react-native-nitro-storage 0.3.0 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +594 -247
- package/android/CMakeLists.txt +2 -0
- package/android/src/main/cpp/AndroidStorageAdapterCpp.cpp +102 -11
- package/android/src/main/cpp/AndroidStorageAdapterCpp.hpp +16 -0
- package/android/src/main/java/com/nitrostorage/AndroidStorageAdapter.kt +154 -34
- package/android/src/main/java/com/nitrostorage/NitroStoragePackage.kt +2 -2
- package/cpp/bindings/HybridStorage.cpp +176 -21
- package/cpp/bindings/HybridStorage.hpp +29 -2
- package/cpp/core/NativeStorageAdapter.hpp +16 -0
- package/ios/IOSStorageAdapterCpp.hpp +20 -0
- package/ios/IOSStorageAdapterCpp.mm +239 -32
- package/lib/commonjs/Storage.types.js +23 -1
- package/lib/commonjs/Storage.types.js.map +1 -1
- package/lib/commonjs/index.js +292 -75
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/index.web.js +473 -86
- package/lib/commonjs/index.web.js.map +1 -1
- package/lib/commonjs/internal.js +10 -0
- package/lib/commonjs/internal.js.map +1 -1
- package/lib/commonjs/storage-hooks.js +36 -0
- package/lib/commonjs/storage-hooks.js.map +1 -0
- package/lib/module/Storage.types.js +22 -0
- package/lib/module/Storage.types.js.map +1 -1
- package/lib/module/index.js +264 -75
- package/lib/module/index.js.map +1 -1
- package/lib/module/index.web.js +445 -86
- package/lib/module/index.web.js.map +1 -1
- package/lib/module/internal.js +8 -0
- package/lib/module/internal.js.map +1 -1
- package/lib/module/storage-hooks.js +30 -0
- package/lib/module/storage-hooks.js.map +1 -0
- package/lib/typescript/Storage.nitro.d.ts +12 -0
- package/lib/typescript/Storage.nitro.d.ts.map +1 -1
- package/lib/typescript/Storage.types.d.ts +20 -0
- package/lib/typescript/Storage.types.d.ts.map +1 -1
- package/lib/typescript/index.d.ts +33 -10
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/index.web.d.ts +45 -10
- package/lib/typescript/index.web.d.ts.map +1 -1
- package/lib/typescript/internal.d.ts +2 -0
- package/lib/typescript/internal.d.ts.map +1 -1
- package/lib/typescript/storage-hooks.d.ts +10 -0
- package/lib/typescript/storage-hooks.d.ts.map +1 -0
- package/nitrogen/generated/shared/c++/HybridStorageSpec.cpp +12 -0
- package/nitrogen/generated/shared/c++/HybridStorageSpec.hpp +12 -0
- package/package.json +8 -3
- package/src/Storage.nitro.ts +13 -2
- package/src/Storage.types.ts +22 -0
- package/src/index.ts +382 -123
- package/src/index.web.ts +618 -134
- package/src/internal.ts +14 -4
- package/src/migration.ts +1 -1
- package/src/storage-hooks.ts +48 -0
|
@@ -1,10 +1,14 @@
|
|
|
1
1
|
#import "IOSStorageAdapterCpp.hpp"
|
|
2
2
|
#import <Foundation/Foundation.h>
|
|
3
3
|
#import <Security/Security.h>
|
|
4
|
+
#import <LocalAuthentication/LocalAuthentication.h>
|
|
5
|
+
#include <algorithm>
|
|
6
|
+
#include <unordered_set>
|
|
4
7
|
|
|
5
8
|
namespace NitroStorage {
|
|
6
9
|
|
|
7
10
|
static NSString* const kKeychainService = @"com.nitrostorage.keychain";
|
|
11
|
+
static NSString* const kBiometricKeychainService = @"com.nitrostorage.biometric";
|
|
8
12
|
