public void AddQueryRemove_Identity() { using (SecRecord rec = new SecRecord(SecKind.Identity)) using (var id = IdentityTest.GetIdentity()) { rec.SetValueRef(id); SecStatusCode code = SecKeyChain.Add(rec); Assert.True(code == SecStatusCode.DuplicateItem || code == SecStatusCode.Success); } if (!TestRuntime.CheckXcodeVersion(5, 0)) { Assert.Inconclusive("QueryAsConcreteType does not work before iOS7"); } using (SecRecord rec = new SecRecord(SecKind.Identity)) { SecStatusCode code; var match = SecKeyChain.QueryAsConcreteType(rec, out code); if ((match == null) && (code == SecStatusCode.ItemNotFound)) { Assert.Inconclusive("Test randomly fails (race condition between addtion/commit/query?"); } Assert.That(code, Is.EqualTo(SecStatusCode.Success), "QueryAsRecord-2"); Assert.NotNull(match, "match-2"); code = SecKeyChain.Remove(rec); Assert.That(code, Is.EqualTo(SecStatusCode.Success), "Remove"); match = SecKeyChain.QueryAsConcreteType(rec, out code); Assert.That(code, Is.EqualTo(SecStatusCode.ItemNotFound), "QueryAsRecord-3"); Assert.Null(match, "match-3"); } }
void AuthenticationType(SecAuthenticationType type) { var rec = new SecRecord(SecKind.InternetPassword) { Account = "AuthenticationType" }; SecKeyChain.Remove(rec); // it might already exists (or not) rec = new SecRecord(SecKind.InternetPassword) { Account = "AuthenticationType", ValueData = NSData.FromString("Password"), AuthenticationType = type, Server = "www.xamarin.com" }; Assert.That(SecKeyChain.Add(rec), Is.EqualTo(SecStatusCode.Success), "Add"); SecStatusCode code; var match = SecKeyChain.QueryAsRecord(rec, out code); Assert.That(code, Is.EqualTo(SecStatusCode.Success), "QueryAsRecord"); Assert.That(match.AuthenticationType, Is.EqualTo(type), "AuthenticationType"); }
void Accessible(SecAccessible access) { var rec = new SecRecord(SecKind.GenericPassword) { Account = "Username" }; SecKeyChain.Remove(rec); // it might already exists (or not) rec = new SecRecord(SecKind.GenericPassword) { Account = "Username", ValueData = NSData.FromString("Password"), Accessible = access }; Assert.That(SecKeyChain.Add(rec), Is.EqualTo(SecStatusCode.Success), "Add"); SecStatusCode code; var match = SecKeyChain.QueryAsRecord(rec, out code); Assert.That(code, Is.EqualTo(SecStatusCode.Success), "QueryAsRecord"); Assert.That(match.Accessible, Is.EqualTo(access), "Accessible"); }
public static void SetValueForKey(string value, string key) { var record = ExistingRecordForKey(key); if (string.IsNullOrEmpty(value)) { if (!string.IsNullOrEmpty(ValueForKey(key))) { RemoveRecord(record); } return; } // if the key already exists, remove it if (!string.IsNullOrEmpty(ValueForKey(key))) { RemoveRecord(record); } var result = SecKeyChain.Add(CreateRecordForNewKeyValue(key, value)); if (result != SecStatusCode.Success) { Console.WriteLine("Couldn't add record to keychain"); } }
string AttemptGetDeviceId() { var record = new SecRecord(SecKind.GenericPassword) { Generic = NSData.FromString(uniqueRecordName) }; SecStatusCode securityStatusCode; var recordMatch = SecKeyChain.QueryAsRecord(record, out securityStatusCode); if (securityStatusCode == SecStatusCode.Success) { return(recordMatch.ValueData.ToString()); } else { var newRecord = new SecRecord(SecKind.GenericPassword) { ValueData = NSData.FromString(Guid.NewGuid().ToString()), Generic = NSData.FromString(uniqueRecordName) }; SecKeyChain.Add(newRecord); return(newRecord.ValueData.ToString()); } }
