mobile_nebula/ios/NebulaNetworkExtension/Keychain.swift

import Foundation

let groupName = "group.net.defined.mobileNebula"

class KeyChain {
    class func save(key: String, data: Data, managed: Bool) -> Bool {
        var query: [String: Any] = [
            kSecClass as String: kSecClassGenericPassword as String,
            kSecAttrAccount as String: key,
            kSecValueData as String: data,
            kSecAttrAccessGroup as String: groupName,
        ]

        if managed {
            query[kSecAttrAccessible as String] = kSecAttrAccessibleAfterFirstUnlock
        }

        // Attempt to delete an existing key to allow for an overwrite
        _ = delete(key: key)
        return SecItemAdd(query as CFDictionary, nil) == 0
    }

    class func load(key: String) -> Data? {
        let query: [String: Any] = [
            kSecClass as String: kSecClassGenericPassword,
            kSecAttrAccount as String: key,
            kSecReturnData as String: kCFBooleanTrue!,
            kSecMatchLimit as String: kSecMatchLimitOne,
            kSecAttrAccessGroup as String: groupName,
        ]

        var dataTypeRef: AnyObject?

        let status: OSStatus = SecItemCopyMatching(query as CFDictionary, &dataTypeRef)

        if status == noErr {
            return dataTypeRef as! Data?
        } else {
            return nil
        }
    }

    class func delete(key: String) -> Bool {
        let query: [String: Any] = [
            kSecClass as String: kSecClassGenericPassword as String,
            kSecAttrAccount as String: key,
            kSecAttrAccessGroup as String: groupName,
        ]

        return SecItemDelete(query as CFDictionary) == 0
    }
}

extension Data {
    init<T>(from value: T) {
        var value = value
        var data = Data()
        withUnsafePointer(to: &value) { (ptr: UnsafePointer<T>) in
            data = Data(buffer: UnsafeBufferPointer(start: ptr, count: 1))
        }
        self.init(data)
    }

    func to<T>(type _: T.Type) -> T {
        return withUnsafeBytes { $0.load(as: T.self) }
    }
}
Initial commit 2020-07-27 20:43:58 +00:00			`import Foundation`

			`let groupName = "group.net.defined.mobileNebula"`

			`class KeyChain {`
Support DN host enrollment (#86) Co-authored-by: Nate Brown <nbrown.us@gmail.com> 2022-11-17 21:43:16 +00:00			`class func save(key: String, data: Data, managed: Bool) -> Bool {`
			`var query: [String: Any] = [`
`swiftformat .` 2025-02-13 22:33:07 +00:00			`kSecClass as String: kSecClassGenericPassword as String,`
			`kSecAttrAccount as String: key,`
			`kSecValueData as String: data,`
Initial commit 2020-07-27 20:43:58 +00:00			`kSecAttrAccessGroup as String: groupName,`
			`]`
`swiftformat .` 2025-02-13 22:33:07 +00:00
			`if managed {`
Support DN host enrollment (#86) Co-authored-by: Nate Brown <nbrown.us@gmail.com> 2022-11-17 21:43:16 +00:00			`query[kSecAttrAccessible as String] = kSecAttrAccessibleAfterFirstUnlock`
			`}`
Initial commit 2020-07-27 20:43:58 +00:00
Support DN host enrollment (#86) Co-authored-by: Nate Brown <nbrown.us@gmail.com> 2022-11-17 21:43:16 +00:00			`// Attempt to delete an existing key to allow for an overwrite`
`swiftformat .` 2025-02-13 22:33:07 +00:00			`_ = delete(key: key)`
Support DN host enrollment (#86) Co-authored-by: Nate Brown <nbrown.us@gmail.com> 2022-11-17 21:43:16 +00:00			`return SecItemAdd(query as CFDictionary, nil) == 0`
Initial commit 2020-07-27 20:43:58 +00:00			`}`

			`class func load(key: String) -> Data? {`
			`let query: [String: Any] = [`
`swiftformat .` 2025-02-13 22:33:07 +00:00			`kSecClass as String: kSecClassGenericPassword,`
			`kSecAttrAccount as String: key,`
			`kSecReturnData as String: kCFBooleanTrue!,`
			`kSecMatchLimit as String: kSecMatchLimitOne,`
Initial commit 2020-07-27 20:43:58 +00:00			`kSecAttrAccessGroup as String: groupName,`
			`]`

`swiftformat .` 2025-02-13 22:33:07 +00:00			`var dataTypeRef: AnyObject?`
Initial commit 2020-07-27 20:43:58 +00:00
			`let status: OSStatus = SecItemCopyMatching(query as CFDictionary, &dataTypeRef)`

			`if status == noErr {`
			`return dataTypeRef as! Data?`
			`} else {`
			`return nil`
			`}`
			`}`
`swiftformat .` 2025-02-13 22:33:07 +00:00
Initial commit 2020-07-27 20:43:58 +00:00			`class func delete(key: String) -> Bool {`
`swiftformat .` 2025-02-13 22:33:07 +00:00			`let query: [String: Any] = [`
			`kSecClass as String: kSecClassGenericPassword as String,`
			`kSecAttrAccount as String: key,`
			`kSecAttrAccessGroup as String: groupName,`
			`]`
Initial commit 2020-07-27 20:43:58 +00:00
			`return SecItemDelete(query as CFDictionary) == 0`
			`}`
			`}`

			`extension Data {`
			`init<T>(from value: T) {`
			`var value = value`
			`var data = Data()`
`swiftformat .` 2025-02-13 22:33:07 +00:00			`withUnsafePointer(to: &value) { (ptr: UnsafePointer<T>) in`
Initial commit 2020-07-27 20:43:58 +00:00			`data = Data(buffer: UnsafeBufferPointer(start: ptr, count: 1))`
`swiftformat .` 2025-02-13 22:33:07 +00:00			`}`
Initial commit 2020-07-27 20:43:58 +00:00			`self.init(data)`
			`}`

`swiftformat .` 2025-02-13 22:33:07 +00:00			`func to<T>(type _: T.Type) -> T {`
			`return withUnsafeBytes { $0.load(as: T.self) }`
Initial commit 2020-07-27 20:43:58 +00:00			`}`
			`}`