KeychainService

public struct KeychainService

KeychainService class represents and is responsible internal Keychain Service operation such as storing, retrieving, and deleting String/Bool/Data/Certificate/Key/Identity data with Apple’s Keychain Service

Property

  • Options for Keychain Service operation

    Declaration

    Swift

    public var options: KeychainOptions

  • Prints debug, human readable, and meaningful information of Keychain Service instance

    Declaration

    Swift

    public var debugDescription: String { get }

Init

  • Initializes Keychain Service with Service namespace

    Declaration

    Swift

    public init(service: String, securedKey: SecuredKey? = nil)

    Parameters

    service

    Service string value which represents namespace for Keychain Storage
    securedKey

    SecuredKey object containing public/private keys for encryption/decryption of data

  • Initializes Keychain Service with given KeychainOption

    Declaration

    Swift

    public init(options: KeychainOptions, securedKey: SecuredKey? = nil)

    Parameters

    options

    KeychainOption that defines Keychain Operation’s default settings
    securedKey

    SecuredKey object containing public/private keys for encryption/decryption of data

  • Initializes Keychain Service with Service, and Access Group identifier

    Declaration

    Swift

    public init(service: String, accessGroup: String, securedKey: SecuredKey? = nil)

    Parameters

    service

    Service string value which represents namespace for Keychain Storage
    accessGroup

    Shared Keychain Group identifier which is defined in XCode’s Keychain Sharing option under Capabilities tab. AccessGroup can be given with or without Apple’s TeamID. Initialization method internally validates, and adds if Apple TeamID is missing. Note that this initialization method will NOT validate if AccessGroup is actually accessible or not. KeychainService.validateAccessGroup should be invoked to validate application’s access to the access group.
    securedKey

    SecuredKey object containing public/private keys for encryption/decryption of data

String

  • Sets String data into Keychain Service with given Key

    Declaration

    Swift

    @discardableResult
public func set(_ val: String?, key: String) -> Bool

    Parameters

    val

    String value to store
    key

    Key for the value

    Return Value

    Bool value that indicates whether operation was successful or not

  • Retrieves String data from Keychain Service with given key

    Declaration

    Swift

    public func getString(_ key: String) -> String?

    Parameters

    key

    Key for the value

    Return Value

    String value for the given key; if no data is found, null is returned

Bool

  • Sets Bool value into Keychain Service with given key

    Declaration

    Swift

    @discardableResult
public func set(_ val: Bool, key: String) -> Bool

    Parameters

    val

    Bool value to store
    key

    Key for the value

    Return Value

    Bool value indicating whether operation was successful or not

  • Retrieves Bool data from Keychain Service with given key

    Declaration

    Swift

    public func getBool(_ key: String) -> Bool?

    Parameters

    key

    Key for the value

    Return Value

    Bool data for the given key; if no data is found, null is returned

Data

  • Sets Data value into Keychain Service with given key

    Declaration

    Swift

    @discardableResult
public func set(_ val: Data, key: String) -> Bool

    Parameters

    val

    Data value to store
    key

    Key for the value

    Return Value

    Bool value indicating whether operation was successful or not

  • Retrieves Data data from Keychain Service with given key

    Declaration

    Swift

    public func getData(_ key: String) -> Data?

    Parameters

    key

    Key for the value

    Return Value

    Data data for the given key and KeychainItemClass; if no data is found, null is returned

Certificate

  • Sets SecCertificate data into Keychain Service with given ‘label’ (similar to Key)

    Declaration

    Swift

    @discardableResult
public func setCertificate(_ certificate: SecCertificate, label: String) -> Bool

    Parameters

    certificate

    SecCertificate data to store
    label

    Label string value for the certificate

    Return Value

    Bool value indicating whether operation was successful or not

  • Retrieves SecCertificate data from Keychain Service with given Label

    Declaration

    Swift

    public func getCertificate(_ label: String) -> SecCertificate?

    Parameters

    label

    Label value for the certificate

    Return Value

    SecCertificate with given label value; if no certificate is found, null will be returned

Identity

  • Retrieves SecIdentity data with given ‘label’ for SecCertificate stored in the same Keychain Service

    Note

    SecIdentity is not a data stored directly with actual Identity data; SecIdentity is a data created by Apple’s Security framework with combination of SecCertificate, and associated Private Key for the Certificate.

    Seealso

    https://developer.apple.com/documentation/security/secidentity

    Declaration

    Swift

    public func getIdentities(_ label: String) -> SecIdentity?

    Parameters

    label

    Label value for the certificate; Note that there is no label or key for identity itself; SecIdentity is retrieved based on SecCertificate’s label

    Return Value

    SecIdentity with given SecCertificate’s label; if private key associated with given certificate’s label, or incorrect key is stored, SecIdentity will not be retrieved and return null

Key

  • Sets SecKey data into Keychain Service with given Application Tag

    Declaration

    Swift

    @discardableResult
public func setRSAKey(_ rsaKey: SecKey, applicationTag: String) -> Bool

    Parameters

    rsaKey

    SecKey data to store
    applicationTag

    Application Tag for the SecKey

    Return Value

    Bool value indicating whether operation was successful or not

  • Retrieves SecKey data from Keychain Service with given Application Tag

    Declaration

    Swift

    public func getRSAKey(_ applicationTag: String) -> SecKey?

    Parameters

    applicationTag

    Application Tag string for the SecKey

    Return Value

    SecKey with given application tag value; if no key is found, null will be returned

All Items

  • Retrieves all items with key/applicationTag/label:value map;

    Declaration

    Swift

    public func allItems() -> [String : Any]?

    Return Value

    Key/Value map Dictionary for all data

DELETE

  • Deletes Data with given key from Keychain Service

    Note

    When deleting SecKey / SecCertificate, please use delete method with KeychainItemClass option by specifying item class.

    Declaration

    Swift

    @discardableResult
public func delete(_ key: String) -> Bool

    Parameters

    key

    Key for the data in Keychain Service

    Return Value

    Bool value indicating whether operation was successful or not

  • Deletes all data regardless of KeychainItemClass in the Keychain Service

    Declaration

    Swift

    @discardableResult
public func deleteAll() -> Bool

    Return Value

    Bool value indicating whether operation was successful or not

Static Helper Methods

  • Validates whether Keychain Service is accessible (read/write/delete) data for given Service and Access Group

    Declaration

    Swift

    public static func validateAccessGroup(service: String, accessGroup: String) -> Bool

    Parameters

    service

    Service namespace for Keychain Service
    accessGroup

    Access Group (Shared Keychain Group Identifier) defined in Keychain Sharing under Capabilities tab

    Return Value

    Bool result indicating whether Keychain Service is accessible with given Service namespace and Access Group

  • Retrieves Apple’s TeamID in the current application’s Developer Program

    Declaration

    Swift

    public static func getAppleTeamId() -> String?

    Return Value

    String Apple TeamID