public string GetIdentifier() { string serial = string.Empty; var rec = new SecRecord(SecKind.GenericPassword) { Generic = NSData.FromString("uidNumber") }; SecStatusCode res; var match = SecKeyChain.QueryAsRecord(rec, out res); if (res == SecStatusCode.Success) { serial = match.ValueData.ToString(); } else { var uidNumberRecord = new SecRecord(SecKind.GenericPassword) { Label = "uid", ValueData = NSData.FromString(Guid.NewGuid().ToString()), Generic = NSData.FromString("uidNumber") }; var err = SecKeyChain.Add(uidNumberRecord); serial = uidNumberRecord.ValueData.ToString(); } return(serial); }
public async Task Save(Account account) { if (string.IsNullOrWhiteSpace(account.ServiceId)) { throw new Exception("serviceId must be set."); } var data = JsonConvert.SerializeObject(account.Properties); var secRecord = new SecRecord(SecKind.GenericPassword) { Account = account.Username, Service = account.ServiceId, ValueData = NSData.FromString(data, NSStringEncoding.UTF8), Accessible = SecAccessible.AfterFirstUnlockThisDeviceOnly }; var old = await Find(account.ServiceId); if (old == null) { var statusCode = SecKeyChain.Add(secRecord); return; } SecKeyChain.Update(old, secRecord); }
public void Save(string pin, string serviceId) { var statusCode = SecStatusCode.Success; var serializedAccount = pin; var data = NSData.FromString(serializedAccount, NSStringEncoding.UTF8); // // Remove any existing record // var existing = FindAccount(serviceId); if (existing != null) { var query = new SecRecord(SecKind.GenericPassword); query.Service = serviceId; statusCode = SecKeyChain.Remove(query); if (statusCode != SecStatusCode.Success) { throw new Exception("Could not save account to KeyChain: " + statusCode); } } // // Add this record // var record = new SecRecord(SecKind.GenericPassword); record.Service = serviceId; record.Generic = data; record.Accessible = SecAccessible.WhenUnlocked; statusCode = SecKeyChain.Add(record); if (statusCode != SecStatusCode.Success) { throw new Exception("Could not save account to KeyChain: " + statusCode); } }
public void Save(Core.Model.Account account) { SecStatusCode res; var match = this.QueryAsRecord(out res); if (res == SecStatusCode.Success) { // Update match.Generic = account.SerializeToNSData(); match.Account = account.UserName; match.ValueData = NSData.FromString(account.Token); SecKeyChain.Update(Query, match); } else { // create res = SecKeyChain.Add(new SecRecord(SecKind.GenericPassword) { Label = AppResources.ApplicationTitle, Account = account.UserName, Service = Service, ValueData = NSData.FromString(account.Token), Generic = account.SerializeToNSData() }); if (res != SecStatusCode.Success) { throw new Exception("Unable to save account data"); } } }
void AuthenticationType(SecAuthenticationType type) { var rec = new SecRecord(SecKind.InternetPassword) { Account = "AuthenticationType" }; SecKeyChain.Remove(rec); // it might already exists (or not) rec = new SecRecord(SecKind.InternetPassword) { Account = $"{CFBundle.GetMain ().Identifier}-{GetType ().FullName}-{Process.GetCurrentProcess ().Id}", ValueData = NSData.FromString("Password"), AuthenticationType = type, Server = "www.xamarin.com" }; Assert.That(SecKeyChain.Add(rec), Is.EqualTo(SecStatusCode.Success), "Add"); var query = new SecRecord(SecKind.InternetPassword) { Account = rec.Account, AuthenticationType = rec.AuthenticationType, Server = rec.Server, }; SecStatusCode code; var match = SecKeyChain.QueryAsRecord(query, out code); Assert.That(code, Is.EqualTo(SecStatusCode.Success), "QueryAsRecord"); Assert.That(match.AuthenticationType, Is.EqualTo(type), "AuthenticationType"); }
