KeychainHelper
open class KeychainHelper : NSObject
The KeychainHelper
class performs RSA export operations to DER and PEM formats that can be used outside iOS for data signing.
-
Exports the public key retrieved from the keychain in Privacy Enhanced Mail (PEM) format.
Declaration
Swift
open static func exportPublicKey(_ rawPublicKeyBytes: Data) -> String?
-
Exports the public key retrieved from the keychain in Privacy Enhanced Mail (PEM) format.
Declaration
Swift
open static func exportPublicKey(_ rawPublicKeyBytes: Data, base64EncodingOptions: Data.Base64EncodingOptions) -> String?
-
Generates a private and public key to sign data.
Remark
The private key is automatically stored in default keychain accessible via thekSecAttrApplicationTag
. The encryption method used to generate the keys iskSecAttrKeyTypeRSA
and the size is 2,048 bits. This method does not apply an authentication constraint to access the private key.Declaration
Swift
open static func createKeyPair(_ keyName: String, completion: (_ success: Bool, _ publicKeyData: Data?) -> Void)
-
Generates a private and public key to sign data.
Remark
The private key is automatically stored in default keychain accessible via thekSecAttrApplicationTag
. The encryption method used to generate the keys iskSecAttrKeyTypeRSA
and the size is 2,048 bits.Declaration
Swift
open static func createKeyPair(_ keyName: String, authenticationRequired: SecAccessControlCreateFlags?, completion: (_ success: Bool, _ publicKeyData: Data?) -> Void)
-
Using a key generated by the device, sign data and return the encrypted result.
Declaration
Swift
open static func signData(_ keyName: String, value: String) -> String?
-
Using a key generated by the device, sign data and return the encrypted result.
Remark
When the private key requires authentication andfalse
is specified,nil
is returned.Declaration
Swift
open static func signData(_ keyName: String, value: String, localizedReason: String?) -> String?
-
Using a key generated by the device, sign data and return the encrypted result.
Remark
When the private key requires authentication andfalse
is specified,nil
is returned.Declaration
Swift
open static func signData(_ keyName: String, value: String, localizedReason: String?, base64EncodingOptions: Data.Base64EncodingOptions) -> String?
-
Delete a private and public key from the Keychain.
Declaration
Swift
open static func deleteKeyPair(_ keyName: String, completion: ((_ success: Bool) -> Void))
-
Performs a check of the domain state used to generate keys requiring authentication has changed.
Declaration
Swift
open static func hasAuthenticationSettingsChanged(_ evaluatedPolicyDomainState: Data? = nil) -> Bool
-
Query the keychain for a matching key name.
Remark
If the key has been generated requiring authentication for access, the UI has been surpressed. Therefore the function will returntrue
under the following conditions:errSecSuccess
The item was found, no error.errSecInteractionNotAllowed
The item was found, the user interaction is not allowed.errSecAuthFailed
The item was found, but invalidated due to a change to Touch ID or passphrase.Declaration
Swift
open static func checkKeyPairExists(_ keyName: String) -> Bool