react-native-local-auth/UIDevice+PasscodeStatus.m at master · Dharma-Platform/react-native-local-auth · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
//
//  UIDevice+PasscodeStatus.m
//  PasscodeStatus
//
//  Created by Liam Nichols on 02/09/2014.
//  Copyright (c) 2014 Liam Nichols. All rights reserved.
//

#import "UIDevice+PasscodeStatus.h"
#import <Security/Security.h>

NSString * const UIDevicePasscodeKeychainService = @"UIDevice-PasscodeStatus_KeychainService";
NSString * const UIDevicePasscodeKeychainAccount = @"UIDevice-PasscodeStatus_KeychainAccount";

@implementation UIDevice (PasscodeStatus)

- (BOOL)passcodeStatusSupported
{
#if TARGET_IPHONE_SIMULATOR
    return NO;
#endif

#ifdef __IPHONE_8_0
    return (&kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly != NULL);
#else
    return NO;
#endif
}

- (LNPasscodeStatus)passcodeStatus
{
#if TARGET_IPHONE_SIMULATOR
    NSLog(@"-[%@ %@] - not supported in simulator", NSStringFromClass([self class]), NSStringFromSelector(_cmd));
    return LNPasscodeStatusUnknown;
#endif

#ifdef __IPHONE_8_0
    if (&kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly != NULL) {

        static NSData *password = nil;
        static dispatch_once_t onceToken;
        dispatch_once(&onceToken, ^{
            password = [NSKeyedArchiver archivedDataWithRootObject:NSStringFromSelector(_cmd)];
        });

        NSDictionary *query = @{
                                (__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword,
                                (__bridge id)kSecAttrService: UIDevicePasscodeKeychainService,
                                (__bridge id)kSecAttrAccount: UIDevicePasscodeKeychainAccount,
                                (__bridge id)kSecReturnData: @YES,
                                };

        CFErrorRef sacError = NULL;
        SecAccessControlRef sacObject;
        sacObject = SecAccessControlCreateWithFlags(kCFAllocatorDefault, kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly, kNilOptions, &sacError);

        // unable to create the access control item.
        if (sacObject == NULL || sacError != NULL) {
            return LNPasscodeStatusUnknown;
        }


        NSMutableDictionary *setQuery = [query mutableCopy];
        [setQuery setObject:password forKey:(__bridge id)kSecValueData];
        [setQuery setObject:(__bridge id)sacObject forKey:(__bridge id)kSecAttrAccessControl];

        OSStatus status;
        status = SecItemAdd((__bridge CFDictionaryRef)setQuery, NULL);

        // if it failed to add the item.
        if (status == errSecDecode) {
            return LNPasscodeStatusDisabled;
        }

        status = SecItemCopyMatching((__bridge CFDictionaryRef)query, NULL);

        // it managed to retrieve data successfully
        if (status == errSecSuccess) {
            return LNPasscodeStatusEnabled;
        }

        // not sure what happened, returning unknown
        return LNPasscodeStatusUnknown;

    } else {
        return LNPasscodeStatusUnknown;
    }
#else
    return LNPasscodeStatusUnknown;
#endif
}

@end