Skip to content
On this page

class SealdSsksTMRPlugin

objc
@interface SealdSsksTMRPlugin : NSObject

The SealdSSKSTmrPlugin class allows to use the SSKS key storage service to store Seald identities easily and securely, encrypted by a key stored on your back-end server.

MembersDescriptions
initWithSsksURL:appId:Initialize an instance of Seald SSKS TMR plugin.
saveIdentity:authFactor:challenge:rawTMRSymKey:identity:error:Save the Seald account to SSKS.
saveIdentityAsync:authFactor:challenge:rawTMRSymKey:identity:completionHandler:Save the Seald account to SSKS.
retrieveIdentity:authFactor:challenge:rawTMRSymKey:error:Retrieve the Seald account previously saved with [ssksTMRPluginInstance saveIdentity].
retrieveIdentityAsync:authFactor:challenge:rawTMRSymKey:completionHandler:Retrieve the Seald account previously saved with [ssksTMRPluginInstance saveIdentity].

initWithSsksURL:appId:

objc
- (instancetype) initWithSsksURL:(const NSString *)ssksURL
                           appId:(const NSString *)appId;

Initialize an instance of Seald SSKS TMR plugin.

Parameters

  • ssksURL The URL of the SSKS Identity Key Storage to which it should connect.

  • appId The application ID to use.

saveIdentity:authFactor:challenge:rawTMRSymKey:identity:error:

objc
- (void) saveIdentity:(const NSString *)sessionId
           authFactor:(const SealdSsksAuthFactor *)authFactor
            challenge:(const NSString *)challenge
         rawTMRSymKey:(const NSData *)rawTMRSymKey
             identity:(const NSData *)identity
                error:(NSError *_Nullable *)error;

Save the Seald account to SSKS.

Parameters

  • sessionId The user's session ID.

  • authFactor The authentication factor to use.

  • challenge The challenge sent by SSKS to the user's authentication method. Set to empty string if the SSKS server replies to challenge_send API call with must_authenticate set to false.

  • rawTMRSymKey The raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.

  • identity The identity to save.

  • error Error pointer.

saveIdentityAsync:authFactor:challenge:rawTMRSymKey:identity:completionHandler:

objc
- (void) saveIdentityAsync:(const NSString *)sessionId
                authFactor:(const SealdSsksAuthFactor *)authFactor
                 challenge:(const NSString *)challenge
              rawTMRSymKey:(const NSData *)rawTMRSymKey
                  identity:(const NSData *)identity
         completionHandler:(void(^)(NSError *_Nullable error))completionHandler;

Save the Seald account to SSKS.

Parameters

  • sessionId The user's session ID.

  • authFactor The authentication factor to use.

  • challenge The challenge sent by SSKS to the user's authentication method. Set to empty string if the SSKS server replies to challenge_send API call with must_authenticate set to false.

  • rawTMRSymKey The raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.

  • identity The identity to save.

  • completionHandler A callback called after function execution. This callback take a pointer to a NSError that indicates if any error occurred.

retrieveIdentity:authFactor:challenge:rawTMRSymKey:error:

objc
- (SealdSsksRetrieveIdentityResponse *) retrieveIdentity:(const NSString *)sessionId
                                              authFactor:(const SealdSsksAuthFactor *)authFactor
                                               challenge:(const NSString *)challenge
                                            rawTMRSymKey:(const NSData *)rawTMRSymKey
                                                   error:(NSError *_Nullable *)error;

Retrieve the Seald account previously saved with [ssksTMRPluginInstance saveIdentity].

Parameters

  • sessionId The user's session ID.

  • authFactor The authentication factor to use.

  • challenge The challenge sent by SSKS to the user's authentication method.

  • rawTMRSymKey The raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.

  • error Error pointer.

Returns

A SealdSsksRetrieveIdentityResponse instance, containing identity, the retrieved identity, shouldRenewKey, a boolean set to true is the user private key should be renewed (using [sealdSDKInstance renewKeys]), and authenticatedSessionId, a new authenticated sessionId, that you can use to perform further SSKS TMR operations without challenge.

retrieveIdentityAsync:authFactor:challenge:rawTMRSymKey:completionHandler:

objc
- (void) retrieveIdentityAsync:(const NSString *)sessionId
                    authFactor:(const SealdSsksAuthFactor *)authFactor
                     challenge:(const NSString *)challenge
                  rawTMRSymKey:(const NSData *)rawTMRSymKey
             completionHandler:(void(^)(SealdSsksRetrieveIdentityResponse *response, NSError *_Nullable error))completionHandler;

Retrieve the Seald account previously saved with [ssksTMRPluginInstance saveIdentity].

Parameters

  • sessionId The user's session ID.

  • authFactor The authentication factor to use.

  • challenge The challenge sent by SSKS to the user's authentication method.

  • rawTMRSymKey The raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.

  • completionHandler A callback called after function execution. This callback take two arguments, a NSData* containing the retrieved identity, and a NSError* that indicates if any error occurred.