Platforms to show: All Mac Windows Linux Cross-Platform

Back to KeychainManagerMBS module.

Previous items Next items

KeychainManagerMBS.FindInternetPassword(keychain as KeychainMBS, serverName as string, securityDomain as string, accountName as string, path as string, port as Integer, protocol as string, authenticationType as string, byref password as memoryblock) as KeychainItemMBS

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Finds the first Internet password based on the attributes passed.

keychain: A single keychain or nil to search the user's default keychain search list.
serverName: The server name.
securityDomain: The security domain. This parameter is optional, as not all protocols require it. Pass "" if it is not required.
accountName: The account name.
path: The string representing the path.
port: The TCP/IP port number. Pass 0 to ignore the port number.
protocol: The protocol associated with this password. See Keychain Protocol Type Constants for a description of possible values.
authenticationType: The authentication scheme used. See Keychain Authentication Type Constants for a description of possible values. Pass the constant kSecAuthenticationTypeDefault, to specify the default authentication scheme.
password: On return, a memoryblock containing the password data.

Returns the item object of the Internet password.
Lasterror is set.

This function finds the first Internet password item that matches the attributes you provide. This function optionally returns a reference to the found item.

This function decrypts the password before returning it to you. If the calling application is not in the list of trusted applications, the user is prompted before access is allowed. If the access controls for this item do not allow decryption, the function returns the errSecAuthFailed result code.

This function automatically calls the function Unlock to display the Unlock Keychain dialog box if the keychain is currently locked.
Available in OS X v10.2 and later.

KeychainManagerMBS.GetPassword(Query as dictionary, byref result as Memoryblock) as boolean

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Returns one keychain item that match a search query.
Example
// build query
dim query as new Dictionary

dim ServiceName as string = "mytest"
dim Username as string = "myusername"

query.value( KeychainManagerMBS.kSecAttrAccount ) = Username
query.value( KeychainManagerMBS.kSecAttrService ) = ServiceName
query.value( KeychainManagerMBS.kSecClass ) = KeychainManagerMBS.kSecClassGenericPassword

// query password
dim passwordData as MemoryBlock
if KeychainManagerMBS.GetPassword(query, passwordData) then
// and show it
dim password as string = DefineEncoding(passwordData, Encodings.utf8)
MsgBox "OK: "+password
else
MsgBox "Failed."
end if

This is a variant of CopyMatching which uses kSecReturnData to query the data of one keychain item.
Returns password of first item found in result parameter. If you expect text, be sure to use DefineEncoding to define as encodings.UTF8.

Item Class Key Constant

KeychainManagerMBS.kSecClassCertificate as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values used with the kSecClass key in a search dictionary.

Certificate item.
The following attribute types ("Attribute Item Keys and Values") can be used with an item of this type:

kSecAttrAccessible
kSecAttrAccessGroup
kSecAttrCertificateType
kSecAttrCertificateEncoding
kSecAttrLabel
kSecAttrSubject
kSecAttrIssuer
kSecAttrSerialNumber
kSecAttrSubjectKeyID
kSecAttrPublicKeyHash

Available in OS X v10.7 and later.

KeychainManagerMBS.kSecClassGenericPassword as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values used with the kSecClass key in a search dictionary.

Generic password item.

The following attribute types ("Attribute Item Keys and Values") can be used with an item of this type:

kSecAttrAccessible
kSecAttrAccessGroup
kSecAttrCreationDate
kSecAttrModificationDate
kSecAttrDescription
kSecAttrComment
kSecAttrCreator
kSecAttrType
kSecAttrLabel
kSecAttrIsInvisible
kSecAttrIsNegative
kSecAttrAccount
kSecAttrService
kSecAttrGeneric

Available in OS X v10.7 and later.

Some examples using this method:

KeychainManagerMBS.kSecClassIdentity as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values used with the kSecClass key in a search dictionary.

Identity item.

An identity is a certificate together with its associated private key. Because an identity is the combination of a private key and a certificate, this class shares attributes of both kSecClassKey and kSecClassCertificate.

Available in OS X v10.7 and later.

KeychainManagerMBS.kSecClassInternetPassword as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values used with the kSecClass key in a search dictionary.

Internet password item.
The following attribute types ("Attribute Item Keys and Values") can be used with an item of this type:

kSecAttrAccessible
kSecAttrAccessGroup
kSecAttrCreationDate
kSecAttrModificationDate
kSecAttrDescription
kSecAttrComment
kSecAttrCreator
kSecAttrType
kSecAttrLabel
kSecAttrIsInvisible
kSecAttrIsNegative
kSecAttrAccount
kSecAttrSecurityDomain
kSecAttrServer
kSecAttrProtocol
kSecAttrAuthenticationType
kSecAttrPort
kSecAttrPath

Available in OS X v10.6 and later.

Some examples using this method:

KeychainManagerMBS.kSecClassKey as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values used with the kSecClass key in a search dictionary.

