From 9d0e46bdf513e292eb01b6372b59ce5997ae1b55 Mon Sep 17 00:00:00 2001 From: Timo Glastra Date: Sun, 25 Aug 2024 12:10:57 +0200 Subject: [PATCH] feat: private key without biometrics Signed-off-by: Timo Glastra --- example/app.json | 7 +++++-- ios/SecureEnvironment.swift | 19 ++++++++++--------- 2 files changed, 15 insertions(+), 11 deletions(-) diff --git a/example/app.json b/example/app.json index 3e884f8..547c9fb 100644 --- a/example/app.json +++ b/example/app.json @@ -13,7 +13,10 @@ }, "ios": { "supportsTablet": true, - "bundleIdentifier": "id.animo.secure.environment.example" + "bundleIdentifier": "id.animo.secure.environment.example", + "infoPlist": { + "NSFaceIDUsageDescription": "FaceID is used to securely sign data" + } }, "android": { "adaptiveIcon": { @@ -26,4 +29,4 @@ "favicon": "./assets/favicon.png" } } -} +} \ No newline at end of file diff --git a/ios/SecureEnvironment.swift b/ios/SecureEnvironment.swift index b577504..ed13b27 100644 --- a/ios/SecureEnvironment.swift +++ b/ios/SecureEnvironment.swift @@ -15,18 +15,19 @@ struct SecureEnvironment { kSecAttrApplicationTag as String: Bundle.main.bundleIdentifier.unsafelyUnwrapped, ], ] - + + var flags: SecAccessControlCreateFlags = [.privateKeyUsage] if biometricsBacked { - let accessControl = SecAccessControlCreateWithFlags( - kCFAllocatorDefault, - kSecAttrAccessibleWhenUnlockedThisDeviceOnly, - [.privateKeyUsage, .biometryCurrentSet], - nil - ) - - attributes[kSecAttrAccessControl as String] = accessControl + flags.insert(.biometryCurrentSet) } + attributes[kSecAttrAccessControl as String] = SecAccessControlCreateWithFlags( + kCFAllocatorDefault, + kSecAttrAccessibleWhenUnlockedThisDeviceOnly, + flags, + nil + ) + var error: Unmanaged? guard SecKeyCreateRandomKey(attributes as CFDictionary, &error) != nil else { throw error!.takeRetainedValue() as Error