Closed richard-gutan closed 5 years ago
EddyVerbruggen
commented
5 years ago Thanks! Can you make the PR compatible with iOS < 11.3? I mean, this constant changed from kSecAccessControlTouchIDAny in that version, according to https://developer.apple.com/documentation/security/secaccesscontrolcreateflags/ksecaccesscontrolbiometryany?language=objc (see the "SDKs" column on the right).
richard-gutan
commented
5 years ago Sure, could you please suggest a good way how do it as I don't have experience with Objective-C? Is it possible to do something like:
SecAccessControlRef accessControlRef = SecAccessControlCreateWithFlags( kCFAllocatorDefault, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, kSecAccessControlBiometryAny || kSecAccessControlTouchIDAny, &accessControlError);
Thanks!
EddyVerbruggen
commented
5 years ago Ah, no worries, I'll fix it myself after merging. I think your suggestion will lead to a runtime error on iOS < 11.3 because kSecAccessControlBiometryAny will be unknown.
Thanks again! I also immediately fixed this in my NativeScript plugin which was inspired on this one.
richard-gutan
commented
5 years ago Okay, thank you very much!
richard-gutan
commented
5 years ago Hello Eddy,
me again. I have come along one problem and that is I need to store a password into keychain. However that is not supported in your plugin. Would you like to support that feature in the plugin?
If yes, do you have any idea how long it could take to implement it if you would do the job? I don't want you to do that I just want to know how long it will take to someone with experience in Objective C, so I would be wiser how long it could take me to do.
Thanks, Richard
TouchID could be bypassed, see: https://github.com/sensepost/objection/wiki/Understanding-the-TouchID-Bypass
Fix includes only change in access control flag.