Package apple.security.enums

Class SecAccessControlCreateFlags

  • public final class SecAccessControlCreateFlags
extends java.lang.Object
    [@typedef] SecAccessControlCreateFlags [@constant] kSecAccessControlUserPresence User presence policy using biometry or Passcode. Biometry does not have to be available or enrolled. Item is still accessible by Touch ID even if fingers are added or removed. Item is still accessible by Face ID if user is re-enrolled. [@constant] kSecAccessControlBiometryAny Constraint: Touch ID (any finger) or Face ID. Touch ID or Face ID must be available. With Touch ID at least one finger must be enrolled. With Face ID user has to be enrolled. Item is still accessible by Touch ID even if fingers are added or removed. Item is still accessible by Face ID if user is re-enrolled. [@constant] kSecAccessControlTouchIDAny Deprecated, please use kSecAccessControlBiometryAny instead. [@constant] kSecAccessControlBiometryCurrentSet Constraint: Touch ID from the set of currently enrolled fingers. Touch ID must be available and at least one finger must be enrolled. When fingers are added or removed, the item is invalidated. When Face ID is re-enrolled this item is invalidated. [@constant] kSecAccessControlTouchIDCurrentSet Deprecated, please use kSecAccessControlBiometryCurrentSet instead. [@constant] kSecAccessControlDevicePasscode Constraint: Device passcode [@constant] kSecAccessControlWatch Constraint: Watch [@constant] kSecAccessControlOr Constraint logic operation: when using more than one constraint, at least one of them must be satisfied. [@constant] kSecAccessControlAnd Constraint logic operation: when using more than one constraint, all must be satisfied. [@constant] kSecAccessControlPrivateKeyUsage Create access control for private key operations (i.e. sign operation) [@constant] kSecAccessControlApplicationPassword Security: Application provided password for data encryption key generation. This is not a constraint but additional item encryption mechanism.