public void ServiceCallBack(ServiceCallbackHelper data) { if (data.Status == "error") { UIAlertView error = new UIAlertView("Ошибка", "Вы неправильно ввели логин или пароль.Попробуйте снова.", null, "Закрыть", null); error.Show(); btnLogin.Enabled = true; } else { var record = new SecRecord(SecKind.GenericPassword) { Description = KeyChain.Description, Comment = KeyChain.Comment, Service = KeyChain.Service, Label = KeyChain.Label, Account = txtLogin.Text, ValueData = NSData.FromString(txtPassword.Text), Generic = NSData.FromString(KeyChain.Generic), Accessible = SecAccessible.Always }; SecStatusCode code = SecKeyChain.Add(record); if (code == SecStatusCode.DuplicateItem) { code = SecKeyChain.Remove(existingRec); } if (code == SecStatusCode.Success) { code = SecKeyChain.Add(record); } PerformSegue("autherication", this); } }
public void SetKey(string keyName, string keyValue) { var statusCode = SecStatusCode.Success; // // Remove any existing record /// var existing = GetKey(keyName); if (!string.IsNullOrEmpty(existing)) { DeleteKey(keyName); } // // Add this record // var data = NSData.FromString(keyValue); var record = new SecRecord(SecKind.GenericPassword); record.Service = serviceId; record.Account = keyName; record.Generic = data; record.Accessible = SecAccessible.WhenUnlocked; statusCode = SecKeyChain.Add(record); if (statusCode != SecStatusCode.Success) { throw new Exception("Could not save key to KeyChain: " + statusCode); } }
public void InstallCertificate(string certificate) { if (certificate.StartsWith("http", StringComparison.CurrentCulture)) { OpenUrlExternally(certificate); } //THIS CASE DOESN"T WORK YET, WE CAN ONLY ADD THE CERT TO THE KEYCHAIN BUT NOT PROMPT FOR TRUST else { NSData certData = NSData.FromUrl(new NSUrl(certificate)); SecCertificate secCertificate = new SecCertificate(certData); SecRecord secRecord = new SecRecord(SecKind.Certificate); secRecord.SetValueRef(secCertificate); SecPolicy policy = SecPolicy.CreateSslPolicy(true, "applocker.navy.mil"); SecTrust secTrust = new SecTrust(secCertificate, policy); //SecTrustResult results = secTrust.GetTrustResult(); SecStatusCode code = SecKeyChain.Add(secRecord); Console.WriteLine(code); } }
public string GetUniqueHashedId() { // Get unique device ID var query = new SecRecord(SecKind.GenericPassword); query.Service = NSBundle.MainBundle.BundleIdentifier; query.Account = "UniqueID"; NSData uniqueId = SecKeyChain.QueryAsData(query); if (uniqueId != null) { // Get it hashed var hashedId = GetSha256HashForId(uniqueId.ToString()); return(hashedId); } else { query.ValueData = NSData.FromString(System.Guid.NewGuid().ToString()); var err = SecKeyChain.Add(query); if (err != SecStatusCode.Success && err != SecStatusCode.DuplicateItem) { throw new Exception("Cannot store Unique ID"); } var hashedValueData = GetSha256HashForId(query.ValueData.ToString()); return(hashedValueData); } }
internal SecStatusCode SaveBrokerApplicationToken(string clientIdAsKey, string applicationToken) { // The broker application token is used starting w/iOS broker 6.3.19+ (v3) // If the application cannot be verified, an additional user consent dialog will be required the first time // when the application is using the iOS broker. // After initial user consent, the iOS broker will issue a token to the application that will // grant application access to its own cache on subsequent broker invocations. // On subsequent calls, the application presents the application token to the iOS broker, this will prevent // the showing of the consent dialog. var recordToSave = new SecRecord(SecKind.GenericPassword) { Account = clientIdAsKey, Service = iOSBrokerConstants.iOSBroker, ValueData = NSData.FromString(applicationToken, NSStringEncoding.UTF8), AccessGroup = _keychainGroup, Accessible = _defaultAccessiblityPolicy, Synchronizable = _defaultSyncSetting }; SecStatusCode secStatusCode = Update(recordToSave); if (secStatusCode == SecStatusCode.ItemNotFound) { secStatusCode = SecKeyChain.Add(recordToSave); } return(secStatusCode); }
