Platforms to show: All Mac Windows Linux Cross-Platform

Back to KeychainManagerMBS module.

Previous items

KeychainManagerMBS.kSecUseAuthenticationContext as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 18.5 ✅ Yes ❌ No ❌ No ✅ Yes All
Specifies a dictionary key whose value is LAContextMBS to be used for keychain item authentication.

As LAContext is 64-bit only for Mac, this will do nothing in 32-bit.

  • If the item requires authentication and this key is omitted, a new context will be created just for the purpose of the single call.
  • If the specified context has been previously authenticated, the operation will succeed without asking user for authentication.
  • If the specified context has not been previously authenticated, the new authentication will be started on this context, allowing caller to eventually reuse the sucessfully authenticated context in subsequent keychain operations.

KeychainManagerMBS.kSecUseAuthenticationUI as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 18.5 ✅ Yes ❌ No ❌ No ✅ Yes All
Specifies a dictionary key whose value to define whether UI is allowed.

Value can be one of kSecUseAuthenticationUIAllow, kSecUseAuthenticationUIFail, kSecUseAuthenticationUISkip.

KeychainManagerMBS.kSecUseAuthenticationUIAllow as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 18.5 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecUseAuthenticationUI to allow user interface.

KeychainManagerMBS.kSecUseAuthenticationUIFail as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 18.5 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecUseAuthenticationUI to disallow user interface and fail.

KeychainManagerMBS.kSecUseAuthenticationUISkip as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 18.5 ✅ Yes ❌ No ❌ No ✅ Yes All
One of the values for kSecUseAuthenticationUI to disallow user interface and skip.

KeychainManagerMBS.kSecUseItemList as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Key used to specify a list of items to search or add.

Item list key.
The corresponding value is of type CFArrayRef, where the array contains either KeychainItemMBS, SecKeyRef, SecCertificateRef, SecIdentityRef, or (for persistent item references) Memoryblock items. If provided, this array is treated as the set of all possible items to search (or to add if the function being called is AddItem). The items in the array must all be of the same type.
Available in OS X v10.6 and later.

KeychainManagerMBS.kSecUseKeychain as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Key used to specify a list of items to search or add.

Keychain reference key.
Specifies a SecKeychainRef object that references the keychain to which AddItem should add the provided items.
Available in OS X v10.7 and later.

KeychainManagerMBS.kSecUseNoAuthenticationUI as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 18.5 ✅ Yes ❌ No ❌ No ✅ Yes All
Whether to show authentication user interface.

OS X only. Specifies a dictionary key whose value is a boolean. If provided with a value of true, the error errSecInteractionNotAllowed will be returned if the item is attempting to authenticate with UI.
Available in macOS 10.10 or newer and deprecated in 10.11 in favor of kSecUseAuthenticationUI.

KeychainManagerMBS.kSecUseOperationPrompt as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 18.5 ✅ Yes ❌ No ❌ No ✅ Yes All
Specifies a dictionary key whose value is a string that represents a user-visible string describing the operation for which the application is attempting to authenticate.

The application is responsible for the text localization.

KeychainManagerMBS.kSecValueData as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Keys used in the results dictionary for CopyMatching or Additem, indicating the type of values returned.

Data attribute key. A persistent reference to a credential can be stored on disk for later use or passed to other processes.
The corresponding value is of type memoryblock. For keys and password items, the data is secret (encrypted) and may require the user to enter a password for access.
Available in OS X v10.6 and later.
You can specify zero or more of these types depending on the function you are calling.

Some examples using this method:

KeychainManagerMBS.kSecValuePersistentRef as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Keys used in the results dictionary for CopyMatching or Additem, indicating the type of values returned.

Persistent reference attribute key.
The corresponding value is of type CFDataRef. The bytes in this memoryblock can be stored by the caller and used on a subsequent invocation of the application (or even a different application) to retrieve the item referenced by it.
Available in OS X v10.6 and later.
You can specify zero or more of these types depending on the function you are calling.

KeychainManagerMBS.kSecValueRef as string

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Keys used in the results dictionary for CopyMatching or Additem, indicating the type of values returned.

