class SealdSsksTMRPlugin
@interface SealdSsksTMRPlugin : NSObjectThe SealdSSKSTmrPlugin class allows to use the SSKS key storage service to store Seald identities easily and securely, encrypted by a key stored on your back-end server.
initWithSsksURL:appId:maxParallelRequests:instanceName:logLevel:logNoColor:
- (instancetype) initWithSsksURL:(const NSString *)ssksURL
appId:(const NSString *)appId
maxParallelRequests:(const NSInteger)maxParallelRequests
instanceName:(const NSString *)instanceName
logLevel:(const NSInteger)logLevel
logNoColor:(const BOOL)logNoColor;Initialize an instance of Seald SSKS TMR plugin.
Parameters
ssksURLThe URL of the SSKS Identity Key Storage to which it should connect.appIdThe application ID to use.maxParallelRequestsThe maximum number of concurrent network requests allowed for this instance. Set to 0 to use the default (10). Set to a negative value to disable the limit entirely.instanceNameAn arbitrary name to give to this SSKS Plugin. Can be useful for debugging when multiple instances are running in parallel, as it is added to logs.logLevelThe minimum level of logs you want. All logs of this level or above will be displayed.-1: Trace;0: Debug;1: Info;2: Warn;3: Error;4: Fatal;5: Panic;6: NoLevel;7: Disabled.logNoColorShould be set toNOif you want to enable colors in the log output,YESif you don't.
initWithSsksURL:appId:
- (instancetype) initWithSsksURL:(const NSString *)ssksURL
appId:(const NSString *)appId;saveIdentity:authFactor:rawTMRSymKey:identity:challenge:error:
- (SealdSsksSaveIdentityResponse *) saveIdentity:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
rawTMRSymKey:(const NSData *)rawTMRSymKey
identity:(const NSData *)identity
challenge:(const NSString *_Nullable)challenge
error:(NSError *_Nullable *)error;Save the Seald account to SSKS.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.identityThe identity to save.challengeOptional. The challenge sent by SSKS to the user's authentication method, if any.errorError pointer.
Returns
A SealdSsksSaveIdentityResponse instance, containing the SSKS ID of the stored identity, which can be used by your backend to manage it, and if a challenge was passed authenticatedSessionId, a new authenticated sessionId, that you can use to perform further SSKS TMR operations without challenge.
saveIdentity:authFactor:rawTMRSymKey:identity:error:
- (SealdSsksSaveIdentityResponse *) saveIdentity:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
rawTMRSymKey:(const NSData *)rawTMRSymKey
identity:(const NSData *)identity
error:(NSError *_Nullable *)error;Save the Seald account to SSKS.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.identityThe identity to save.errorError pointer.
Returns
A SealdSsksSaveIdentityResponse instance, containing the SSKS ID of the stored identity, which can be used by your backend to manage it, and if a challenge was passed authenticatedSessionId, a new authenticated sessionId, that you can use to perform further SSKS TMR operations without challenge.
saveIdentityAsync:authFactor:rawTMRSymKey:identity:challenge:completionHandler:
- (void) saveIdentityAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
rawTMRSymKey:(const NSData *)rawTMRSymKey
identity:(const NSData *)identity
challenge:(const NSString *_Nullable)challenge
completionHandler:(void(^)(SealdSsksSaveIdentityResponse *response, NSError *_Nullable error))completionHandler;Save the Seald account to SSKS.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.identityThe identity to save.challengeOptional. The challenge sent by SSKS to the user's authentication method, if any.completionHandlerA callback called after function execution. This callback takes two arguments, a SealdSsksSaveIdentityResponse* containing the SSKS ID of the saved identity, and aNSError*that indicates if any error occurred.
saveIdentityAsync:authFactor:rawTMRSymKey:identity:completionHandler:
- (void) saveIdentityAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
rawTMRSymKey:(const NSData *)rawTMRSymKey
identity:(const NSData *)identity
completionHandler:(void(^)(SealdSsksSaveIdentityResponse *response, NSError *_Nullable error))completionHandler;Save the Seald account to SSKS.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.identityThe identity to save.completionHandlerA callback called after function execution. This callback takes two arguments, a SealdSsksSaveIdentityResponse* containing the SSKS ID of the saved identity, and aNSError*that indicates if any error occurred.
retrieveIdentity:authFactor:rawTMRSymKey:challenge:error:
- (SealdSsksRetrieveIdentityResponse *) retrieveIdentity:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
rawTMRSymKey:(const NSData *)rawTMRSymKey
challenge:(const NSString *_Nullable)challenge
error:(NSError *_Nullable *)error;Retrieve the Seald account previously saved with saveIdentity:authFactor:rawTMRSymKey:identity:challenge:error:.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.challengeOptional. The challenge sent by SSKS to the user's authentication method, if any.errorError pointer.
