Seald: documentationclass SealdSsksTMRPlugin
@interface SealdSsksTMRPlugin : NSObject@interface SealdSsksTMRPlugin : NSObjectThe SealdSSKSTmrPlugin class allows to use the SSKS key storage service to store Seald identities easily and securely, encrypted by a key stored on your back-end server.
| Members | Descriptions |
|---|---|
initWithSsksURL:appId:instanceName:logLevel:logNoColor: | Initialize an instance of Seald SSKS TMR plugin. |
initWithSsksURL:appId: | |
saveIdentity:authFactor:challenge:rawTMRSymKey:identity:error: | Save the Seald account to SSKS. |
saveIdentityAsync:authFactor:challenge:rawTMRSymKey:identity:completionHandler: | Save the Seald account to SSKS. |
retrieveIdentity:authFactor:challenge:rawTMRSymKey:error: | Retrieve the Seald account previously saved with [ssksTMRPluginInstance saveIdentity]. |
retrieveIdentityAsync:authFactor:challenge:rawTMRSymKey:completionHandler: | Retrieve the Seald account previously saved with [ssksTMRPluginInstance saveIdentity]. |
getFactorToken:authFactor:challenge:error: | Retrieve the TMR JWT associated with an authentication factor. |
getFactorTokenAsync:authFactor:challenge:completionHandler: | Retrieve the TMR JWT associated with an authentication factor. |
initWithSsksURL:appId:instanceName:logLevel:logNoColor:
- (instancetype) initWithSsksURL:(const NSString *)ssksURL
appId:(const NSString *)appId
instanceName:(const NSString *)instanceName
logLevel:(const NSInteger)logLevel
logNoColor:(const BOOL)logNoColor;- (instancetype) initWithSsksURL:(const NSString *)ssksURL
appId:(const NSString *)appId
instanceName:(const NSString *)instanceName
logLevel:(const NSInteger)logLevel
logNoColor:(const BOOL)logNoColor;Initialize an instance of Seald SSKS TMR plugin.
Parameters
ssksURLThe URL of the SSKS Identity Key Storage to which it should connect.appIdThe application ID to use.instanceNameAn arbitrary name to give to this SSKS Plugin. Can be useful for debugging when multiple instances are running in parallel, as it is added to logs.logLevelThe minimum level of logs you want. All logs of this level or above will be displayed.-1: Trace;0: Debug;1: Info;2: Warn;3: Error;4: Fatal;5: Panic;6: NoLevel;7: Disabled.logNoColorShould be set toNOif you want to enable colors in the log output,YESif you don't.
initWithSsksURL:appId:
- (instancetype) initWithSsksURL:(const NSString *)ssksURL
appId:(const NSString *)appId;- (instancetype) initWithSsksURL:(const NSString *)ssksURL
appId:(const NSString *)appId;saveIdentity:authFactor:challenge:rawTMRSymKey:identity:error:
- (void) saveIdentity:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
rawTMRSymKey:(const NSData *)rawTMRSymKey
identity:(const NSData *)identity
error:(NSError *_Nullable *)error;- (void) saveIdentity:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
rawTMRSymKey:(const NSData *)rawTMRSymKey
identity:(const NSData *)identity
error:(NSError *_Nullable *)error;Save the Seald account to SSKS.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.challengeThe challenge sent by SSKS to the user's authentication method. Set to empty string if the SSKS server replies to challenge_send API call withmust_authenticateset tofalse.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.identityThe identity to save.errorError pointer.
