74 lines
2.7 KiB
Swift
74 lines
2.7 KiB
Swift
import Foundation
|
|
import Security
|
|
|
|
/// Defines when a keychain item can be accessed.
|
|
/// Maps directly to Security framework's kSecAttrAccessible constants.
|
|
public enum KeychainAccessibility: Sendable, CaseIterable {
|
|
/// Item is only accessible while the device is unlocked.
|
|
/// This is the most restrictive option for general use.
|
|
case whenUnlocked
|
|
|
|
/// Item is accessible after the first unlock until device restart.
|
|
/// Good balance of security and background access.
|
|
case afterFirstUnlock
|
|
|
|
/// Item is only accessible when the device is unlocked.
|
|
/// Data is not migrated to a new device.
|
|
case whenUnlockedThisDeviceOnly
|
|
|
|
/// Item is accessible after first unlock until device restart.
|
|
/// Data is not migrated to a new device.
|
|
case afterFirstUnlockThisDeviceOnly
|
|
|
|
/// Item is always accessible, regardless of device lock state.
|
|
/// Least secure - use only when absolutely necessary.
|
|
case always
|
|
|
|
/// Item is always accessible but not migrated to new devices.
|
|
case alwaysThisDeviceOnly
|
|
|
|
/// Item is only accessible when the device has a passcode set.
|
|
/// If passcode is removed, item becomes inaccessible.
|
|
case whenPasscodeSetThisDeviceOnly
|
|
|
|
/// The corresponding Security framework constant.
|
|
var cfString: CFString {
|
|
switch self {
|
|
case .whenUnlocked:
|
|
return kSecAttrAccessibleWhenUnlocked
|
|
case .afterFirstUnlock:
|
|
return kSecAttrAccessibleAfterFirstUnlock
|
|
case .whenUnlockedThisDeviceOnly:
|
|
return kSecAttrAccessibleWhenUnlockedThisDeviceOnly
|
|
case .afterFirstUnlockThisDeviceOnly:
|
|
return kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly
|
|
case .always:
|
|
return kSecAttrAccessibleAlways
|
|
case .alwaysThisDeviceOnly:
|
|
return kSecAttrAccessibleAlwaysThisDeviceOnly
|
|
case .whenPasscodeSetThisDeviceOnly:
|
|
return kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly
|
|
}
|
|
}
|
|
|
|
/// Human-readable description for UI display.
|
|
public var displayName: String {
|
|
switch self {
|
|
case .whenUnlocked:
|
|
return "When Unlocked"
|
|
case .afterFirstUnlock:
|
|
return "After First Unlock"
|
|
case .whenUnlockedThisDeviceOnly:
|
|
return "When Unlocked (This Device)"
|
|
case .afterFirstUnlockThisDeviceOnly:
|
|
return "After First Unlock (This Device)"
|
|
case .always:
|
|
return "Always"
|
|
case .alwaysThisDeviceOnly:
|
|
return "Always (This Device)"
|
|
case .whenPasscodeSetThisDeviceOnly:
|
|
return "When Passcode Set (This Device)"
|
|
}
|
|
}
|
|
}
|