external/secretive
1
0
Fork 0
mirror of https://github.com/maxgoedjen/secretive.git synced 2024-11-22 13:37:07 +00:00
Code Issues Projects Releases Wiki Activity

.

Browse Source
This commit is contained in:
Max Goedjen 2024-01-20 19:07:00 -08:00
parent 85a7a64bc9
commit 18ba03bf03
No known key found for this signature in database
4 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Sources/Packages/Package.swift
View File

@ -44,7 +44,7 @@ let package = Package(
.target( .target(
name: "SecureEnclaveSecretKit", name: "SecureEnclaveSecretKit",
dependencies: ["SecretKit"], dependencies: ["SecretKit"],
swiftSettings: [.enableExperimentalFeature("StrictConcurrency"), .unsafeFlags(["-warnings-as-errors"])] swiftSettings: [.unsafeFlags(["-warnings-as-errors"])]
), ),
.target( .target(
name: "SmartCardSecretKit", name: "SmartCardSecretKit",

2
Sources/Packages/Sources/SecretKit/Types/Secret.swift
View File

@ -17,7 +17,7 @@ public protocol Secret: Identifiable, Hashable {
} }
/// The type of algorithm the Secret uses. Currently, only elliptic curve algorithms are supported. /// The type of algorithm the Secret uses. Currently, only elliptic curve algorithms are supported.
public enum Algorithm: Hashable { public enum Algorithm: Hashable, Sendable {
case ellipticCurve case ellipticCurve
case rsa case rsa

2
Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveSecret.swift
View File

@ -5,7 +5,7 @@ import SecretKit
extension SecureEnclave { extension SecureEnclave {
/// An implementation of Secret backed by the Secure Enclave. /// An implementation of Secret backed by the Secure Enclave.
public struct Secret: SecretKit.Secret { public struct Secret: SecretKit.Secret, Sendable {
public let id: Data public let id: Data
public let name: String public let name: String

14
Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
View File

@ -180,7 +180,7 @@ extension SecureEnclave {
public func persistAuthentication(secret: Secret, forDuration duration: TimeInterval) throws { public func persistAuthentication(secret: Secret, forDuration duration: TimeInterval) throws {
let newContext = LAContext() let newContext = LAContext()
newContext.touchIDAuthenticationAllowableReuseDuration = duration newContext.touchIDAuthenticationAllowableReuseDuration = max(duration, LATouchIDAuthenticationMaximumAllowableReuseDuration)
newContext.localizedCancelTitle = String(localized: "auth_context_request_deny_button") newContext.localizedCancelTitle = String(localized: "auth_context_request_deny_button")
let formatter = DateComponentsFormatter() let formatter = DateComponentsFormatter()
@ -196,6 +196,18 @@ extension SecureEnclave {
guard success else { return } guard success else { return }
let context = PersistentAuthenticationContext(secret: secret, context: newContext, duration: duration) let context = PersistentAuthenticationContext(secret: secret, context: newContext, duration: duration)
self?.persistedAuthenticationContexts[secret] = context self?.persistedAuthenticationContexts[secret] = context
// Contexts will expire within LATouchIDAuthenticationMaximumAllowableReuseDuration unless we periodically refresh them
if duration > LATouchIDAuthenticationMaximumAllowableReuseDuration {
Timer.scheduledTimer(withTimeInterval: LATouchIDAuthenticationMaximumAllowableReuseDuration - 10, repeats: true) { [weak self] timer in
guard let refreshContext = self?.persistedAuthenticationContexts[secret] else { return }
guard refreshContext.valid else {
timer.invalidate()
return
}
refreshContext.context.evaluatePolicy(.deviceOwnerAuthentication, localizedReason: "Refresh") { success, _ in
}
}
}
} }
} }