public void Add_Certificate() { #if MONOMAC && !NET Stream certStream = typeof(KeyChainTest).Assembly.GetManifestResourceStream("xammac_tests.Security.openssl_crt.der"); #else Stream certStream = typeof(KeyChainTest).Assembly.GetManifestResourceStream("monotouchtest.Security.openssl_crt.der"); #endif NSData data = NSData.FromStream(certStream); var query = new SecRecord(SecKind.Certificate) { Label = $"Internet Widgits Pty Ltd", }; var rec = query.Clone(); rec.SetValueRef(new SecCertificate(data)); try { // delete any existing certificates first. SecKeyChain.Remove(query); // add the new certificate var rc = SecKeyChain.Add(rec); Assert.That(rc, Is.EqualTo(SecStatusCode.Success), "Add_Certificate"); } finally { // clean up after ourselves SecKeyChain.Remove(query); } }
private string GetTeamId() { var queryRecord = new SecRecord(SecKind.GenericPassword) { Service = "", Account = TeamIdKey, Accessible = SecAccessible.Always }; SecRecord match = SecKeyChain.QueryAsRecord(queryRecord, out SecStatusCode resultCode); if (resultCode == SecStatusCode.ItemNotFound) { SecKeyChain.Add(queryRecord); match = SecKeyChain.QueryAsRecord(queryRecord, out resultCode); } if (resultCode == SecStatusCode.Success) { return(match.AccessGroup.Split('.')[0]); } throw new MsalClientException( MsalError.CannotAccessPublisherKeyChain, MsalErrorMessage.CannotAccessPublisherKeyChain); }
public void AfterAccess(TokenCacheNotificationArgs args) { if (args.TokenCache.HasStateChanged) { try { var s = new SecRecord(SecKind.GenericPassword) { Generic = NSData.FromString(LocalSettingsContainerName), Accessible = SecAccessible.Always, Service = "ADAL.PCL.iOS Service", Account = "ADAL.PCL.iOS cache", Label = "ADAL.PCL.iOS Label", Comment = "ADAL.PCL.iOS Cache", Description = "Storage for cache" }; var err = SecKeyChain.Remove(s); if (args.TokenCache.Count > 0) { s.ValueData = NSData.FromArray(args.TokenCache.Serialize()); err = SecKeyChain.Add(s); } args.TokenCache.HasStateChanged = false; } catch (Exception ex) { PlatformPlugin.Logger.Warning(null, "Failed to save cache: " + ex); } } }
public string GetIdentifier() { var query = new SecRecord(SecKind.GenericPassword); query.Service = NSBundle.MainBundle.BundleIdentifier; query.Account = "UniqueID"; NSData uniqueId = SecKeyChain.QueryAsData(query); if (uniqueId == null) { query.ValueData = NSData.FromString(System.Guid.NewGuid().ToString()); var err = SecKeyChain.Add(query); if (err != SecStatusCode.Success && err != SecStatusCode.DuplicateItem) { throw new Exception("Cannot store Unique ID"); } return(query.ValueData.ToString()); } else { return(uniqueId.ToString()); } }
public async Task SaveAsync <T>(string key, T obj) { if (obj == null) { await RemoveAsync(key); return; } string dataString = null; if (typeof(T) == typeof(string)) { dataString = obj as string; } else { dataString = JsonConvert.SerializeObject(obj, _jsonSettings); } var appId = await _getAppId.Invoke(); var formattedKey = string.Format(_keyFormat, appId, key); var dataBytes = Encoding.UTF8.GetBytes(dataString); using (var data = NSData.FromArray(dataBytes)) using (var newRecord = GetKeyRecord(formattedKey, data)) { await RemoveAsync(key); CheckError(SecKeyChain.Add(newRecord)); } }