saveIdentityAsync:authFactor:challenge:rawTMRSymKey:identity:completionHandler:
- (void) saveIdentityAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
rawTMRSymKey:(const NSData *)rawTMRSymKey
identity:(const NSData *)identity
completionHandler:(void(^)(NSError *_Nullable error))completionHandler;- (void) saveIdentityAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
rawTMRSymKey:(const NSData *)rawTMRSymKey
identity:(const NSData *)identity
completionHandler:(void(^)(NSError *_Nullable error))completionHandler;Save the Seald account to SSKS.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.challengeThe challenge sent by SSKS to the user's authentication method. Set to empty string if the SSKS server replies to challenge_send API call withmust_authenticateset tofalse.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.identityThe identity to save.completionHandlerA callback called after function execution. This callback take a pointer to aNSErrorthat indicates if any error occurred.
retrieveIdentity:authFactor:challenge:rawTMRSymKey:error:
- (SealdSsksRetrieveIdentityResponse *) retrieveIdentity:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
rawTMRSymKey:(const NSData *)rawTMRSymKey
error:(NSError *_Nullable *)error;- (SealdSsksRetrieveIdentityResponse *) retrieveIdentity:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
rawTMRSymKey:(const NSData *)rawTMRSymKey
error:(NSError *_Nullable *)error;Retrieve the Seald account previously saved with [ssksTMRPluginInstance saveIdentity].
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.challengeThe challenge sent by SSKS to the user's authentication method.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.errorError pointer.
Returns
A SealdSsksRetrieveIdentityResponse instance, containing identity, the retrieved identity, shouldRenewKey, a boolean set to true is the user private key should be renewed (using [sealdSDKInstance renewKeys]), and authenticatedSessionId, a new authenticated sessionId, that you can use to perform further SSKS TMR operations without challenge.
retrieveIdentityAsync:authFactor:challenge:rawTMRSymKey:completionHandler:
- (void) retrieveIdentityAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
rawTMRSymKey:(const NSData *)rawTMRSymKey
completionHandler:(void(^)(SealdSsksRetrieveIdentityResponse *response, NSError *_Nullable error))completionHandler;- (void) retrieveIdentityAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
rawTMRSymKey:(const NSData *)rawTMRSymKey
completionHandler:(void(^)(SealdSsksRetrieveIdentityResponse *response, NSError *_Nullable error))completionHandler;Retrieve the Seald account previously saved with [ssksTMRPluginInstance saveIdentity].
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.challengeThe challenge sent by SSKS to the user's authentication method.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.completionHandlerA callback called after function execution. This callback take two arguments, aNSData*containing the retrieved identity, and aNSError*that indicates if any error occurred.
getFactorToken:authFactor:challenge:error:
- (SealdSsksGetFactorTokenResponse *) getFactorToken:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
error:(NSError *_Nullable *)error;- (SealdSsksGetFactorTokenResponse *) getFactorToken:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
error:(NSError *_Nullable *)error;Retrieve the TMR JWT associated with an authentication factor.
Parameters
sessionIdSession ID given by SSKS to your app's server.authFactorAuthentication method of this user, to which SSKS has sent a challenge at the request of your app's server.challengeThe challenge sent by SSKS to the user's authentication method if any. Set to empty string if you already have an authenticated session.errorError pointer.
Returns
An [GetFactorTokenResponse] instance, containing the retrieved authentication factor token.
getFactorTokenAsync:authFactor:challenge:completionHandler:
- (void) getFactorTokenAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
completionHandler:(void(^)(SealdSsksGetFactorTokenResponse *response, NSError *_Nullable error))completionHandler;- (void) getFactorTokenAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *)challenge
completionHandler:(void(^)(SealdSsksGetFactorTokenResponse *response, NSError *_Nullable error))completionHandler;Retrieve the TMR JWT associated with an authentication factor.
Parameters
sessionIdSession ID given by SSKS to your app's server.authFactorAuthentication method of this user, to which SSKS has sent a challenge at the request of your app's server.challengeThe challenge sent by SSKS to the user's authentication method if any. Set to empty string if you already have an authenticated session.completionHandlerA callback called after function execution. This callback take two arguments, aSealdSsksGetFactorTokenResponse*containing the retrieved token, and aNSError*that indicates if any error occurred.