Implemented deleting all keychain items after re-installing app

This commit is contained in:
dankito 2020-10-14 02:12:36 +02:00
parent 93de8bf252
commit acf0345aaf
2 changed files with 70 additions and 1 deletions

View File

@ -50,6 +50,8 @@
3684EB90250B7F560001139E /* BankingUiCommon.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 3684EB8E250B7F3C0001139E /* BankingUiCommon.framework */; }; 3684EB90250B7F560001139E /* BankingUiCommon.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 3684EB8E250B7F3C0001139E /* BankingUiCommon.framework */; };
3684EB92250FD4AF0001139E /* LabelledValue.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3684EB91250FD4AF0001139E /* LabelledValue.swift */; }; 3684EB92250FD4AF0001139E /* LabelledValue.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3684EB91250FD4AF0001139E /* LabelledValue.swift */; };
3684EB94250FD75B0001139E /* CustomUITextField.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3684EB93250FD75B0001139E /* CustomUITextField.swift */; }; 3684EB94250FD75B0001139E /* CustomUITextField.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3684EB93250FD75B0001139E /* CustomUITextField.swift */; };
36B70FA52536611000734588 /* CryptoSwift in Frameworks */ = {isa = PBXBuildFile; productRef = 36B70FA42536611000734588 /* CryptoSwift */; };
36B70FAA2536695800734588 /* Stopwatch.swift in Sources */ = {isa = PBXBuildFile; fileRef = 36B70FA92536695800734588 /* Stopwatch.swift */; };
36B8A4482503D12100C15359 /* ProtectAppSettingsDialog.swift in Sources */ = {isa = PBXBuildFile; fileRef = 36B8A4472503D12100C15359 /* ProtectAppSettingsDialog.swift */; }; 36B8A4482503D12100C15359 /* ProtectAppSettingsDialog.swift in Sources */ = {isa = PBXBuildFile; fileRef = 36B8A4472503D12100C15359 /* ProtectAppSettingsDialog.swift */; };
36B8A44B2503D1E800C15359 /* BiometricAuthenticationService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 36B8A44A2503D1E800C15359 /* BiometricAuthenticationService.swift */; }; 36B8A44B2503D1E800C15359 /* BiometricAuthenticationService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 36B8A44A2503D1E800C15359 /* BiometricAuthenticationService.swift */; };
36B8A44D2503D96D00C15359 /* AuthenticationService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 36B8A44C2503D96D00C15359 /* AuthenticationService.swift */; }; 36B8A44D2503D96D00C15359 /* AuthenticationService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 36B8A44C2503D96D00C15359 /* AuthenticationService.swift */; };
@ -307,6 +309,7 @@
361A0CD0252AA1AB007E25DD /* Security.framework in Frameworks */, 361A0CD0252AA1AB007E25DD /* Security.framework in Frameworks */,
3684EB90250B7F560001139E /* BankingUiCommon.framework in Frameworks */, 3684EB90250B7F560001139E /* BankingUiCommon.framework in Frameworks */,
36BCF86924BA550D005BEC29 /* BankFinder.framework in Frameworks */, 36BCF86924BA550D005BEC29 /* BankFinder.framework in Frameworks */,
36B70FA52536611000734588 /* CryptoSwift in Frameworks */,
36BCF85E24BA4DA8005BEC29 /* MultiplatformUtils.framework in Frameworks */, 36BCF85E24BA4DA8005BEC29 /* MultiplatformUtils.framework in Frameworks */,
36FC92D024B39C47002B12E9 /* fints4k.framework in Frameworks */, 36FC92D024B39C47002B12E9 /* fints4k.framework in Frameworks */,
36BCF87024BB0F8A005BEC29 /* fints4kBankingClient.framework in Frameworks */, 36BCF87024BB0F8A005BEC29 /* fints4kBankingClient.framework in Frameworks */,
@ -652,6 +655,7 @@
name = BankingiOSApp; name = BankingiOSApp;
packageProductDependencies = ( packageProductDependencies = (
36BE06BF24D07CCD00CBBB68 /* SwiftSoup */, 36BE06BF24D07CCD00CBBB68 /* SwiftSoup */,
36B70FA42536611000734588 /* CryptoSwift */,
); );
productName = BankingiOSApp; productName = BankingiOSApp;
productReference = 36FC929824B39A05002B12E9 /* Bankmeister.app */; productReference = 36FC929824B39A05002B12E9 /* Bankmeister.app */;
@ -732,6 +736,7 @@
mainGroup = 36FC928F24B39A05002B12E9; mainGroup = 36FC928F24B39A05002B12E9;
packageReferences = ( packageReferences = (
36BE06BE24D07CCC00CBBB68 /* XCRemoteSwiftPackageReference "SwiftSoup" */, 36BE06BE24D07CCC00CBBB68 /* XCRemoteSwiftPackageReference "SwiftSoup" */,
36B70FA32536611000734588 /* XCRemoteSwiftPackageReference "CryptoSwift" */,
); );
productRefGroup = 36FC929924B39A05002B12E9 /* Products */; productRefGroup = 36FC929924B39A05002B12E9 /* Products */;
projectDirPath = ""; projectDirPath = "";
@ -1367,6 +1372,14 @@
/* End XCConfigurationList section */ /* End XCConfigurationList section */
/* Begin XCRemoteSwiftPackageReference section */ /* Begin XCRemoteSwiftPackageReference section */
36B70FA32536611000734588 /* XCRemoteSwiftPackageReference "CryptoSwift" */ = {
isa = XCRemoteSwiftPackageReference;
repositoryURL = "https://github.com/krzyzanowskim/CryptoSwift.git";
requirement = {
kind = upToNextMajorVersion;
minimumVersion = 1.3.2;
};
};
36BE06BE24D07CCC00CBBB68 /* XCRemoteSwiftPackageReference "SwiftSoup" */ = { 36BE06BE24D07CCC00CBBB68 /* XCRemoteSwiftPackageReference "SwiftSoup" */ = {
isa = XCRemoteSwiftPackageReference; isa = XCRemoteSwiftPackageReference;
repositoryURL = "https://github.com/scinfu/SwiftSoup.git"; repositoryURL = "https://github.com/scinfu/SwiftSoup.git";
@ -1378,6 +1391,11 @@
/* End XCRemoteSwiftPackageReference section */ /* End XCRemoteSwiftPackageReference section */
/* Begin XCSwiftPackageProductDependency section */ /* Begin XCSwiftPackageProductDependency section */
36B70FA42536611000734588 /* CryptoSwift */ = {
isa = XCSwiftPackageProductDependency;
package = 36B70FA32536611000734588 /* XCRemoteSwiftPackageReference "CryptoSwift" */;
productName = CryptoSwift;
};
36BE06BF24D07CCD00CBBB68 /* SwiftSoup */ = { 36BE06BF24D07CCD00CBBB68 /* SwiftSoup */ = {
isa = XCSwiftPackageProductDependency; isa = XCSwiftPackageProductDependency;
package = 36BE06BE24D07CCC00CBBB68 /* XCRemoteSwiftPackageReference "SwiftSoup" */; package = 36BE06BE24D07CCC00CBBB68 /* XCRemoteSwiftPackageReference "SwiftSoup" */;

