All geek questions in one place

TouchID with KeyChain - Password entry is not displayed correctly (Swift)

It’s hard for me to handle this:
Our application uses TouchID to extract secrets from KeyChain, which are used for authentication in WebApp in WKWebView. Everything is fine when the user successfully authenticates with TouchID.

The problem occurs when the user fails TouchID, and then clicks "Enter Password" for authentication through the device access code. I noticed that the screen that is displayed is plain white, and the text field with the access code does not display the value for the last character entered until it is masked, creating a strange user interface. For me, this seems like an error if I have no configuration requirements.

    // global arguments for the touchId keychain queries
    let kSecClassValue = NSString(format: kSecClass)
    let kSecAttrAccountValue = NSString(format: kSecAttrAccount)
    let kSecValueDataValue = NSString(format: kSecValueData)
    let kSecClassGenericPasswordValue = NSString(format: kSecClassGenericPassword)
    let kSecAttrServiceValue = NSString(format: kSecAttrService)
    let kSecMatchLimitValue = NSString(format: kSecMatchLimit)
    let kSecReturnDataValue = NSString(format: kSecReturnData)
    let kSecMatchLimitOneValue = NSString(format: kSecMatchLimitOne)
    let kSecAttrAccessControlValue = NSString(format: kSecAttrAccessControl)
    let kSecUseOperationPromptValue = NSString(format: kSecUseOperationPrompt)

    // set access control
    let accessControl = SecAccessControlCreateWithFlags(kCFAllocatorDefault,
        kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly, .UserPresence, nil)
    // Instantiate a new default keychain query
    // Tell the query to return a result
    // Limit our results to one item
    var keychainQuery: NSMutableDictionary = NSMutableDictionary(objects: [kSecClassGenericPasswordValue, service, userAccount, kCFBooleanTrue, kSecMatchLimitOneValue, "Place your finger to authenticate.", accessControl.takeUnretainedValue()], forKeys: [kSecClassValue, kSecAttrServiceValue, kSecAttrAccountValue, kSecReturnDataValue, kSecMatchLimitValue, kSecUseOperationPromptValue, kSecAttrAccessControlValue])

    var dataTypeRef :Unmanaged<AnyObject>?

    // Search for the keychain item
    touchIdStatusCode = SecItemCopyMatching(keychainQuery, &dataTypeRef)

Here is the generated keychainQuery dictionary:

{
    "accc" = "<SecAccessControlRef: 0x170621140>";
    "acct" = "MY_ACCOUNT";
    "class" = genp;
    "m_Limit" = "m_LimitOne";
    "r_Data" = 1;
    "svce" = "MY_SERVICE";
    "u_OpPrompt" = "Place your finger to authenticate.";
}

iOS (8.4). , : Enter Password for KeyChain TouchID

: - , TouchID? ?

, !

+4
1

- , Apple. - iOS 9.0.2.

+2

Source: https://habr.com/ru/post/1599167/

More articles:


All Articles