static NSString* const kDiskSuiteName = @"com.nitrostorage.disk";
|
|
9
13
|
|
|
10
14
|
static NSUserDefaults* NitroDiskDefaults() {
|
|
@@ -12,9 +16,21 @@ static NSUserDefaults* NitroDiskDefaults() {
|
|
|
12
16
|
return defaults ?: [NSUserDefaults standardUserDefaults];
|
|
13
17
|
}
|
|
14
18
|
|
|
19
|
+
static CFStringRef accessControlAttr(int level) {
|
|
20
|
+
switch (level) {
|
|
21
|
+
case 1: return kSecAttrAccessibleAfterFirstUnlock;
|
|
22
|
+
case 2: return kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly;
|
|
23
|
+
case 3: return kSecAttrAccessibleWhenUnlockedThisDeviceOnly;
|
|
24
|
+
case 4: return kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly;
|
|
25
|
+
default: return kSecAttrAccessibleWhenUnlocked;
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
|
|
15
29
|
IOSStorageAdapterCpp::IOSStorageAdapterCpp() {}
|
|
16
30
|
IOSStorageAdapterCpp::~IOSStorageAdapterCpp() {}
|
|
17
31
|
|
|
32
|
+
// --- Disk ---
|
|
33
|
+
|
|
18
34
|
void IOSStorageAdapterCpp::setDisk(const std::string& key, const std::string& value) {
|
|
19
35
|
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
20
36
|
NSString* nsValue = [NSString stringWithUTF8String:value.c_str()];
|
|
@@ -48,6 +64,25 @@ void IOSStorageAdapterCpp::deleteDisk(const std::string& key) {
|
|
|
48
64
|
[[NSUserDefaults standardUserDefaults] removeObjectForKey:nsKey];
|
|
49
65
|
}
|
|
50
66
|
|
|
67
|
+
bool IOSStorageAdapterCpp::hasDisk(const std::string& key) {
|
|
68
|
+
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
69
|
+
return [NitroDiskDefaults() objectForKey:nsKey] != nil;
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
std::vector<std::string> IOSStorageAdapterCpp::getAllKeysDisk() {
|
|
73
|
+
NSDictionary<NSString*, id>* entries = [NitroDiskDefaults() dictionaryRepresentation];
|
|
74
|
+
std::vector<std::string> keys;
|
|
75
|
+
keys.reserve(entries.count);
|
|
76
|
+
for (NSString* key in entries) {
|
|
77
|
+
keys.push_back(std::string([key UTF8String]));
|
|
78
|
+
}
|
|
79
|
+
return keys;
|
|
80
|
+
}
|
|
81
|
+
|
|
82
|
+
size_t IOSStorageAdapterCpp::sizeDisk() {
|
|
83
|
+
return [NitroDiskDefaults() dictionaryRepresentation].count;
|
|
84
|
+
}
|
|
85
|
+
|
|
51
86
|
void IOSStorageAdapterCpp::setDiskBatch(
|
|
52
87
|
const std::vector<std::string>& keys,
|
|
53
88
|
const std::vector<std::string>& values
|
|
@@ -78,15 +113,63 @@ void IOSStorageAdapterCpp::deleteDiskBatch(const std::vector<std::string>& keys)
|
|
|
78
113
|
}
|
|
79
114
|
}
|
|
80
115
|
|
|
116
|
+
void IOSStorageAdapterCpp::clearDisk() {
|
|
117
|
+
NSUserDefaults* defaults = NitroDiskDefaults();
|
|
118
|
+
NSDictionary<NSString*, id>* entries = [defaults dictionaryRepresentation];
|
|
119
|
+
for (NSString* key in entries) {
|
|
120
|
+
[defaults removeObjectForKey:key];
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
|
|
124
|
+
// --- Secure (Keychain) ---
|
|
125
|
+
|
|
126
|
+
static NSMutableDictionary* baseKeychainQuery(NSString* key, NSString* service, NSString* accessGroup) {
|
|
127
|
+
NSMutableDictionary* query = [@{
|
|
128
|
+
(__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword,