Reference attribute key.
The corresponding value, depending on the item class requested, is of type KeychainItemMBS, SecKeyRef, SecCertificateRef, or SecIdentityRef.
Available in OS X v10.6 and later.
You can specify zero or more of these types depending on the function you are calling.

KeychainManagerMBS.LockAll

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Locks all keychains belonging to the current user.

Your application should not call this function unless you are responding to a user's request to lock a keychain. In general, you should leave the keychain unlocked so that the user does not have to unlock it again in another application.
Lasterror is set.

KeychainManagerMBS.Open(file as folderitem) as KeychainMBS

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Opens a keychain.
Example
dim file as FolderItem = SpecialFolder.Desktop.Child("test.keychain")
dim k as KeychainMBS = KeychainManagerMBS.Open(file)

MsgBox k.Name

You may use this function to retrieve a pointer to a keychain object given the path of the keychain. You do not need to close the keychain, but you should release the memory that the pointer occupies when you are finished with it.
Lasterror is set.

See also:

KeychainManagerMBS.Open(path as string) as KeychainMBS

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Opens a keychain.
Example
dim file as FolderItem = SpecialFolder.Desktop.Child("test.keychain")
dim k as KeychainMBS = KeychainManagerMBS.Open(file.NativePath)

MsgBox k.Name

You may use this function to retrieve a pointer to a keychain object given the path of the keychain. You do not need to close the keychain, but you should release the memory that the pointer occupies when you are finished with it.
Lasterror is set.

See also:

KeychainManagerMBS.PreferenceDomain as Integer

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Gets or sets the current keychain preference domain.
Example
dim n as Integer = KeychainManagerMBS.PreferenceDomain
Select case n
case KeychainManagerMBS.kSecPreferencesDomainCommon
MsgBox "common"
case KeychainManagerMBS.kSecPreferencesDomainDynamic
MsgBox "dynamic"
case KeychainManagerMBS.kSecPreferencesDomainSystem
MsgBox "system"
case KeychainManagerMBS.kSecPreferencesDomainUser
MsgBox "user"
else
MsgBox "unknown"
end Select

A preference domain is a set of security-related preferences, such as the default keychain and the current keychain search list. The default preference domain for system daemons (that is, for daemons running in the root session) is the system domain. The default preference domain for all other programs is the user domain. Use the PreferenceDomain function to change the preference domain.

This function changes the preference domain for all subsequent function calls; for example, if you change from the system domain to the user domain and then call Lock specifying nil for the keychain, the function locks the default system keychain rather than the default user keychain. You might want to use this function, for example, when launching a system daemon from a user session so that the daemon uses system preferences rather than user
(Read and Write computed property)

KeychainManagerMBS.SearchCreateFromAttributes(keychain as KeychainMBS, itemClass as string, AttributeKeys() as string, AttributeValues() as string) as KeychainSearchMBS

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Creates a search object matching a list of zero or more attributes.
Example
dim AttributeKeys() as string
dim AttributeValues() as string
dim keychain as KeychainMBS = nil // default

dim search as KeychainSearchMBS = KeychainManagerMBS.SearchCreateFromAttributes(keychain, "genp", AttributeKeys, AttributeValues)
dim items() as KeychainItemMBS

dim item as KeychainItemMBS = search.NextItem
while item<>Nil
items.Append item
item = search.NextItem
wend

MsgBox str(UBound(items)+1)+" items found."

keychains: An array of keychains to search, a single keychain, or nil to search the user's current keychain search list. Use the function SearchList to retrieve the user's default search list.
itemClass: The keychain item class. See "Keychain Item Class Constants" for valid constants.
AttributeKeys: List of zero or more keychain attribute keys to match.
AttributeValues: List of zero or more keychain attribute values to match.

Returns the current search object.
Lasterror is set.

Each item stored in the keychain contains data (such as a certificate), which is indexed by the item's attributes. You look up an item in a keychain by its attributes. If you find a match, you can then retrieve the item's data. Use the search object created by this function as input to the SecKeychainSearchCopyNext function to find a a keychain item.

To find and obtain data from a password keychain item, use the FindInternetPassword or FindGenericPassword function.