public void SaveCredentials(string userName, string password) { var s = new SecRecord(SecKind.GenericPassword) { Label = "Item Label", Description = "Item description", Account = Constants.ApplicationName, Service = "CardinalPassword", Comment = "CardinalUsernamePassword", ValueData = NSData.FromString(password), Generic = NSData.FromString("foo") }; var err = SecKeyChain.Add(s); //if (err != SecStatusCode.Success && err != SecStatusCode.DuplicateItem) // DisplayMessage(this, "Error adding record: {0}", err); //var record = new SecRecord(SecKind.GenericPassword) //{ // Service = Constants.ApplicationName, // Account = userName, // ValueData = NSData.FromString(userName, NSStringEncoding.UTF8), // Accessible = SecAccessible.WhenUnlocked, // Generic = NSData.FromString(userName, NSStringEncoding.UTF8) //}; //var statusCode = SecKeyChain.Add(record); //if(statusCode.Equals()) }
public void SaveUserInfo(string userId, string userName, string password) { var rec = new SecRecord(SecKind.GenericPassword) { Generic = NSData.FromString("password") }; SecStatusCode res; var match = SecKeyChain.QueryAsRecord(rec, out res); if (res == SecStatusCode.Success) { res = SecKeyChain.Remove(rec); } var s = new SecRecord(SecKind.GenericPassword) { Service = "BodyReportUserInfo", Account = userId + (char)3 + userName, ValueData = NSData.FromString(password), Generic = NSData.FromString("password") }; res = SecKeyChain.Add(s); }
public void SetSecured(string key, string value, string clientId, string service, string sharedGroupId) { var s = new SecRecord(SecKind.GenericPassword) { Service = $"{clientId}-{key}-{service}", }; SecStatusCode res; var match = SecKeyChain.QueryAsRecord(s, out res); if (res == SecStatusCode.Success) { var remStatus = SecKeyChain.Remove(s); } s.ValueData = NSData.FromString(value); if (!string.IsNullOrWhiteSpace(sharedGroupId)) { s.AccessGroup = sharedGroupId; } var err = SecKeyChain.Add(s); Console.WriteLine(err); }
public void SetValueForKey(string value, string key) { var record = ExistingRecordForKey(key); if (string.IsNullOrEmpty(value)) { if (!string.IsNullOrEmpty(ValueForKey(key))) { RemoveRecord(record); } return; } // if the key already exists, remove it if (!string.IsNullOrEmpty(ValueForKey(key))) { RemoveRecord(record); } var result = SecKeyChain.Add(CreateRecordForNewKeyValue(key, value)); if (result != SecStatusCode.Success) { throw new Exception(String.Format("Error adding record: {0}", result)); } }
void Protocol(SecProtocol protocol) { var rec = new SecRecord(SecKind.InternetPassword) { Account = "Protocol" }; SecKeyChain.Remove(rec); // it might already exists (or not) rec = new SecRecord(SecKind.InternetPassword) { Account = "Protocol", ValueData = NSData.FromString("Password"), Protocol = protocol, Server = "www.xamarin.com" }; Assert.That(SecKeyChain.Add(rec), Is.EqualTo(SecStatusCode.Success), "Add"); SecStatusCode code; var match = SecKeyChain.QueryAsRecord(rec, out code); Assert.That(code, Is.EqualTo(SecStatusCode.Success), "QueryAsRecord"); Assert.That(match.Protocol, Is.EqualTo(protocol), "Protocol"); }
public override Task <bool> AddSecureDataAsync(string key, string value) { var secObject = new SecAccessControl(SecAccessible.WhenPasscodeSetThisDeviceOnly, SecAccessControlCreateFlags.TouchIDCurrentSet); if (secObject == null) { //todo:handle error } var securityRecord = new SecRecord(SecKind.Key) { Service = key, ValueData = new NSString(value).Encode(NSStringEncoding.UTF8), AccessControl = secObject }; TaskCompletionSource <bool> response = new TaskCompletionSource <bool>(); DispatchQueue.MainQueue.DispatchAsync(() => { SecStatusCode status = SecKeyChain.Add(securityRecord); if (status == SecStatusCode.Success) { response.TrySetResult(true); } else { throw new Exception(status.ToString()); } }); return(response.Task); }