|
|
129
|
+
(__bridge id)kSecAttrService: service,
|
|
130
|
+
(__bridge id)kSecAttrAccount: key
|
|
131
|
+
} mutableCopy];
|
|
132
|
+
if (accessGroup && accessGroup.length > 0) {
|
|
133
|
+
query[(__bridge id)kSecAttrAccessGroup] = accessGroup;
|
|
134
|
+
}
|
|
135
|
+
return query;
|
|
136
|
+
}
|
|
137
|
+
|
|
138
|
+
static NSMutableDictionary* allAccountsQuery(NSString* service, NSString* accessGroup) {
|
|
139
|
+
NSMutableDictionary* query = [@{
|
|
140
|
+
(__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword,
|
|
141
|
+
(__bridge id)kSecAttrService: service,
|
|
142
|
+
(__bridge id)kSecReturnAttributes: @YES,
|
|
143
|
+
(__bridge id)kSecMatchLimit: (__bridge id)kSecMatchLimitAll
|
|
144
|
+
} mutableCopy];
|
|
145
|
+
if (accessGroup && accessGroup.length > 0) {
|
|
146
|
+
query[(__bridge id)kSecAttrAccessGroup] = accessGroup;
|
|
147
|
+
}
|
|
148
|
+
return query;
|
|
149
|
+
}
|
|
150
|
+
|
|
151
|
+
static std::vector<std::string> keychainAccountsForService(NSString* service, NSString* accessGroup) {
|
|
152
|
+
NSMutableDictionary* query = allAccountsQuery(service, accessGroup);
|
|
153
|
+
CFTypeRef result = NULL;
|
|
154
|
+
std::vector<std::string> keys;
|
|
155
|
+
if (SecItemCopyMatching((__bridge CFDictionaryRef)query, &result) == errSecSuccess && result) {
|
|
156
|
+
NSArray* items = (__bridge_transfer NSArray*)result;
|
|
157
|
+
keys.reserve(items.count);
|
|
158
|
+
for (NSDictionary* item in items) {
|
|
159
|
+
NSString* account = item[(__bridge id)kSecAttrAccount];
|
|
160
|
+
if (account) {
|
|
161
|
+
keys.push_back(std::string([account UTF8String]));
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
return keys;
|
|
166
|
+
}
|
|
167
|
+
|
|
81
168
|
void IOSStorageAdapterCpp::setSecure(const std::string& key, const std::string& value) {
|
|
82
169
|
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
83
170
|
NSData* data = [[NSString stringWithUTF8String:value.c_str()] dataUsingEncoding:NSUTF8StringEncoding];
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
(__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword,
|
|
87
|
-
(__bridge id)kSecAttrService: kKeychainService,
|
|
88
|
-
(__bridge id)kSecAttrAccount: nsKey
|
|
89
|
-
};
|
|
171
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
172
|
+
NSMutableDictionary* query = baseKeychainQuery(nsKey, kKeychainService, group);
|
|
90
173
|
|
|
91
174
|
NSDictionary* updateAttributes = @{
|
|
92
175
|
(__bridge id)kSecValueData: data
|
|
@@ -95,21 +178,18 @@ void IOSStorageAdapterCpp::setSecure(const std::string& key, const std::string&
|
|
|
95
178
|
OSStatus status = SecItemUpdate((__bridge CFDictionaryRef)query, (__bridge CFDictionaryRef)updateAttributes);
|
|
96
179
|
|
|
97
180
|
if (status == errSecItemNotFound) {
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
SecItemAdd((__bridge CFDictionaryRef)addQuery, NULL);
|
|
181
|
+
query[(__bridge id)kSecValueData] = data;
|
|
182
|
+
query[(__bridge id)kSecAttrAccessible] = (__bridge id)accessControlAttr(accessControlLevel_);
|
|
183
|
+
