From b3ed008fc3b9427a8368584323f92c4eb7e7f2c0 Mon Sep 17 00:00:00 2001 From: Ben Dolman Date: Fri, 10 Oct 2014 09:52:55 -0600 Subject: [PATCH 1/4] Add accessibility type to inidivdual items --- SSKeychain/SSKeychainQuery.h | 6 ++++++ SSKeychain/SSKeychainQuery.m | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/SSKeychain/SSKeychainQuery.h b/SSKeychain/SSKeychainQuery.h index 7035db3..6585f1e 100644 --- a/SSKeychain/SSKeychainQuery.h +++ b/SSKeychain/SSKeychainQuery.h @@ -36,6 +36,12 @@ typedef NS_ENUM(NSUInteger, SSKeychainQuerySynchronizationMode) { /** kSecAttrLabel */ @property (nonatomic, copy) NSString *label; +/** + kSecAttrAccessible + Sets the accessibility type for an individual item. If set, this overrides +[SSKeychain accessibilityType]. + */ +@property (nonatomic, copy) __attribute__((NSObject)) CFTypeRef accessibilityType; + #if __IPHONE_3_0 && TARGET_OS_IPHONE /** kSecAttrAccessGroup (only used on iOS) */ @property (nonatomic, copy) NSString *accessGroup; diff --git a/SSKeychain/SSKeychainQuery.m b/SSKeychain/SSKeychainQuery.m index b93c620..c5f93d2 100644 --- a/SSKeychain/SSKeychainQuery.m +++ b/SSKeychain/SSKeychainQuery.m @@ -43,7 +43,7 @@ - (BOOL)save:(NSError *__autoreleasing *)error { [query setObject:self.label forKey:(__bridge id)kSecAttrLabel]; } #if __IPHONE_4_0 && TARGET_OS_IPHONE - CFTypeRef accessibilityType = [SSKeychain accessibilityType]; + CFTypeRef accessibilityType = self.accessibilityType ?: [SSKeychain accessibilityType]; if (accessibilityType) { [query setObject:(__bridge id)accessibilityType forKey:(__bridge id)kSecAttrAccessible]; } From cf938aa9eb2652d0dd967c5ef3ace6384e03dc2a Mon Sep 17 00:00:00 2001 From: Ben Dolman Date: Fri, 10 Oct 2014 15:18:23 -0600 Subject: [PATCH 2/4] Allow accessibility type on OS X 10.9+ --- SSKeychain/SSKeychain.h | 2 +- SSKeychain/SSKeychain.m | 4 ++-- SSKeychain/SSKeychainQuery.h | 7 +++++++ SSKeychain/SSKeychainQuery.m | 2 +- Tests/SSKeychainTests.m | 2 +- 5 files changed, 12 insertions(+), 5 deletions(-) diff --git a/SSKeychain/SSKeychain.h b/SSKeychain/SSKeychain.h index 94fa0d0..739111b 100644 --- a/SSKeychain/SSKeychain.h +++ b/SSKeychain/SSKeychain.h @@ -132,7 +132,7 @@ extern NSString *const kSSKeychainWhereKey; #pragma mark - Configuration -#if __IPHONE_4_0 && TARGET_OS_IPHONE +#ifdef SSKEYCHAIN_ACCESSIBLE_AVAILABLE /** Returns the accessibility type for all future passwords saved to the Keychain. diff --git a/SSKeychain/SSKeychain.m b/SSKeychain/SSKeychain.m index 36337ba..d38f551 100644 --- a/SSKeychain/SSKeychain.m +++ b/SSKeychain/SSKeychain.m @@ -17,7 +17,7 @@ NSString *const kSSKeychainLastModifiedKey = @"mdat"; NSString *const kSSKeychainWhereKey = @"svce"; -#if __IPHONE_4_0 && TARGET_OS_IPHONE +#ifdef SSKEYCHAIN_ACCESSIBLE_AVAILABLE static CFTypeRef SSKeychainAccessibilityType = NULL; #endif @@ -76,7 +76,7 @@ + (NSArray *)accountsForService:(NSString *)serviceName { } -#if __IPHONE_4_0 && TARGET_OS_IPHONE +#ifdef SSKEYCHAIN_ACCESSIBLE_AVAILABLE + (CFTypeRef)accessibilityType { return SSKeychainAccessibilityType; } diff --git a/SSKeychain/SSKeychainQuery.h b/SSKeychain/SSKeychainQuery.h index 6585f1e..eac9b33 100644 --- a/SSKeychain/SSKeychainQuery.h +++ b/SSKeychain/SSKeychainQuery.h @@ -22,6 +22,11 @@ typedef NS_ENUM(NSUInteger, SSKeychainQuerySynchronizationMode) { }; #endif +#if __IPHONE_4_0 || __MAC_10_9 + #define SSKEYCHAIN_ACCESSIBLE_AVAILABLE 1 +#endif + + /** Simple interface for querying or modifying keychain items. */ @@ -36,11 +41,13 @@ typedef NS_ENUM(NSUInteger, SSKeychainQuerySynchronizationMode) { /** kSecAttrLabel */ @property (nonatomic, copy) NSString *label; +#ifdef SSKEYCHAIN_ACCESSIBLE_AVAILABLE /** kSecAttrAccessible Sets the accessibility type for an individual item. If set, this overrides +[SSKeychain accessibilityType]. */ @property (nonatomic, copy) __attribute__((NSObject)) CFTypeRef accessibilityType; +#endif #if __IPHONE_3_0 && TARGET_OS_IPHONE /** kSecAttrAccessGroup (only used on iOS) */ diff --git a/SSKeychain/SSKeychainQuery.m b/SSKeychain/SSKeychainQuery.m index c5f93d2..110e13a 100644 --- a/SSKeychain/SSKeychainQuery.m +++ b/SSKeychain/SSKeychainQuery.m @@ -42,7 +42,7 @@ - (BOOL)save:(NSError *__autoreleasing *)error { if (self.label) { [query setObject:self.label forKey:(__bridge id)kSecAttrLabel]; } -#if __IPHONE_4_0 && TARGET_OS_IPHONE +#ifdef SSKEYCHAIN_ACCESSIBLE_AVAILABLE CFTypeRef accessibilityType = self.accessibilityType ?: [SSKeychain accessibilityType]; if (accessibilityType) { [query setObject:(__bridge id)accessibilityType forKey:(__bridge id)kSecAttrAccessible]; diff --git a/Tests/SSKeychainTests.m b/Tests/SSKeychainTests.m index e3d18c8..278eb6b 100644 --- a/Tests/SSKeychainTests.m +++ b/Tests/SSKeychainTests.m @@ -171,7 +171,7 @@ - (void)testSSKeychain { XCTAssertTrue([SSKeychain setPassword:kSSKeychainPassword forService:kSSKeychainServiceName account:kSSKeychainAccountName], @"Unable to save item"); XCTAssertTrue([SSKeychain deletePasswordForService:kSSKeychainServiceName account:kSSKeychainAccountName], @"Unable to delete password"); -#if __IPHONE_4_0 && TARGET_OS_IPHONE +#ifdef SSKEYCHAIN_ACCESSIBLE_AVAILABLE [SSKeychain setAccessibilityType:kSecAttrAccessibleWhenUnlockedThisDeviceOnly]; XCTAssertTrue([SSKeychain accessibilityType] == kSecAttrAccessibleWhenUnlockedThisDeviceOnly, @"Unable to verify accessibilityType"); #endif From 404cf083c336fcd0198749b461910b22c4132dc9 Mon Sep 17 00:00:00 2001 From: Ben Dolman Date: Mon, 23 Mar 2015 14:11:38 -0600 Subject: [PATCH 3/4] Enable access groups on OS X 10.9+ --- SSKeychain/SSKeychainQuery.h | 8 ++++++-- SSKeychain/SSKeychainQuery.m | 4 ++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/SSKeychain/SSKeychainQuery.h b/SSKeychain/SSKeychainQuery.h index