Returns
A SealdSsksRetrieveIdentityResponse instance, containing identity, the retrieved identity, shouldRenewKey, a boolean set to true is the user private key should be renewed (using renewKeysWithPreparedRenewal:privateKeys:expireAfter:error: (SealdSdk)), and authenticatedSessionId, a new authenticated sessionId, that you can use to perform further SSKS TMR operations without challenge.
retrieveIdentity:authFactor:rawTMRSymKey:error:
- (SealdSsksRetrieveIdentityResponse *) retrieveIdentity:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
rawTMRSymKey:(const NSData *)rawTMRSymKey
error:(NSError *_Nullable *)error;Retrieve the Seald account previously saved with saveIdentity:authFactor:rawTMRSymKey:identity:challenge:error:.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.errorError pointer.
Returns
A SealdSsksRetrieveIdentityResponse instance, containing identity, the retrieved identity, shouldRenewKey, a boolean set to true is the user private key should be renewed (using renewKeysWithPreparedRenewal:privateKeys:expireAfter:error: (SealdSdk)), and authenticatedSessionId, a new authenticated sessionId, that you can use to perform further SSKS TMR operations without challenge.
retrieveIdentityAsync:authFactor:rawTMRSymKey:challenge:completionHandler:
- (void) retrieveIdentityAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
rawTMRSymKey:(const NSData *)rawTMRSymKey
challenge:(const NSString *_Nullable)challenge
completionHandler:(void(^)(SealdSsksRetrieveIdentityResponse *response, NSError *_Nullable error))completionHandler;Retrieve the Seald account previously saved with saveIdentity:authFactor:rawTMRSymKey:identity:challenge:error:.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.challengeOptional. The challenge sent by SSKS to the user's authentication method, if any.completionHandlerA callback called after function execution. This callback takes two arguments, a SealdSsksRetrieveIdentityResponse* containing the retrieved identity, and aNSError*that indicates if any error occurred.
retrieveIdentityAsync:authFactor:rawTMRSymKey:completionHandler:
- (void) retrieveIdentityAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
rawTMRSymKey:(const NSData *)rawTMRSymKey
completionHandler:(void(^)(SealdSsksRetrieveIdentityResponse *response, NSError *_Nullable error))completionHandler;Retrieve the Seald account previously saved with saveIdentity:authFactor:rawTMRSymKey:identity:challenge:error:.
Parameters
sessionIdThe user's session ID.authFactorThe authentication factor to use.rawTMRSymKeyThe raw encryption key used to encrypt / decrypt the stored identity keys. This MUST be a cryptographically random NSData of 64 bytes.completionHandlerA callback called after function execution. This callback takes two arguments, a SealdSsksRetrieveIdentityResponse* containing the retrieved identity, and aNSError*that indicates if any error occurred.
getFactorToken:authFactor:challenge:error:
- (SealdSsksGetFactorTokenResponse *) getFactorToken:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *_Nullable)challenge
error:(NSError *_Nullable *)error;Retrieve the TMR JWT associated with an authentication factor.
Parameters
sessionIdSession ID given by SSKS to your app's server.authFactorAuthentication method of this user, to which SSKS has sent a challenge at the request of your app's server.challengeOptional. The challenge sent by SSKS to the user's authentication method, if any.errorError pointer.
Returns
A SealdSsksGetFactorTokenResponse instance, containing the retrieved authentication factor token.
getFactorToken:authFactor:error:
- (SealdSsksGetFactorTokenResponse *) getFactorToken:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
error:(NSError *_Nullable *)error;Retrieve the TMR JWT associated with an authentication factor.
Parameters
sessionIdSession ID given by SSKS to your app's server.authFactorAuthentication method of this user, to which SSKS has sent a challenge at the request of your app's server.errorError pointer.
Returns
A SealdSsksGetFactorTokenResponse instance, containing the retrieved authentication factor token.
getFactorTokenAsync:authFactor:challenge:completionHandler:
- (void) getFactorTokenAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
challenge:(const NSString *_Nullable)challenge
completionHandler:(void(^)(SealdSsksGetFactorTokenResponse *response, NSError *_Nullable error))completionHandler;Retrieve the TMR JWT associated with an authentication factor.
Parameters
sessionIdSession ID given by SSKS to your app's server.authFactorAuthentication method of this user, to which SSKS has sent a challenge at the request of your app's server.challengeOptional. The challenge sent by SSKS to the user's authentication method, if any.completionHandlerA callback called after function execution. This callback takes two arguments, aSealdSsksGetFactorTokenResponse*containing the retrieved token, and aNSError*that indicates if any error occurred.
getFactorTokenAsync:authFactor:completionHandler:
- (void) getFactorTokenAsync:(const NSString *)sessionId
authFactor:(const SealdTmrAuthFactor *)authFactor
completionHandler:(void(^)(SealdSsksGetFactorTokenResponse *response, NSError *_Nullable error))completionHandler;Retrieve the TMR JWT associated with an authentication factor.
Parameters
sessionIdSession ID given by SSKS to your app's server.authFactorAuthentication method of this user, to which SSKS has sent a challenge at the request of your app's server.completionHandlerA callback called after function execution. This callback takes two arguments, a SealdSsksGetFactorTokenResponse* containing the retrieved token, and aNSError*that indicates if any error occurred.