SecItemAdd((__bridge CFDictionaryRef)query, NULL);
|
|
102
184
|
}
|
|
103
185
|
}
|
|
104
186
|
|
|
105
187
|
std::optional<std::string> IOSStorageAdapterCpp::getSecure(const std::string& key) {
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
(__bridge id)kSecMatchLimit: (__bridge id)kSecMatchLimitOne
|
|
112
|
-
};
|
|
188
|
+
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
189
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
190
|
+
NSMutableDictionary* query = baseKeychainQuery(nsKey, kKeychainService, group);
|
|
191
|
+
query[(__bridge id)kSecReturnData] = @YES;
|
|
192
|
+
query[(__bridge id)kSecMatchLimit] = (__bridge id)kSecMatchLimitOne;
|
|
113
193
|
|
|
114
194
|
CFTypeRef result = NULL;
|
|
115
195
|
if (SecItemCopyMatching((__bridge CFDictionaryRef)query, &result) == errSecSuccess && result) {
|
|
@@ -121,12 +201,40 @@ std::optional<std::string> IOSStorageAdapterCpp::getSecure(const std::string& ke
|
|
|
121
201
|
}
|
|
122
202
|
|
|
123
203
|
void IOSStorageAdapterCpp::deleteSecure(const std::string& key) {
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
SecItemDelete((__bridge CFDictionaryRef)
|
|
204
|
+
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
205
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
206
|
+
NSMutableDictionary* secureQuery = baseKeychainQuery(nsKey, kKeychainService, group);
|
|
207
|
+
SecItemDelete((__bridge CFDictionaryRef)secureQuery);
|
|
208
|
+
NSMutableDictionary* biometricQuery = baseKeychainQuery(nsKey, kBiometricKeychainService, group);
|
|
209
|
+
SecItemDelete((__bridge CFDictionaryRef)biometricQuery);
|
|
210
|
+
}
|
|
211
|
+
|
|
212
|
+
bool IOSStorageAdapterCpp::hasSecure(const std::string& key) {
|
|
213
|
+
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
214
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
215
|
+
NSMutableDictionary* secureQuery = baseKeychainQuery(nsKey, kKeychainService, group);
|
|
216
|
+
if (SecItemCopyMatching((__bridge CFDictionaryRef)secureQuery, NULL) == errSecSuccess) {
|
|
217
|
+
return true;
|
|
218
|
+
}
|
|
219
|
+
NSMutableDictionary* biometricQuery = baseKeychainQuery(nsKey, kBiometricKeychainService, group);
|
|
220
|
+
return SecItemCopyMatching((__bridge CFDictionaryRef)biometricQuery, NULL) == errSecSuccess;
|
|
221
|
+
}
|
|
222
|
+
|
|
223
|
+
std::vector<std::string> IOSStorageAdapterCpp::getAllKeysSecure() {
|
|
224
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
225
|
+
std::vector<std::string> keys = keychainAccountsForService(kKeychainService, group);
|
|
226
|
+
std::unordered_set<std::string> seen(keys.begin(), keys.end());
|
|
227
|
+
const std::vector<std::string> biometricKeys = keychainAccountsForService(kBiometricKeychainService, group);
|
|
228
|
+
for (const auto& key : biometricKeys) {
|
|
229
|
+
if (seen.insert(key).second) {
|
|
230
|
+
keys.push_back(key);
|
|
231
|
+
}
|
|
232
|
+
}
|
|
233
|
+
return keys;
|
|
234
|
+
}
|
|
235
|
+
|
|
236
|
+
size_t IOSStorageAdapterCpp::sizeSecure() {
|
|
237
|
+
return getAllKeysSecure().size();
|
|
130
238
|
}
|
|
131
239
|
|
|
132
240
|
