biometric_storage icon indicating copy to clipboard operation
biometric_storage copied to clipboard

Published 20 hours ago verified publisher icon authpass

Clear keys on macOS

Open zeroflaw opened this issue 3 years ago • 5 comments

How do I see all the keys my app has created in macOS? I've looked in the "Keychain Access" but I can't see anything obvious that has been created.

Unlike android where you can clear the cache/delete the app, on macOS I have yet to find a way to reset everything.

Thanks in advance

zeroflaw avatar Oct 20 '21 16:10 zeroflaw

I don't think there is a UI for this 🤔 For quick unlock you can go to the preferences in authpass and select "clear biometric storage". For all other data you would have to manually delete the data directory. This is located in the sandbox of the app. You should find the path to the sandbox in the about dialog where it displays the path to the log file, which should be in a similar directory 🤔

hpoul avatar Oct 20 '21 17:10 hpoul

So I spent a few hours searching, and i'm not sure how I missed it the first time. They are in the Keychain Access app. They are in the "login" keychain under Category "Passwords". I guess the reason I didn't see them before is because they are all saved under the name flutter_biometric_storage. Which isn't they most helpful name, and if multiple apps use this same bundle, its going to get confusing fast.

https://github.com/authpass/biometric_storage/blob/d4441fbe786eba9ee879e7276ba00adfaa69c86e/macos/Classes/BiometricStorageImpl.swift#L54

Any chance we could change the above to be the app.bundle.id using

kSecAttrService as String: Bundle.main.bundleIdentifier

I tested it locally and it added my keys under my own app.bundle.id. I'll create pull request shortly.

Thanks zeroflaw

zeroflaw avatar Oct 20 '21 21:10 zeroflaw

Pull request for this issue: https://github.com/authpass/biometric_storage/pull/44

zeroflaw avatar Oct 20 '21 21:10 zeroflaw

(ok I somehow confused repositories.. I though this was authpass/authpass, sorry 😅) .. but there is an API for clearing the secure storage..

hpoul avatar Oct 21 '21 06:10 hpoul

So I spent a few hours searching, and i'm not sure how I missed it the first time. They are in the Keychain Access app. They are in the "login" keychain under Category "Passwords". I guess the reason I didn't see them before is because they are all saved under the name flutter_biometric_storage. Which isn't they most helpful name, and if multiple apps use this same bundle, its going to get confusing fast.

https://github.com/authpass/biometric_storage/blob/d4441fbe786eba9ee879e7276ba00adfaa69c86e/macos/Classes/BiometricStorageImpl.swift#L54

Any chance we could change the above to be the app.bundle.id using

kSecAttrService as String: Bundle.main.bundleIdentifier

I tested it locally and it added my keys under my own app.bundle.id. I'll create pull request shortly.

Thanks zeroflaw

Does this mean that one app can also overwrite another app's entry? Or entries -- does it make an entry per key/value under "flutter_biometric_storage? Haven't used this just yet, currently researching different options for encrypted desktop keys.

edit: if so, I guess you could prefix all of your keys with an identifier related to your program for now, right?

merrycachemiss avatar Dec 30 '21 20:12 merrycachemiss