Cryptographic key item.
The following attribute types ("Attribute Item Keys and Values") can be used with an item of this type:

kSecAttrAccessible
kSecAttrAccessGroup
kSecAttrKeyClass
kSecAttrLabel
kSecAttrApplicationLabel
kSecAttrIsPermanent
kSecAttrApplicationTag
kSecAttrKeyType
kSecAttrKeySizeInBits
kSecAttrEffectiveKeySize
kSecAttrCanEncrypt
kSecAttrCanDecrypt
kSecAttrCanDerive
kSecAttrCanSign
kSecAttrCanVerify
kSecAttrCanWrap
kSecAttrCanUnwrap

Available in OS X v10.7 and later.

KeychainManagerMBS.ItemFromPersistentReference(data as memoryblock) as KeychainItemMBS

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Provides a keychain item reference, given a persistent reference.

Returns a keychain item reference for the item for which you provided a persistent reference.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrAccess as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

A SecAccessRef object describing the access control settings for this item.
Available in OS X v10.7 and later.

KeychainManagerMBS.kSecAttrAccessControl as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
Specifies a dictionary key whose value is KeychainAccessControlMBS instance which contains access control conditions for item.

Available on Mac OS X 10.10 and newer.
IMPORTANT: This attribute is mutually exclusive with kSecAttrAccess attribute.

See KeychainAccessControlMBS class.

Some examples using this method:

KeychainManagerMBS.kSecAttrAccessGroup as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
Specifies a dictionary key whose value is a CFStringRef indicating which access group a item is in.

Available on Mac OS X 10.9 and newer.
The access groups that a particular application has membership in are determined by two entitlements for that application. The application-identifier entitlement contains the application's single access group, unless there is a keychain-access-groups entitlement present. The latter has as its value a list of access groups; the first item in this list is the default access group. Unless a specific access group is provided as the value of kSecAttrAccessGroup when SecItemAdd is called, new items are created in the application's default access group. Specifying this attribute in SecItemCopyMatching, SecItemUpdate, or SecItemDelete calls limits the search to the specified access group (of which the calling application must be a member to obtain matching results.) To share keychain items between multiple applications, each application must have a common group listed in its keychain-access-groups entitlement, and each must specify this shared access group name as the value for the kSecAttrAccessGroup key in the dictionary passed to SecItem functions.

For iOS please define a keychain access group in Xojo build settings. Then prefix it with your developer ID as you can see it in the generated entitlement file inside your app. Pass the prefixed string to our functions with kSecAttrAccessGroup key.

Some examples using this method:

KeychainManagerMBS.kSecAttrAccessible as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
Specifies a dictionary key whose value indicates when your application needs access to an item's data.

You should choose the most restrictive option that meets your application's needs to allow the system to protect that item in the best way possible. See the kSecAttrAccessible* methods for a list of values which can be specified.

IMPORTANT: This attribute is currently not supported for OS X keychain items, unless the kSecAttrSynchronizable attribute is also present. If both attributes are specified on either OS X or iOS, the value for the kSecAttrAccessible key may only be one whose name does not end with "ThisDeviceOnly", as those cannot sync to another device.

Some examples using this method:

KeychainManagerMBS.kSecAttrAccessibleAfterFirstUnlock as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecAttrAccessible key.

Item data can only be accessed once the device has been unlocked after a restart. This is recommended for items that need to be accesible by background applications. Items with this attribute will migrate to a new device when using encrypted backups.

KeychainManagerMBS.kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecAttrAccessible key.

Item data can only be accessed once the device has been unlocked after a restart.
This is recommended for items that need to be accessible by background applications. Items with this attribute will never migrate to a new device, so after a backup is restored to a new device these items will be missing.
Available on Mac OS X 10.9 and newer.

KeychainManagerMBS.kSecAttrAccessibleAlways as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecAttrAccessible key.

Item data can always be accessed regardless of the lock state of the device. This is not recommended for anything except system use. Items with this attribute will migrate to a new device when using encrypted backups.
Available on Mac OS X 10.9 and newer.

KeychainManagerMBS.kSecAttrAccessibleAlwaysThisDeviceOnly as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecAttrAccessible key.

Item data can always be accessed regardless of the lock state of the device. This option is not recommended for anything except system use. Items with this attribute will never migrate to a new device, so after a backup is restored to a new device, these items will be missing.
Available on Mac OS X 10.9 and newer.

KeychainManagerMBS.kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecAttrAccessible key.

Item data can only be accessed while the device is unlocked. This is recommended for items that only need to be accessible while the application is in the foreground and requires a passcode to be set on the device. Items with this attribute will never migrate to a new device, so after a backup is restored to a new device, these items will be missing. This attribute will not be available on devices without a passcode. Disabling the device passcode will cause all previously protected items to be deleted.
Available on Mac OS X 10.9 and newer.

