update docs

[dkliman]

the usage in current docs is all depreciated...

what's the correct current usage?

i'm not sure what you mean by "access via keychainWrapper.standardKeychainAccess()"

[dkliman]

well, I'm a bit of a beginner at swift, so it took me a few minutes but I figured it out... I guess it's pretty obvious...

I created an instance:

let secretAcess = KeychainWrapper.standardKeychainAccess() then when I wanted to retrieve a key it looked like this:

        if let text = secretAccess.stringForKey("SecretMessage") {
            secret.text = text
        }

[jrendel]

Are you working off the Dev branch? Since you're hitting the deprecation warnings, I assume so. You are correct in that you need to go through .standardKeychainAccess() currently in dev. You could also create your own instance like this:

let myKechainAccess = KeychainWrapper(serviceName: "MyAccess")

if let text = myKeychainAccess.stringForKey("secretMessage") {
    secret.text = text
}

This is actually something I'm right in the middle of working on myself and torn between implementations for the standard access.

This wrapper started out as a collection of static methods, with no state. But then users wanted the ability to change certain aspects, such as ServiceName (the account name your keys are stored under), access group (a grouping that can be used to allow cross app access to the same keys) access level, access type, etc. There's a few things I've got left to implement.

So I needed a way to provide basic, worry free access for someone that just wants something that works. And access for the user that wants to tweak multiple settings. I decided to go with an NSUserDefaults approach. They provide a .standardUserDefaults() that gives you general access most people need. Or you can create your own instance of user defaults and tweak a few things.

The question I'm facing now is do I leave my static accessors (which are currently all deprecated in dev) or force general access through the shared singleton object.

Standard access following the NSUserDefaults pattern would be achieved in this way:

if let text = KeychainWrapper.standardKeychainAccess().stringForKey("SecretMessage") {
    secret.text = text
}

The deprecated method when this was just a collection of static class functions was:

if let text = KeychainWrapper.stringForKey("SecretMessage") {
    secret.text = text
}

I do feel its slightly more convenient to be able to forego the .standardKeychainAccess() call in the middle. But I'm not sure if its a good API design or not.

All that to say, you're doing it right but I may still change it. :)

[dkliman]

what about a protocol extension on NSUserDefaults, in following with those expected features?

now I've only just started using this in the last couple hours, and I'm using it with a tutorial at hackingwithswift.com (tutorial # 28)... and now I'm wondering... how does one set the password that is used to encrypt the data?

[jrendel]

Well this doesn't actually interact with NSUserDefaults at all. I'm just using it as an example of a similar model. So no need for a protocol extension.

Encryption is a tricky thing with keychain. To make use of Keychain encryption, you don't need to set a password to encrypt the data. The main point of keychain is that it handles the encryption for you. HOWEVER, that being said, keychain only works properly when the device has a PIN set on it. Without a PIN, there's nothing to encrypt with and keychain loses that key security. Without a PIN, nothing on your phone benefits from Apple's built in security.

For this reason, when storing data that needs to be secured, I would encourage you to encrypt it before storing it in keychain. RNCryptor (https://github.com/RNCryptor/RNCryptor/tree/swift) is a popular open source encryption library that has a good reputation. You would encrypt your data using some password and then put it into the keychain.

There is a way to check if the user has set a PIN and you can prompt them to do so if they haven't. But its a tricky topic and is a bit outside the scope of this library :)