From 37ea15ae5e87635a92e31f4095e29455093e787c Mon Sep 17 00:00:00 2001 From: Joel Arvidsson Date: Mon, 26 Feb 2018 10:49:33 +0100 Subject: [PATCH] Add APPLICATION_PASSWORD to accessControl options --- README.md | 1 + RNKeychainManager/RNKeychainManager.m | 4 ++++ index.js | 2 ++ 3 files changed, 7 insertions(+) diff --git a/README.md b/README.md index 7cb18e8..0471de5 100644 --- a/README.md +++ b/README.md @@ -142,6 +142,7 @@ Keychain |**`BIOMETRY_ANY`**|Constraint to access an item with Touch ID for any enrolled fingers.| |**`BIOMETRY_CURRENT_SET`**|Constraint to access an item with Touch ID for currently enrolled fingers.| |**`DEVICE_PASSCODE`**|Constraint to access an item with a passcode.| +|**`APPLICATION_PASSWORD`**|Constraint to use an application-provided password for data encryption key generation.| |**`BIOMETRY_ANY_OR_DEVICE_PASSCODE`**|Constraint to access an item with Touch ID for any enrolled fingers or passcode.| |**`BIOMETRY_CURRENT_SET_OR_DEVICE_PASSCODE`**|Constraint to access an item with Touch ID for currently enrolled fingers or passcode.| diff --git a/RNKeychainManager/RNKeychainManager.m b/RNKeychainManager/RNKeychainManager.m index 27c2ec1..8fbedb6 100644 --- a/RNKeychainManager/RNKeychainManager.m +++ b/RNKeychainManager/RNKeychainManager.m @@ -129,6 +129,7 @@ NSString *accessGroupValue(NSDictionary *options) #define kAccessControlBiometryAny @"BiometryAny" #define kAccessControlBiometryCurrentSet @"BiometryCurrentSet" #define kAccessControlDevicePasscode @"DevicePasscode" +#define kAccessControlApplicationPassword @"ApplicationPassword" #define kAccessControlBiometryAnyOrDevicePasscode @"BiometryAnyOrDevicePasscode" #define kAccessControlBiometryCurrentSetOrDevicePasscode @"BiometryCurrentSetOrDevicePasscode" @@ -168,6 +169,9 @@ SecAccessControlCreateFlags secureAccessControl(NSDictionary *options) else if ([ options[kAccessControlType] isEqualToString: kAccessControlBiometryCurrentSetOrDevicePasscode ]) { return kSecAccessControlTouchIDCurrentSet|kSecAccessControlOr|kSecAccessControlDevicePasscode; } + else if ([ options[kAccessControlType] isEqualToString: kAccessControlApplicationPassword ]) { + return kSecAccessControlApplicationPassword; + } } return kSecAccessControlTouchIDCurrentSet|kSecAccessControlOr|kSecAccessControlDevicePasscode; } diff --git a/index.js b/index.js index 1a379bb..4cca283 100644 --- a/index.js +++ b/index.js @@ -17,6 +17,7 @@ export const ACCESS_CONTROL = { BIOMETRY_ANY: 'BiometryAny', BIOMETRY_CURRENT_SET: 'BiometryCurrentSet', DEVICE_PASSCODE: 'DevicePasscode', + APPLICATION_PASSWORD: 'ApplicationPassword', BIOMETRY_ANY_OR_DEVICE_PASSCODE: 'BiometryAnyOrDevicePasscode', BIOMETRY_CURRENT_SET_OR_DEVICE_PASSCODE: 'BiometryCurrentSetOrDevicePasscode', }; @@ -51,6 +52,7 @@ type SecAccessControl = | 'BiometryAny' | 'BiometryCurrentSet' | 'DevicePasscode' + | 'ApplicationPassword' | 'BiometryAnyOrDevicePasscode' | 'BiometryCurrentSetOrDevicePasscode';