void IOSStorageAdapterCpp::setSecureBatch(
|
|
@@ -155,19 +263,118 @@ void IOSStorageAdapterCpp::deleteSecureBatch(const std::vector<std::string>& key
|
|
|
155
263
|
}
|
|
156
264
|
}
|
|
157
265
|
|
|
158
|
-
void IOSStorageAdapterCpp::
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
266
|
+
void IOSStorageAdapterCpp::clearSecure() {
|
|
267
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
268
|
+
NSMutableDictionary* secureQuery = [@{
|
|
269
|
+
(__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword,
|
|
270
|
+
(__bridge id)kSecAttrService: kKeychainService
|
|
271
|
+
} mutableCopy];
|
|
272
|
+
if (group && group.length > 0) {
|
|
273
|
+
secureQuery[(__bridge id)kSecAttrAccessGroup] = group;
|
|
163
274
|
}
|
|
275
|
+
SecItemDelete((__bridge CFDictionaryRef)secureQuery);
|
|
276
|
+
|
|
277
|
+
NSMutableDictionary* biometricQuery = [@{
|
|
278
|
+
(__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword,
|
|
279
|
+
(__bridge id)kSecAttrService: kBiometricKeychainService
|
|
280
|
+
} mutableCopy];
|
|
281
|
+
if (group && group.length > 0) {
|
|
282
|
+
biometricQuery[(__bridge id)kSecAttrAccessGroup] = group;
|
|
283
|
+
}
|
|
284
|
+
SecItemDelete((__bridge CFDictionaryRef)biometricQuery);
|
|
164
285
|
}
|
|
165
286
|
|
|
166
|
-
|
|
167
|
-
|
|
287
|
+
// --- Configuration ---
|
|
288
|
+
|
|
289
|
+
void IOSStorageAdapterCpp::setSecureAccessControl(int level) {
|
|
290
|
+
accessControlLevel_ = level;
|
|
291
|
+
}
|
|
292
|
+
|
|
293
|
+
void IOSStorageAdapterCpp::setSecureWritesAsync(bool /*enabled*/) {
|
|
294
|
+
// iOS writes are synchronous by design; keep behavior unchanged.
|
|
295
|
+
}
|
|
296
|
+
|
|
297
|
+
void IOSStorageAdapterCpp::setKeychainAccessGroup(const std::string& group) {
|
|
298
|
+
keychainAccessGroup_ = group;
|
|
299
|
+
}
|
|
300
|
+
|
|
301
|
+
// --- Biometric (separate Keychain service with biometric ACL) ---
|
|
302
|
+
|
|
303
|
+
void IOSStorageAdapterCpp::setSecureBiometric(const std::string& key, const std::string& value) {
|
|
304
|
+
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
305
|
+
NSData* data = [[NSString stringWithUTF8String:value.c_str()] dataUsingEncoding:NSUTF8StringEncoding];
|
|
306
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
307
|
+
|
|
308
|
+
// Delete existing item first (access control can't be updated in place)
|
|
309
|
+
NSMutableDictionary* deleteQuery = baseKeychainQuery(nsKey, kBiometricKeychainService, group);
|
|
310
|
+
SecItemDelete((__bridge CFDictionaryRef)deleteQuery);
|
|
311
|
+
|
|
312
|
+
CFErrorRef error = NULL;
|
|
313
|
+
SecAccessControlRef access = SecAccessControlCreateWithFlags(
|
|
314
|
+
kCFAllocatorDefault,
|
|
315
|
+
kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly,
|
|
316
|
+
kSecAccessControlBiometryCurrentSet,
|
|
317
|
+
&error
|
|
318
|
+
);
|
|
319
|
+
|
|
320
|
+
if (error || !access) {
|
|
321
|
+
if (access) CFRelease(access);
|
|
322
|
+
throw std::runtime_error("NitroStorage: Failed to create biometric access control");
|
|
323
|
+
}
|
|
324
|
+
|
|
325
|
+
NSMutableDictionary* attrs = baseKeychainQuery(nsKey, kBiometricKeychainService, group);
