https://github.com"]
                                                          protocolType:UICKeyChainStoreProtocolTypeHTTPS];
NSLog(@"%@", keychain);
=>
(
{
    accessibility = ak;
    authenticationType = dflt;
    class = InternetPassword;
    key = kishikawakatsumi;
    protocol = htps;
    server = "github.com";
    synchronizable = 0;
    value = "01234567-89ab-cdef-0123-456789abcdef";
}    {
    accessibility = ck;
    authenticationType = dflt;
    class = InternetPassword;
    key = hirohamada;
    protocol = htps;
    server = "github.com";
    synchronizable = 1;
    value = "11111111-89ab-cdef-1111-456789abcdef";
}    {
    accessibility = ak;
    authenticationType = dflt;
    class = InternetPassword;
    key = honeylemon;
    protocol = htps;
    server = "github.com";
    synchronizable = 0;
    value = "22222222-89ab-cdef-2222-456789abcdef";
})

Obtaining all stored keys

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithServer:[NSURL URLWithString:@"https://github.com"]
                                                          protocolType:UICKeyChainStoreProtocolTypeHTTPS];

NSArray *keys = keychain.allKeys;
for (NSString *key in keys) {
    NSLog(@"key: %@", key);
}
=>
key: kishikawakatsumi
key: hirohamada
key: honeylemon

Obtaining all stored items

UICKeyChainStore *keychain = [UICKeyChainStore keyChainStoreWithServer:[NSURL URLWithString:@"https://github.com"]
                                                          protocolType:UICKeyChainStoreProtocolTypeHTTPS];

NSArray *items = keychain.allItems;
for (NSString *item in items) {
    NSLog(@"item: %@", item);
}
=>

item: {
    accessibility = ak;
    authenticationType = dflt;
    class = InternetPassword;
    key = kishikawakatsumi;
    protocol = htps;
    server = "github.com";
    synchronizable = 0;
    value = "01234567-89ab-cdef-0123-456789abcdef";
}
item: {
    accessibility = ck;
    authenticationType = dflt;
    class = InternetPassword;
    key = hirohamada;
    protocol = htps;
    server = "github.com";
    synchronizable = 1;
    value = "11111111-89ab-cdef-1111-456789abcdef";
}
item: {
    accessibility = ak;
    authenticationType = dflt;
    class = InternetPassword;
    key = honeylemon;
    protocol = htps;
    server = "github.com";
    synchronizable = 0;
    value = "22222222-89ab-cdef-2222-456789abcdef";
}

Convenient class methods

Add items using default service name (=bundle identifer).

[UICKeyChainStore setString:@"01234567-89ab-cdef-0123-456789abcdef" forKey:@"kishikawakatsumi"];

Or specify the service name.

[UICKeyChainStore setString:@"01234567-89ab-cdef-0123-456789abcdef"
                     forKey:@"kishikawakatsumi"
                    service:@"com.example.github-token"];

Remove items.

[UICKeyChainStore removeItemForKey:@"kishikawakatsumi" service:@"com.example.github-token"];

To set nil value also works remove item for the key.

[UICKeyChainStore setString:nil forKey:@"kishikawakatsumi" service:@"com.example.github-token"];

Requirements

iOS 4.3 or later OS X 10.7 or later

Installation

Swift Package Manager

UICKeyChainStore is now available through Swift Package Manager.

Xcode

Select File > Swift Packages > Add Package Dependency...

Type https://github.com/kishikawakatsumi/UICKeyChainStore then check the target that appears.

CLI

Create Package.swift file and define the dependency like this

// swift-tools-version:5.0
import PackageDescription

let package = Package(
    name: "MyLibrary",
    products: [
        .library(name: "MyLibrary", targets: ["MyLibrary"]),
    ],
    dependencies: [
        .package(url: "https://github.com/kishikawakatsumi/UICKeyChainStore.git", from: "2.1.2"),
    ],
    targets: [
        .target(name: "MyLibrary", dependencies: ["UICKeyChainStore"]),
    ]
)

Then, type

$ swift build

CocoaPods

UICKeyChainStore is available through CocoaPods. To install it, simply add the following line to your Podfile:

pod 'UICKeyChainStore'

For watchOS 2
use_frameworks!

target 'EampleApp' do
  pod 'UICKeyChainStore'
end

target 'EampleApp WatchKit Extension' do
  platform :watchos, '2.0'
  pod 'UICKeyChainStore'
end

Carthage

UICKeyChainStore is available through Carthage. To install it, simply add the following line to your Cartfile:

github "kishikawakatsumi/UICKeyChainStore"

To manually add to your project

  1. Add Security.framework to your target.
  2. Copy files in Lib (UICKeyChainStore.h and UICKeyChainStore.m) to your project.

Author

kishikawa katsumi, [email protected]

License

UICKeyChainStore is available under the MIT license. See the LICENSE file for more info.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].