View File

@ -19,6 +19,11 @@ class AuthenticationService {
init(_ persistence: IBankingPersistence) { init(_ persistence: IBankingPersistence) {
self.persistence = persistence self.persistence = persistence
if UserDefaults.standard.bool(forKey: "hasAppBeenStartedBefore", defaultValue: false) == false { // when uninstalling app key chain items aren't deleted -> delete them after reinstall
deleteAllKeyChainItems()
UserDefaults.standard.setValue(true, forKey: "hasAppBeenStartedBefore")
}
if let type = readAuthenticationType() { if let type = readAuthenticationType() {
self.authenticationType = type self.authenticationType = type
@ -26,7 +31,7 @@ class AuthenticationService {
openDatabase(false, nil) openDatabase(false, nil)
} }
} }
else { // first app run, no authentication type persisted yet -> set to .unprotected else { // first app run, no authentication type persisted yet -> set default password
removeAppProtection() removeAppProtection()
openDatabase(false, nil) openDatabase(false, nil)
} }
@ -162,6 +167,16 @@ class AuthenticationService {
self.authenticationType = type self.authenticationType = type
} }
private func deleteAuthenticationTypeKeychainItem() {
do {
let item = createAuthenticationTypeKeychainItem()
try item.deleteItem()
} catch {
NSLog("Could not delete authentication type keychain item: \(error)")
}
}
private func createAuthenticationTypeKeychainItem() -> KeychainPasswordItem { private func createAuthenticationTypeKeychainItem() -> KeychainPasswordItem {
return KeychainPasswordItem(Self.AuthenticationTypeKeychainAccountName) return KeychainPasswordItem(Self.AuthenticationTypeKeychainAccountName)
} }
@ -229,6 +244,32 @@ class AuthenticationService {
return nil return nil
} }
@discardableResult
private func deleteDefaultPassword(_ useBiometricAuthentication: Bool) -> Bool {
do {
let passwordItem = createDefaultPasswordKeychainItem(useBiometricAuthentication)
return deleteDefaultPassword(passwordItem)
} catch {
NSLog("Could not delete default password: \(error)")
}
return false
}
@discardableResult
private func deleteDefaultPassword(_ passwordItem: KeychainPasswordItem) -> Bool {
do {
try? passwordItem.deleteItem()
return true
} catch {
NSLog("Could not delete default password: \(error)")
}
return false
}
private func createDefaultPasswordKeychainItem(_ useBiometricAuthentication: Bool) -> KeychainPasswordItem { private func createDefaultPasswordKeychainItem(_ useBiometricAuthentication: Bool) -> KeychainPasswordItem {
var accessControl: SecAccessControl? = nil var accessControl: SecAccessControl? = nil
var context: LAContext? = nil var context: LAContext? = nil
@ -294,6 +335,16 @@ class AuthenticationService {
} }
private func deleteAllKeyChainItems() {
deleteAuthenticationTypeKeychainItem()
deleteDefaultPassword(false) // TODO: which boolean value to set here? does it make any difference if it comes to deleting the key chain item?a
deleteDefaultPassword(true)
deleteLoginPassword()
}
private func generateRandomPassword(_ passwordLength: Int) -> String { private func generateRandomPassword(_ passwordLength: Int) -> String {
let dictionary = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789§±!@#$%^&*-_=+;:|/?.>,<" let dictionary = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789§±!@#$%^&*-_=+;:|/?.>,<"