Introduction to the Valet Project
Valet offers a simple and secure way to manage data storage in the Keychain across Apple's ecosystem, including iOS, tvOS, watchOS, and macOS. It’s designed to abstract the complexities of Keychain operations, making secure data storage accessible to developers without requiring in-depth knowledge of how the Keychain works.
Installation
Valet supports multiple installation methods to suit different development environments:
- Swift Package Manager: Easily integrate Valet by adding it as a dependency in your
Package.swift
file. - CocoaPods: Add Valet to your
Podfile
if you prefer managing dependencies with CocoaPods. - Carthage: Include Valet in your
Cartfile
and drag the built framework into your project. - Submodules: For manual integration, add Valet as a submodule in your repo and include it in your project.
Getting Started
To start using Valet, you first need to initialize it with a unique identifier and set its accessibility. Here's a simple initialization example in Swift and Objective-C:
let myValet = Valet.valet(with: Identifier(nonEmpty: "Druidia")!, accessibility: .whenUnlocked)
VALValet *const myValet = [VALValet valetWithIdentifier:@"Druidia" accessibility:VALAccessibilityWhenUnlocked];
Choosing Identifiers and Accessibility
- Identifiers: They act as a namespace for your stored data, allowing multiple Valets to exist independently.
- Accessibility Levels: Decide when your data should be accessible. For instance, use
.whenUnlocked
to secure data that only needs to be accessed when the device is unlocked.
Storing and Retrieving Data
Valet simplifies the storage and retrieval process. Store strings or Data
objects securely:
let username = "Skroob"
try? myValet.setString("12345", forKey: username)
let myLuggageCombination = myValet.string(forKey: username)
NSString *const username = @"Skroob";
[myValet setString:@"12345" forKey:username error:nil];
NSString *const myLuggageCombination = [myValet stringForKey:username error:nil];
Sharing Data Across Apps and Devices
Valet offers options for securely sharing secrets across multiple applications, using either Keychain sharing entitlements or app groups entitlements. Additionally, Valet supports iCloud syncing, allowing data to be accessed across devices linked to the same iCloud account.
Advanced Features
- Secure Enclave: Valet can interface with Secure Enclave, requiring biometric authentication such as Face ID or Touch ID before accessing data.
- Thread Safety: Valet ensures safe concurrent access, protecting data integrity even when used across multiple threads.
- Migration Tools: Easily migrate existing Keychain data to Valet using helper functions designed to streamline the process.
Debugging and Requirements
Valet is designed to succeed in data transactions as long as canAccessKeychain()
returns true. However, certain configurations, like incorrect accessibility levels or missing entitlements, may lead to failures. Valet is compatible with Xcode 16.0+ and requires specific operating system versions, starting from iOS 12 and macOS 10.13.
Conclusion
Valet presents a robust, developer-friendly solution for integrating Keychain security across Apple platforms. By abstracting complex operations into straightforward APIs, Valet empowers developers to focus on creating seamless user experiences without sacrificing security. Whether sharing sensitive data across apps or safeguarding secrets in the Secure Enclave, Valet offers comprehensive tools tailored for every security need.