feat: support requireBio
This commit is contained in:
@@ -10,12 +10,18 @@ func isSupportSecureEnclave() -> Bool {
|
||||
return SecureEnclave.isAvailable
|
||||
}
|
||||
|
||||
func generateSecureEnclaveP256KeyPair(sign: Bool) -> String {
|
||||
func generateSecureEnclaveP256KeyPair(sign: Bool, requireBio: Bool) -> String {
|
||||
var error: Unmanaged<CFError>? = nil;
|
||||
let accessControlCreateFlags: SecAccessControlCreateFlags;
|
||||
if (requireBio) {
|
||||
accessControlCreateFlags = [.privateKeyUsage, .biometryCurrentSet]
|
||||
} else {
|
||||
accessControlCreateFlags = [.privateKeyUsage]
|
||||
}
|
||||
guard let accessCtrl = SecAccessControlCreateWithFlags(
|
||||
nil,
|
||||
kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
|
||||
[.privateKeyUsage, .biometryCurrentSet],
|
||||
accessControlCreateFlags,
|
||||
&error
|
||||
) else {
|
||||
return "err:\(error.debugDescription)"
|
||||
@@ -135,6 +141,17 @@ func computeSecureEnclaveP256Ecdh(privateKeyDataRepresentation: String, ephemera
|
||||
}
|
||||
}
|
||||
|
||||
func readArgumentAsBool(index: Int, defaultValue: Bool) -> Bool {
|
||||
if CommandLine.arguments.count >= index + 1 {
|
||||
let val = CommandLine.arguments[index];
|
||||
if (val == "true" || val == "yes" || val == "on" || val == "1") {
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
return defaultValue
|
||||
}
|
||||
|
||||
func exitWith(_ response: String) {
|
||||
print(response);
|
||||
if (response.hasPrefix("ok:")) {
|
||||
@@ -156,11 +173,13 @@ if (command == "is_support_secure_enclave") {
|
||||
}
|
||||
|
||||
if (command == "generate_secure_enclave_p256_ecsign_keypair") {
|
||||
exitWith(generateSecureEnclaveP256KeyPair(sign: true))
|
||||
let requireBio = readArgumentAsBool(index: 2, defaultValue: true)
|
||||
exitWith(generateSecureEnclaveP256KeyPair(sign: true, requireBio: requireBio))
|
||||
}
|
||||
|
||||
if (command == "generate_secure_enclave_p256_ecdh_keypair") {
|
||||
exitWith(generateSecureEnclaveP256KeyPair(sign: false))
|
||||
let requireBio = readArgumentAsBool(index: 2, defaultValue: true)
|
||||
exitWith(generateSecureEnclaveP256KeyPair(sign: false, requireBio: requireBio))
|
||||
}
|
||||
|
||||
if (command == "recover_secure_enclave_p256_ecsign_public_key") {
|
||||
@@ -168,7 +187,7 @@ if (command == "recover_secure_enclave_p256_ecsign_public_key") {
|
||||
exitWith("err:require two arguments")
|
||||
}
|
||||
let response = recoverSecureEnclaveP256PublicKey(
|
||||
privateKeyDataRepresentation: CommandLine.arguments[2], sign: true);
|
||||
privateKeyDataRepresentation: CommandLine.arguments[2], sign: true)
|
||||
exitWith(response)
|
||||
}
|
||||
|
||||
@@ -177,7 +196,7 @@ if (command == "recover_secure_enclave_p256_ecdh_public_key") {
|
||||
exitWith("err:require two arguments")
|
||||
}
|
||||
let response = recoverSecureEnclaveP256PublicKey(
|
||||
privateKeyDataRepresentation: CommandLine.arguments[2], sign: false);
|
||||
privateKeyDataRepresentation: CommandLine.arguments[2], sign: false)
|
||||
exitWith(response)
|
||||
}
|
||||
|
||||
@@ -188,7 +207,7 @@ if (command == "compute_secure_enclave_p256_ecsign") {
|
||||
let response = computeSecureEnclaveP256Ecsign(
|
||||
privateKeyDataRepresentation: CommandLine.arguments[2],
|
||||
content: CommandLine.arguments[3]
|
||||
);
|
||||
)
|
||||
exitWith(response)
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user