eac9b33..41880a2 100644 --- a/SSKeychain/SSKeychainQuery.h +++ b/SSKeychain/SSKeychainQuery.h @@ -26,6 +26,10 @@ typedef NS_ENUM(NSUInteger, SSKeychainQuerySynchronizationMode) { #define SSKEYCHAIN_ACCESSIBLE_AVAILABLE 1 #endif +#if __IPHONE_3_0 || __MAC_10_9 + #define SSKEYCHAIN_ACCESSGROUP_AVAILABLE 1 +#endif + /** Simple interface for querying or modifying keychain items. @@ -49,8 +53,8 @@ typedef NS_ENUM(NSUInteger, SSKeychainQuerySynchronizationMode) { @property (nonatomic, copy) __attribute__((NSObject)) CFTypeRef accessibilityType; #endif -#if __IPHONE_3_0 && TARGET_OS_IPHONE -/** kSecAttrAccessGroup (only used on iOS) */ +#if SSKEYCHAIN_ACCESSGROUP_AVAILABLE +/** kSecAttrAccessGroup */ @property (nonatomic, copy) NSString *accessGroup; #endif diff --git a/SSKeychain/SSKeychainQuery.m b/SSKeychain/SSKeychainQuery.m index 110e13a..6020c15 100644 --- a/SSKeychain/SSKeychainQuery.m +++ b/SSKeychain/SSKeychainQuery.m @@ -16,7 +16,7 @@ @implementation SSKeychainQuery @synthesize label = _label; @synthesize passwordData = _passwordData; -#if __IPHONE_3_0 && TARGET_OS_IPHONE +#if SSKEYCHAIN_ACCESSGROUP_AVAILABLE @synthesize accessGroup = _accessGroup; #endif @@ -187,7 +187,7 @@ - (NSMutableDictionary *)query { [dictionary setObject:self.account forKey:(__bridge id)kSecAttrAccount]; } -#if __IPHONE_3_0 && TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR +#if SSKEYCHAIN_ACCESSGROUP_AVAILABLE && !TARGET_IPHONE_SIMULATOR if (self.accessGroup) { [dictionary setObject:self.accessGroup forKey:(__bridge id)kSecAttrAccessGroup]; } From 3eac32e9ed8aacc011410e22040a31733c561d4f Mon Sep 17 00:00:00 2001 From: Josh Orr Date: Fri, 27 Mar 2015 11:03:49 -0600 Subject: [PATCH 4/4] Added ability to set comment. --- SSKeychain/SSKeychainQuery.h | 3 +++ SSKeychain/SSKeychainQuery.m | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/SSKeychain/SSKeychainQuery.h b/SSKeychain/SSKeychainQuery.h index 41880a2..9784072 100644 --- a/SSKeychain/SSKeychainQuery.h +++ b/SSKeychain/SSKeychainQuery.h @@ -45,6 +45,9 @@ typedef NS_ENUM(NSUInteger, SSKeychainQuerySynchronizationMode) { /** kSecAttrLabel */ @property (nonatomic, copy) NSString *label; +/** kSecAttrComment **/ +@property (nonatomic, copy) NSString *comment; + #ifdef SSKEYCHAIN_ACCESSIBLE_AVAILABLE /** kSecAttrAccessible diff --git a/SSKeychain/SSKeychainQuery.m b/SSKeychain/SSKeychainQuery.m index 6020c15..d8796a3 100644 --- a/SSKeychain/SSKeychainQuery.m +++ b/SSKeychain/SSKeychainQuery.m @@ -42,6 +42,11 @@ - (BOOL)save:(NSError *__autoreleasing *)error { if (self.label) { [query setObject:self.label forKey:(__bridge id)kSecAttrLabel]; } + + if (self.comment) { + [query setObject:self.comment forKey:(__bridge id)kSecAttrComment]; + } + #ifdef SSKEYCHAIN_ACCESSIBLE_AVAILABLE CFTypeRef accessibilityType = self.accessibilityType ?: [SSKeychain accessibilityType]; if (accessibilityType) {