KeychainManagerMBS.kSecAttrAccessibleWhenUnlocked as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecAttrAccessible key.

Item data can only be accessed while the device is unlocked. This is recommended for items that only need be accesible while the application is in the foreground. Items with this attribute will migrate to a new device when using encrypted backups.
Available on Mac OS X 10.9 and newer.

KeychainManagerMBS.kSecAttrAccessibleWhenUnlockedThisDeviceOnly as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 15.0 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecAttrAccessible key.

Item data can only be accessed while the device is unlocked. This is recommended for items that only need be accesible while the application is in the foreground. Items with this attribute will never migrate to a new device, so after a backup is restored to a new device, these items will be missing.
Available on Mac OS X 10.9 and newer.

KeychainManagerMBS.kSecAttrAccount as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Account attribute key.
The corresponding value is of type String and contains an account name. Items of class kSecClassGenericPassword and kSecClassInternetPassword have this attribute.
Available in OS X v10.6 and later.

Some examples using this method:

KeychainManagerMBS.kSecAttrApplicationLabel as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Application label attribute key.
The corresponding value is of type String and contains a label for this item. This attribute is different from the kSecAttrLabel attribute, which is intended to be human-readable. This attribute is used to look up a key programmatically; in particular, for keys of class kSecAttrKeyClassPublic and kSecAttrKeyClassPrivate, the value of this attribute is the hash of the public key.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrApplicationTag as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Private tag attribute key.
The corresponding value is of type Memoryblock and contains private tag data.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrAuthenticationType as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Authentication type attribute key.
The corresponding value is of type integer and denotes the authentication scheme for this item (see "Authentication Type Values").
Available in OS X v10.6 and later.

Some examples using this method:

KeychainManagerMBS.kSecAttrAuthenticationTypeDefault as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Values that can be used with the kSecAttrAuthenticationType attribute key.

The default authentication type.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrAuthenticationTypeDPA as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Values that can be used with the kSecAttrAuthenticationType attribute key.

Distributed Password authentication.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrAuthenticationTypeHTMLForm as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Values that can be used with the kSecAttrAuthenticationType attribute key.

HTML form based authentication.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrAuthenticationTypeHTTPBasic as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Values that can be used with the kSecAttrAuthenticationType attribute key.

HTTP Basic authentication.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrAuthenticationTypeHTTPDigest as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Values that can be used with the kSecAttrAuthenticationType attribute key.

HTTP Digest Access authentication.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrAuthenticationTypeMSN as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Values that can be used with the kSecAttrAuthenticationType attribute key.

Microsoft Network default authentication.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrAuthenticationTypeNTLM as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Values that can be used with the kSecAttrAuthenticationType attribute key.

Windows NT LAN Manager authentication.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrAuthenticationTypeRPA as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Values that can be used with the kSecAttrAuthenticationType attribute key.

Remote Password authentication.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCanDecrypt as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Decryption attribute key.
The corresponding value is of type Boolean and indicates whether this cryptographic key can be used to decrypt data.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCanDerive as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Derivation attribute key.
The corresponding value is of type Boolean and indicates whether this cryptographic key can be used to derive another key.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCanEncrypt as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Encryption attribute key.
The corresponding value is of type Boolean and indicates whether this cryptographic key can be used to encrypt data.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCanSign as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Signature attribute key.
The corresponding value is of type Boolean and indicates whether this cryptographic key can be used to create a digital signature.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCanUnwrap as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Unwrap attribute key.
The corresponding value is of type Boolean and indicates whether this cryptographic key can be used to unwrap another key.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCanVerify as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Signature verification attribute key.
The corresponding value is of type Boolean and indicates whether this cryptographic key can be used to verify a digital signature.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCanWrap as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Wrap attribute key.
The corresponding value is of type Boolean and indicates whether this cryptographic key can be used to wrap another key.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCertificateEncoding as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Certificate encoding attribute key.
The corresponding value is of type integer and denotes the certificate encoding (see the CSSM_CERT_ENCODING enumeration in cssmtype.h). Items of class kSecClassCertificate have this attribute. Read only.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCertificateType as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Certificate type attribute key.
The corresponding value is of type integer and denotes the certificate type (see the CSSM_CERT_TYPE enumeration in cssmtype.h). Items of class kSecClassCertificate have this attribute. Read only.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrComment as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Comment attribute key.
The corresponding value is of type string and contains the user-editable comment for this item.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCreationDate as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Creation date key.
The corresponding value is of type date and represents the date the item was created. Read only.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecAttrCreator as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the keychain item attribute keys.

Creator attribute key.
The corresponding value is of type integer and represents the item's creator. This number is the unsigned integer representation of a four-character code (for example, 'aCrt').
Available in OS X v10.6 and later.

Previous items Next items

The items on this page are in the following plugins: MBS MacClassic Plugin.


The biggest plugin in space...