|
|
326
|
+
attrs[(__bridge id)kSecValueData] = data;
|
|
327
|
+
attrs[(__bridge id)kSecAttrAccessControl] = (__bridge_transfer id)access;
|
|
328
|
+
|
|
329
|
+
OSStatus status = SecItemAdd((__bridge CFDictionaryRef)attrs, NULL);
|
|
330
|
+
if (status != errSecSuccess) {
|
|
331
|
+
throw std::runtime_error("NitroStorage: Biometric set failed with status " + std::to_string(status));
|
|
332
|
+
}
|
|
333
|
+
}
|
|
334
|
+
|
|
335
|
+
std::optional<std::string> IOSStorageAdapterCpp::getSecureBiometric(const std::string& key) {
|
|
336
|
+
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
337
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
338
|
+
NSMutableDictionary* query = baseKeychainQuery(nsKey, kBiometricKeychainService, group);
|
|
339
|
+
query[(__bridge id)kSecReturnData] = @YES;
|
|
340
|
+
query[(__bridge id)kSecMatchLimit] = (__bridge id)kSecMatchLimitOne;
|
|
341
|
+
|
|
342
|
+
CFTypeRef result = NULL;
|
|
343
|
+
OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, &result);
|
|
344
|
+
if (status == errSecSuccess && result) {
|
|
345
|
+
NSData* data = (__bridge_transfer NSData*)result;
|
|
346
|
+
NSString* str = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
|
|
347
|
+
if (str) return std::string([str UTF8String]);
|
|
348
|
+
}
|
|
349
|
+
if (status == errSecUserCanceled || status == errSecAuthFailed) {
|
|
350
|
+
throw std::runtime_error("NitroStorage: Biometric authentication failed");
|
|
351
|
+
}
|
|
352
|
+
return std::nullopt;
|
|
353
|
+
}
|
|
354
|
+
|
|
355
|
+
void IOSStorageAdapterCpp::deleteSecureBiometric(const std::string& key) {
|
|
356
|
+
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
357
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
358
|
+
NSMutableDictionary* query = baseKeychainQuery(nsKey, kBiometricKeychainService, group);
|
|
359
|
+
SecItemDelete((__bridge CFDictionaryRef)query);
|
|
360
|
+
}
|
|
361
|
+
|
|
362
|
+
bool IOSStorageAdapterCpp::hasSecureBiometric(const std::string& key) {
|
|
363
|
+
NSString* nsKey = [NSString stringWithUTF8String:key.c_str()];
|
|
364
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
365
|
+
NSMutableDictionary* query = baseKeychainQuery(nsKey, kBiometricKeychainService, group);
|
|
366
|
+
return SecItemCopyMatching((__bridge CFDictionaryRef)query, NULL) == errSecSuccess;
|
|
367
|
+
}
|
|
368
|
+
|
|
369
|
+
void IOSStorageAdapterCpp::clearSecureBiometric() {
|
|
370
|
+
NSString* group = keychainAccessGroup_.empty() ? nil : [NSString stringWithUTF8String:keychainAccessGroup_.c_str()];
|
|
371
|
+
NSMutableDictionary* query = [@{
|
|
168
372
|
(__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword,
|
|
169
|
-
(__bridge id)kSecAttrService:
|
|
170
|
-
};
|
|
373
|
+
(__bridge id)kSecAttrService: kBiometricKeychainService
|
|
374
|
+
} mutableCopy];
|
|
375
|
+
if (group && group.length > 0) {
|
|
376
|
+
query[(__bridge id)kSecAttrAccessGroup] = group;
|
|
377
|
+
}
|
|
171
378
|
SecItemDelete((__bridge CFDictionaryRef)query);
|
|
172
379
|
}
|
|
173
380
|
|
|