public static bool SaveUserPassword(string username, string password) { var success = false; var searchRecord = new SecRecord(SecKind.InternetPassword) { Server = "Test1", Account = username.ToLower() }; SecStatusCode queryCode; var record = SecKeyChain.QueryAsRecord(searchRecord, out queryCode); if (queryCode == SecStatusCode.ItemNotFound) { record = new SecRecord(SecKind.InternetPassword) { Server = "Test1", Account = username.ToLower(), ValueData = NSData.FromString(password) }; var addCode = SecKeyChain.Add(record); success = (addCode == SecStatusCode.Success); } if (queryCode == SecStatusCode.Success && record != null) { record.ValueData = NSData.FromString(password); var updateCode = SecKeyChain.Update(searchRecord, record); success = (updateCode == SecStatusCode.Success); } return(success); }
private SecStatusCode Save(IiOSKey key, string payload) { var recordToSave = new SecRecord(SecKind.GenericPassword) { Account = key.iOSAccount, Service = key.iOSService, Generic = key.iOSGeneric, CreatorType = key.iOSType, ValueData = NSData.FromString(payload, NSStringEncoding.UTF8), AccessGroup = _keychainGroup, Accessible = _defaultAccessiblityPolicy, Synchronizable = _defaultSyncSetting, }; var secStatusCode = Update(recordToSave); if (secStatusCode == SecStatusCode.ItemNotFound) { secStatusCode = SecKeyChain.Add(recordToSave); } if (secStatusCode == SecStatusCode.MissingEntitlement) { throw new MsalClientException( MsalError.MissingEntitlements, string.Format( CultureInfo.InvariantCulture, MsalErrorMessage.MissingEntitlements, recordToSave.AccessGroup)); } return(secStatusCode); }
/// <summary> /// Sets a password for a specific username. /// </summary> /// <param name="sUsername">the username to add the password for. May not be NULL.</param> /// <param name="sPassword">the password to associate with the record. May not be NULL.</param> /// <param name="sService">the service description to use. May not be NULL.</param> /// <param name="eSecAccessible">defines how the keychain record is protected</param> /// <returns>SecStatusCode.Success if everything went fine, otherwise some other status</returns> //------------------------------------------------------------------------------ public static SecStatusCode SetPasswordForUsername(string sUsername, string sPassword, string sService, SecAccessible eSecAccessible, bool bSynchronizable) { if (sUsername == null) { throw new ArgumentNullException(nameof(sUsername)); } if (sService == null) { throw new ArgumentNullException(nameof(sService)); } if (sPassword == null) { throw new ArgumentNullException(nameof(sPassword)); } // Don't bother updating. Delete existing record and create a new one. DeletePasswordForUsername(sUsername, sService, bSynchronizable); // Create a new record. // Store password UTF8 encoded. SecStatusCode eCode = SecKeyChain.Add(new SecRecord(SecKind.GenericPassword) { Service = sService, Label = sService, Account = sUsername, Generic = NSData.FromString(sPassword, NSStringEncoding.UTF8), Accessible = eSecAccessible, Synchronizable = bSynchronizable }); return(eCode); }
void Protocol(SecProtocol protocol) { var rec = new SecRecord(SecKind.InternetPassword) { Account = $"Protocol-{protocol}-{CFBundle.GetMain ().Identifier}-{GetType ().FullName}-{Process.GetCurrentProcess ().Id}", }; try { SecKeyChain.Remove(rec); // it might already exists (or not) rec = new SecRecord(SecKind.InternetPassword) { Account = "Protocol", ValueData = NSData.FromString("Password"), Protocol = protocol, Server = "www.xamarin.com" }; Assert.That(SecKeyChain.Add(rec), Is.EqualTo(SecStatusCode.Success), "Add"); SecStatusCode code; var match = SecKeyChain.QueryAsRecord(rec, out code); Assert.That(code, Is.EqualTo(SecStatusCode.Success), "QueryAsRecord"); Assert.That(match.Protocol, Is.EqualTo(protocol), "Protocol"); } finally { // Clean up after us SecKeyChain.Remove(rec); } }