/* * Copyright 2019 Google * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #import NS_ASSUME_NONNULL_BEGIN /// The class provides a convenient, multiplatform abstraction of the Keychain. /// /// When using this API on macOS, the corresponding target must be signed with a provisioning /// profile that has the Keychain Sharing capability enabled. @interface GULKeychainStorage : NSObject - (instancetype)init NS_UNAVAILABLE; /** Initializes the keychain storage with Keychain Service name. * @param service A Keychain Service name that will be used to store and retrieve objects. See also * `kSecAttrService`. */ - (instancetype)initWithService:(NSString *)service; /// Get an object by key. /// @param key The key. /// @param objectClass The expected object class required by `NSSecureCoding`. /// @param accessGroup The Keychain Access Group. /// @param completionHandler The completion handler to call when the /// synchronized keychain read is complete. An error is passed to the /// completion handler if the keychain read fails. Else, the object stored in /// the keychain, or `nil` if it does not exist, is passed to the completion /// handler. - (void)getObjectForKey:(NSString *)key objectClass:(Class)objectClass accessGroup:(nullable NSString *)accessGroup completionHandler: (void (^)(id _Nullable obj, NSError *_Nullable error))completionHandler; /// Saves the given object by the given key. /// @param object The object to store. /// @param key The key to store the object. If there is an existing object by the key, it will be /// overridden. /// @param accessGroup The Keychain Access Group. /// @param completionHandler The completion handler to call when the /// synchronized keychain write is complete. An error is passed to the /// completion handler if the keychain read fails. Else, the object written to /// the keychain is passed to the completion handler. - (void)setObject:(id)object forKey:(NSString *)key accessGroup:(nullable NSString *)accessGroup completionHandler: (void (^)(id _Nullable obj, NSError *_Nullable error))completionHandler; /// Removes the object by the given key. /// @param key The key to store the object. If there is an existing object by /// the key, it will be overridden. /// @param accessGroup The Keychain Access Group. /// @param completionHandler The completion handler to call when the /// synchronized keychain removal is complete. An error is passed to the /// completion handler if the keychain removal fails. - (void)removeObjectForKey:(NSString *)key accessGroup:(nullable NSString *)accessGroup completionHandler:(void (^)(NSError *_Nullable error))completionHandler; #if TARGET_OS_OSX /// If not `nil`, then only this keychain will be used to save and read data (see /// `kSecMatchSearchList` and `kSecUseKeychain`. It is mostly intended to be used by unit tests. @property(nonatomic, nullable) SecKeychainRef keychainRef; #endif // TARGET_OS_OSX @end NS_ASSUME_NONNULL_END