public void AddQueryRemove_Identity()
{
using (SecRecord rec = new SecRecord(SecKind.Identity))
using (var id = IdentityTest.GetIdentity()) {
rec.SetValueRef(id);
SecStatusCode code = SecKeyChain.Add(rec);
Assert.True(code == SecStatusCode.DuplicateItem || code == SecStatusCode.Success);
}
if (!TestRuntime.CheckXcodeVersion(5, 0))
{
Assert.Inconclusive("QueryAsConcreteType does not work before iOS7");
}
using (SecRecord rec = new SecRecord(SecKind.Identity)) {
SecStatusCode code;
var match = SecKeyChain.QueryAsConcreteType(rec, out code);
if ((match == null) && (code == SecStatusCode.ItemNotFound))
{
Assert.Inconclusive("Test randomly fails (race condition between addtion/commit/query?");
}
Assert.That(code, Is.EqualTo(SecStatusCode.Success), "QueryAsRecord-2");
Assert.NotNull(match, "match-2");
code = SecKeyChain.Remove(rec);
Assert.That(code, Is.EqualTo(SecStatusCode.Success), "Remove");
match = SecKeyChain.QueryAsConcreteType(rec, out code);
Assert.That(code, Is.EqualTo(SecStatusCode.ItemNotFound), "QueryAsRecord-3");
Assert.Null(match, "match-3");
}
}
public SecKey GetPrivateKey()
{
var privateKey = SecKeyChain.QueryAsConcreteType(
new SecRecord(SecKind.Key)
{
ApplicationTag = NSData.FromString(this._keyName, NSStringEncoding.UTF8),
KeyType = SecKeyType.RSA,
Synchronizable = this._shouldSyncAcrossDevices
},
out var code);
return(code == SecStatusCode.Success ? privateKey as SecKey : null);
}
public static SecKey GetKeyFromKeyChain()
{
// SecRecord
// https://docs.microsoft.com/en-us/dotnet/api/security.secrecord?view=xamarin-ios-sdk-12
// Tracks a set of properties from the keychain
// SecKeyChain.QueryAsConcreteType
// https://docs.microsoft.com/en-us/dotnet/api/security.seckeychain.queryasconcretetype?view=xamarin-ios-sdk-12
// Use this method to query the KeyChain and get back a SecCertificate, a SecKey or a SecIdentity
// SecCertificate
// https://docs.microsoft.com/en-us/dotnet/api/security.seccertificate?view=xamarin-ios-sdk-12
// Represents digital certificates on iOS/OSX
/*
* using ( SecRecord rec = new SecRecord ( SecKind.Certificate ) )
* {
*
* }
*/
/*
* <CertSubject>New-Test-Dev-Aclara</CertSubject>
* <CertPath>Root</CertPath>
* <CertPair>false</CertPair>
* <CertUpdate>6/17/2015</CertUpdate>
* <CertValid>4/22/2025 12:00:00 AM</CertValid>
* <CertRecord>true</CertRecord>
*/
var foundKey = SecKeyChain.QueryAsConcreteType(
new SecRecord(SecKind.Certificate)
{
//Path = "Root"
//Account = "New-Test-Dev-Aclara"
// Ni con Server ni con Label ha funcionado...
// = "New-Test-Dev-Aclara", //"StarSystemHeadEnd-ALP-nonprod.socalgas.com"
}, out SecStatusCode errCode);
Console.WriteLine("Cert: Null? " + (foundKey == null) + " , Error: " + errCode);
if (foundKey == null || errCode != SecStatusCode.Success)
{
return(null);
}
return(foundKey as SecKey);
}
private byte[] SignCore(string pairName, byte[] data)
{
using (var record = new SecRecord(SecKind.Key))
{
record.ApplicationTag = $"{pairName}_priv";
record.KeyClass = SecKeyClass.Private;
record.KeyType = SecKeyType.EC;
var result = SecKeyChain.QueryAsConcreteType(record, out var status);
if (status == SecStatusCode.Success)
{
var privateKey = (SecKey)result;
using (var sha256 = SHA256.Create())
{
var hash = sha256.ComputeHash(data);
var signStatus = privateKey.RawSign(SecPadding.PKCS1, hash, out var signature);
if (signStatus == SecStatusCode.Success)
{
return(signature);
}
else
{
throw new SecurityException(signStatus);
}
}
}
else
{
throw new SecurityException(status);
}
}
}
