Add option to rename keys/secrets (#216)

* Add option to rename secrets * Address PR comments Co-authored-by: Max Goedjen <max.goedjen@gmail.com>
2026-03-06 17:57:23 +01:00 · 2021-06-01 15:50:38 +09:30
parent cd965b9ec6
commit 8114acf50a
10 changed files with 159 additions and 57 deletions
--- a/SecretKit/Common/Erasers/AnySecretStore.swift
+++ b/SecretKit/Common/Erasers/AnySecretStore.swift
@@ -49,10 +49,12 @@ public class AnySecretStoreModifiable: AnySecretStore, SecretStoreModifiable {

    private let _create: (String, Bool) throws -> Void
    private let _delete: (AnySecret) throws -> Void
+    private let _update: (AnySecret, String) throws -> Void

    public init<SecretStoreType>(modifiable secretStore: SecretStoreType) where SecretStoreType: SecretStoreModifiable {
        _create = { try secretStore.create(name: $0, requiresAuthentication: $1) }
        _delete = { try secretStore.delete(secret: $0.base as! SecretStoreType.SecretType) }
+        _update = { try secretStore.update(secret: $0.base as! SecretStoreType.SecretType, name: $1) }
        super.init(secretStore)
    }

@@ -64,4 +66,7 @@ public class AnySecretStoreModifiable: AnySecretStore, SecretStoreModifiable {
        try _delete(secret)
    }

+    public func update(secret: AnySecret, name: String) throws {
+        try _update(secret, name)
+    }
 }
--- a/SecretKit/Common/Types/SecretStore.swift
+++ b/SecretKit/Common/Types/SecretStore.swift
@@ -17,6 +17,7 @@ public protocol SecretStoreModifiable: SecretStore {

    func create(name: String, requiresAuthentication: Bool) throws
    func delete(secret: SecretType) throws
+    func update(secret: SecretType, name: String) throws

 }

--- a/SecretKit/SecureEnclave/SecureEnclaveStore.swift
+++ b/SecretKit/SecureEnclave/SecureEnclaveStore.swift
@@ -68,7 +68,7 @@ extension SecureEnclave {
            let deleteAttributes = [
                kSecClass: kSecClassKey,
                kSecAttrApplicationLabel: secret.id as CFData
-                ] as CFDictionary
+            ] as CFDictionary
            let status = SecItemDelete(deleteAttributes)
            if status != errSecSuccess {
                throw KeychainError(statusCode: status)
@@ -76,6 +76,23 @@ extension SecureEnclave {
            reloadSecrets()
        }

+        public func update(secret: Secret, name: String) throws {
+            let updateQuery = [
+                kSecClass: kSecClassKey,
+                kSecAttrApplicationLabel: secret.id as CFData
+            ] as CFDictionary
+
+            let updatedAttributes = [
+                kSecAttrLabel: name,
+            ] as CFDictionary
+
+            let status = SecItemUpdate(updateQuery, updatedAttributes)
+            if status != errSecSuccess {
+                throw KeychainError(statusCode: status)
+            }
+            reloadSecrets()
+        }
+
        public func sign(data: Data, with secret: SecretType, for provenance: SigningRequestProvenance) throws -> Data {
            let context = LAContext()
            context.localizedReason = "sign a request from \"\(provenance.origin.displayName)\" using secret \"\(secret.name)\""