Permalink
Browse files

remove TouchID support without SEP

  • Loading branch information...
mastahyeti committed Aug 18, 2017
1 parent bcc7f1c commit 4085c78c5c6028dd7b4cf994ba6747cdbfc444fe
Showing with 3 additions and 88 deletions.
  1. +0 −33 SoftU2FTool/CLI.swift
  2. +3 −21 SoftU2FTool/Settings.swift
  3. +0 −34 SoftU2FTool/UserPresence.swift
@@ -13,9 +13,6 @@ fileprivate let deleteAllFlag = "--delete-all"
fileprivate let showSEPFlag = "--show-sep"
fileprivate let enableSEPFlag = "--enable-sep"
fileprivate let disableSEPFlag = "--disable-sep"
fileprivate let showTouchidFlag = "--show-touchid"
fileprivate let enableTouchidFlag = "--enable-touchid"
fileprivate let disableTouchidFlag = "--disable-touchid"
class CLI {
private let args: [String]
@@ -31,15 +28,6 @@ class CLI {
} else if args.contains(deleteAllFlag) {
deleteAll()
return true
} else if args.contains(showTouchidFlag) {
showTouchid()
return true
} else if args.contains(enableTouchidFlag) {
enableTouchid()
return true
} else if args.contains(disableTouchidFlag) {
disableTouchid()
return true
} else if args.contains(showSEPFlag) {
showSEP()
return true
@@ -93,27 +81,6 @@ class CLI {
print("Deleted ", initialCount, " registrations")
}
private func showTouchid() {
if Settings.touchidDisabled {
print("TouchID is disabled")
} else {
print("TouchID is enabled")
}
}
private func enableTouchid() {
if Settings.enableTouchid() {
print("TouchID is now enabled")
} else {
print("Error enabling TouchID. Does your system support it?")
}
}
private func disableTouchid() {
Settings.disableTouchid()
print("TouchID is now disabled")
}
private func showSEP() {
if Settings.sepEnabled {
print("SEP storage is enabled for new keys")
@@ -9,40 +9,22 @@ import Foundation
import LocalAuthentication
class Settings {
private static let touchidDisabledKey = "touchidDisabled"
private static let sepEnabledKey = "sepEnabled"
static var touchidDisabled: Bool {
return !touchidAvailable || UserDefaults.standard.bool(forKey: touchidDisabledKey)
}
static var sepEnabled: Bool {
return touchidAvailable && UserDefaults.standard.bool(forKey: sepEnabledKey)
return sepAvailable && UserDefaults.standard.bool(forKey: sepEnabledKey)
}
private static var touchidAvailable: Bool {
private static var sepAvailable: Bool {
if #available(OSX 10.12.2, *) {
return LAContext().canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: nil)
} else {
return false
}
}
static func enableTouchid() -> Bool {
if touchidAvailable {
UserDefaults.standard.set(false, forKey: touchidDisabledKey)
return true
} else {
return false
}
}
static func disableTouchid() {
UserDefaults.standard.set(true, forKey: touchidDisabledKey)
}
static func enableSEP() -> Bool {
if touchidAvailable {
if sepAvailable {
UserDefaults.standard.set(true, forKey: sepEnabledKey)
return true
} else {
@@ -79,40 +79,6 @@ class UserPresence: NSObject {
// Send a notification popup to the user.
func test(_ type: Notification) {
if #available(OSX 10.12.2, *) {
if !Settings.touchidDisabled {
let ctx = LAContext()
if ctx.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: nil) {
ctx.localizedCancelTitle = "Reject"
ctx.localizedFallbackTitle = "Skip TouchID"
var prompt: String
switch type {
case let .Register(facet):
prompt = "register with " + (facet ?? "site")
case let .Authenticate(facet):
prompt = "authenticate with " + (facet ?? "site")
}
ctx.evaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, localizedReason: prompt) { (success, err) in
guard let lerr = err as? LAError else {
self.complete(success)
return
}
switch lerr.code {
case .userFallback, .touchIDNotAvailable, .touchIDNotEnrolled:
self.sendNotification(type)
default:
self.complete(false)
}
}
return
}
}
}
sendNotification(type)
}

0 comments on commit 4085c78

Please sign in to comment.