@@ -3,11 +3,33 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.StorageScope = void 0;
|
|
6
|
+
exports.StorageScope = exports.BiometricLevel = exports.AccessControl = void 0;
|
|
7
7
|
let StorageScope = exports.StorageScope = /*#__PURE__*/function (StorageScope) {
|
|
8
8
|
StorageScope[StorageScope["Memory"] = 0] = "Memory";
|
|
9
9
|
StorageScope[StorageScope["Disk"] = 1] = "Disk";
|
|
10
10
|
StorageScope[StorageScope["Secure"] = 2] = "Secure";
|
|
11
11
|
return StorageScope;
|
|
12
12
|
}({});
|
|
13
|
+
let AccessControl = exports.AccessControl = /*#__PURE__*/function (AccessControl) {
|
|
14
|
+
/** Accessible when unlocked (default). */
|
|
15
|
+
AccessControl[AccessControl["WhenUnlocked"] = 0] = "WhenUnlocked";
|
|
16
|
+
/** Accessible after first unlock until restart. Good for background token refresh. */
|
|
17
|
+
AccessControl[AccessControl["AfterFirstUnlock"] = 1] = "AfterFirstUnlock";
|
|
18
|
+
/** Accessible only when passcode is set, non-migratable. */
|
|
19
|
+
AccessControl[AccessControl["WhenPasscodeSetThisDeviceOnly"] = 2] = "WhenPasscodeSetThisDeviceOnly";
|
|
20
|
+
/** Same as WhenUnlocked but non-migratable between devices. */
|
|
21
|
+
AccessControl[AccessControl["WhenUnlockedThisDeviceOnly"] = 3] = "WhenUnlockedThisDeviceOnly";
|
|
22
|
+
/** Same as AfterFirstUnlock but non-migratable. */
|
|
23
|
+
AccessControl[AccessControl["AfterFirstUnlockThisDeviceOnly"] = 4] = "AfterFirstUnlockThisDeviceOnly";
|
|
24
|
+
return AccessControl;
|
|
25
|
+
}({});
|
|
26
|
+
let BiometricLevel = exports.BiometricLevel = /*#__PURE__*/function (BiometricLevel) {
|
|
27
|
+
/** No biometric requirement (default). */
|
|
28
|
+
BiometricLevel[BiometricLevel["None"] = 0] = "None";
|
|
29
|
+
/** Require biometric or passcode for each access. */
|
|
30
|
+
BiometricLevel[BiometricLevel["BiometryOrPasscode"] = 1] = "BiometryOrPasscode";
|
|
31
|
+
/** Require biometric only (no passcode fallback). */
|
|
32
|
+
BiometricLevel[BiometricLevel["BiometryOnly"] = 2] = "BiometryOnly";
|
|
33
|
+
return BiometricLevel;
|
|
34
|
+
}({});
|
|
13
35
|
//# sourceMappingURL=Storage.types.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["StorageScope","exports"],"sourceRoot":"../../src","sources":["Storage.types.ts"],"mappings":";;;;;;IAAYA,YAAY,GAAAC,OAAA,CAAAD,YAAA,0BAAZA,YAAY;EAAZA,YAAY,CAAZA,YAAY;EAAZA,YAAY,CAAZA,YAAY;EAAZA,YAAY,CAAZA,YAAY;EAAA,OAAZA,YAAY;AAAA","ignoreList":[]}
|
|
1
|
+
{"version":3,"names":["StorageScope","exports","AccessControl","BiometricLevel"],"sourceRoot":"../../src","sources":["Storage.types.ts"],"mappings":";;;;;;IAAYA,YAAY,GAAAC,OAAA,CAAAD,YAAA,0BAAZA,YAAY;EAAZA,YAAY,CAAZA,YAAY;EAAZA,YAAY,CAAZA,YAAY;EAAZA,YAAY,CAAZA,YAAY;EAAA,OAAZA,YAAY;AAAA;AAAA,IAMZE,aAAa,GAAAD,OAAA,CAAAC,aAAA,0BAAbA,aAAa;EACvB;EADUA,aAAa,CAAbA,aAAa;EAGvB;EAHUA,aAAa,CAAbA,aAAa;EAKvB;EALUA,aAAa,CAAbA,aAAa;EAOvB;EAPUA,aAAa,CAAbA,aAAa;EASvB;EATUA,aAAa,CAAbA,aAAa;EAAA,OAAbA,aAAa;AAAA;AAAA,IAabC,cAAc,GAAAF,OAAA,CAAAE,cAAA,0BAAdA,cAAc;EACxB;EADUA,cAAc,CAAdA,cAAc;EAGxB;EAHUA,cAAc,CAAdA,cAAc;EAKxB;EALUA,cAAc,CAAdA,cAAc;EAAA,OAAdA,cAAc;AAAA","ignoreList":[]}
|