EMPasswordManager
Objective-C
@protocol EMPasswordManager <NSObject>
Swift
protocol EMPasswordManager : NSObjectProtocol
In the Mobile Protector SDK, some sensitive functionalities are represented by the EMPasswordDomain. Each element of the enum EMPasswordDomainType represents a specific set of functionalities. Before these functionalities can be used, they must first be unlocked.
The Password Manager is a high level interface that allows to set a single password to manage all the EMPasswordDomain at the same time.
Using User-defined Password
-
Set a password. The first step when using the EMPasswordManager is to set a password. The password should be provided by an outside source (the application user, through a secured communication channel with a server, etc.).
// Assumptions // get PasswordManager from EMEzioMobileContext and assign it to 'passwordManager' // then... BOOL isSetResult = [passwordManager isPasswordSet:&error]; if (!isSetResult) { // manage error here }else{ // get password and store it in 'userProvidedPassword' string or data. // get EMSecureDataFactory from EzioMobileContext and assign it to 'secureDataFactory' EMSecureString password = [secureDataFactory secureStringWithString:userProvidedPassword]; BOOL result = [passwordManager setPassword:&error]; if (!result) { // manage error here } } - Login. Next, you simply need to login using -loginWithPassword:error: or its asynchronous equivalent -loginWithPassword:completionHandler: to unlock all functionalities represented by the EMPasswordDomain. The EMPasswordManager will remain logged in until -logout: is called.
No Password
- If you wish to use the functionalities represented by the EMPasswordDomain without the use of a password, use -login: or its asynchronous equivalent –loginWithCompletionHandler: to login without using a password. As long as no password was set, you can call -login: without needing to provide a password.
- Usage of the SDK without setting a proper password is strongly discouraged as it introduces a serious security weakness in your application. Note that as long as the -login:, -loginWithPassword:completionHandler:, -removePassword:error: or -removePassword:completionHandler: methods are never used, no security weakness will be introduced even if the password is not yet set.
-
Password domains are protected with passwords and reside in the
Documentsdirectory of an your application container. Be very careful when managing local files as this will have severe impact on the SDK’s operations such as when those files generated by the SDK are accidentally deleted usingNSFileManager. - Tasks can take considerable amount of time and may potentially block the UI if executed on the main thread.
See
EMEzioMobileContext, EMPasswordDomain
Since
3.0
-
Sets the global password.
It actually creates the password for password ID which was initially created without the password.
Since
3.0
Declaration
Objective-C
- (BOOL)setPassword:(id<EMSecureString>)aPassword error:(NSError **)anError;Swift
func setPassword(_ aPassword: (any EMSecureString)!) throwsParameters
aPasswordThe global password value to set.
anErrorIf an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in
NULL.Return Value
YESif password was set,NOotherwise. -
Checks if the global password is set.
Since
3.0
Declaration
Objective-C
- (BOOL)isPasswordSet:(NSError **)anError;Parameters
anErrorIf an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in
NULL.Return Value
YESif password was created,NOotherwise. -
Checks if the global password is set.
Since
4.7.1
Declaration
Objective-C
- (BOOL)isPasswordSet;Swift
func isPasswordSet() -> BoolReturn Value
YESif password was created,NOotherwise. -
Changes the global password.
Since
3.0
Declaration
Objective-C
- (BOOL)changePassword:(id<EMSecureString>)anOldPassword newPassword:(id<EMSecureString>)aNewPassword error:(NSError **)anError;Swift
func changePassword(_ anOldPassword: (any EMSecureString)!, newPassword aNewPassword: (any EMSecureString)!) throwsParameters
anOldPasswordThe old password to be verified to grant the password change.
aNewPasswordThe new password to be applied.
anErrorIf an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in
NULL.Return Value
YESif password was changed,NOotherwise. -
Removes the password. This means that it is now possible to login to the password manager with no password.
After clearing the password, the resource which was originally protected by password will become accessible w/o any protection.
Since
3.0
Declaration
Objective-C
- (BOOL)removePassword:(id<EMSecureString>)anOldPassword error:(NSError **)anError;Swift
func removePassword(_ anOldPassword: (any EMSecureString)!) throwsParameters
anOldPasswordThe old password to be verified to grant the password change.
anErrorIf an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in
NULL.Return Value
YESif password was cleared,NOotherwise. -
Checks if the global password is logged in.
Since
3.0
Declaration
Objective-C
- (BOOL)isLoggedIn:(NSError **)anError;Parameters
anErrorIf an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in
NULL.Return Value
YESif logged in,NOotherwise. -
Checks if the global password is logged in.
Since
4.7.1
Declaration
Objective-C
- (BOOL)isLoggedIn;Swift
func isLoggedIn() -> BoolReturn Value
YESif logged in,NOotherwise. -
Logs in with the global password ID in order to allow the secure accesses related to all password domain(s).
Since
3.0
Declaration
Objective-C
- (BOOL)loginWithPassword:(id<EMSecureString>)aPassword error:(NSError **)anError;Swift
func login(withPassword aPassword: (any EMSecureString)!) throwsParameters
aPasswordThe previously set password.
anErrorIf an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in
NULL.Return Value
YESif password was entered,NOotherwise. -
Logs out/wipes the global password.
No more secured accesses will be granted.
Since
3.0
Declaration
Objective-C
- (BOOL)logout:(NSError **)anError;Swift
func logout() throwsParameters
anErrorIf an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in
NULL.Return Value
YESif the specified password has been logged out,NOotherwise. -
Lets the password manager clearly know that the entire system should NOT be password protected at all. Synchronous variant.
If password protection is false, do not call any other from this class.
Warning
This method blocks the calling thread for a significant amount of time (up-to one second).
Since
3.0
Declaration
Objective-C
- (BOOL)login:(NSError **)anError;Swift
func login() throwsParameters
anErrorIf an error occurs, upon return contains an NSError object that describes the problem. If you are not interested in possible errors, you may pass in
NULL.Return Value
The result of the operation.
EMPasswordManager Protocol Reference