See also:

KeychainManagerMBS.SearchCreateFromAttributes(keychains() as KeychainMBS, itemClass as string, AttributeKeys() as string, AttributeValues() as string) as KeychainSearchMBS

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Creates a search object matching a list of zero or more attributes.
Example
dim AttributeKeys() as string
dim AttributeValues() as string

dim keychains() as KeychainMBS

AttributeKeys.Append KeychainManagerMBS.kSecAttrAccount
AttributeValues.Append "myusername"
keychains = KeychainManagerMBS.DomainSearchList(KeychainManagerMBS.kSecPreferencesDomainUser)

dim search as KeychainSearchMBS = KeychainManagerMBS.SearchCreateFromAttributes(keychains, "genp", AttributeKeys, AttributeValues)
dim items() as KeychainItemMBS

dim item as KeychainItemMBS = search.NextItem
while item<>Nil
items.Append item
item = search.NextItem
wend

MsgBox str(UBound(items)+1)+" items found."

keychains: An array of keychains to search, a single keychain, or nil to search the user's current keychain search list. Use the function SearchList to retrieve the user's default search list.
itemClass: The keychain item class. See "Keychain Item Class Constants" for valid constants.
AttributeKeys: List of zero or more keychain attribute keys to match.
AttributeValues: List of zero or more keychain attribute values to match.

Returns the current search object.
Lasterror is set.

Each item stored in the keychain contains data (such as a certificate), which is indexed by the item's attributes. You look up an item in a keychain by its attributes. If you find a match, you can then retrieve the item's data. Use the search object created by this function as input to the SecKeychainSearchCopyNext function to find a a keychain item.

To find and obtain data from a password keychain item, use the FindInternetPassword or FindGenericPassword function.

See also:

KeychainManagerMBS.SearchList as KeychainMBS()

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Retrieves a keychain search list.
Example
dim SearchList() as KeychainMBS = KeychainManagerMBS.SearchList
dim names() as String

for each k as KeychainMBS in SearchList
names.Append k.Name
next

MsgBox Join(names, EndOfLine)

Returns keychain search list.
Lasterror is set.

KeychainManagerMBS.SetDomainDefault(domain as Integer, keychain as KeychainMBS)

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Sets the default keychain for a specified preference domain.

domain: The preference domain for which you wish to set the default keychain.
keychain: A reference to the keychain you wish to set as default in the specified preference domain.

Lasterror is set.
A preference domain is a set of security-related preferences, such as the default keychain and the current keychain search list. Use this function if you want to set the default keychain for a specific preference domain. Use the SetDefault function if you want to set the default keychain for the current preference domain. See the PreferenceDomain function for a discussion of current and default preference domains.

KeychainManagerMBS.SetDomainSearchList(domain as Integer, list() as KeychainMBS)

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Sets the keychain search list for a specified preference domain.

domain: The preference domain for which you wish to set the default keychain search list. See "Keychain Preference Domain Constants"for possible domain values.
searchList: A keychain search list to set in the preference domain.

Lasterror is set.
A preference domain is a set of security-related preferences, such as the default keychain and the current keychain search list. Use this function if you want to set the keychain search list for a specific preference domain. Use the SetSearchList function if you want to set the keychain search list for the current preference domain. See the PreferenceDomain function for a discussion of current and default preference domains.

KeychainManagerMBS.SetSearchList(list() as KeychainMBS)

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Specifies the list of keychains to use in the default keychain search list.

searchList: An array of keychain references specifying the list of keychains to use in the default keychain search list. Passing an empty array clears the search list.

Lasterror is set.
The default keychain search list is used by several functions; see for example SearchCreateFromAttributes, FindInternetPassword, or FindGenericPassword. To obtain the current default keychain search list, use the SearchList function.

The default keychain search list is displayed as the keychain list in the Keychain Access utility. If you use SetSearchList to change the keychain search list, the list displayed in Keychain Access changes accordingly.

KeychainManagerMBS.UpdateItem(Query as Dictionary, attributesToUpdate as dictionary) as boolean

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ✅ Yes All
Modifies items that match a search query.
Example
// build query
dim query as new Dictionary

dim ServiceName as string = "mytest"
dim Username as string = "myusername"

query.value( KeychainManagerMBS.kSecAttrAccount ) = Username
query.value( KeychainManagerMBS.kSecAttrService ) = ServiceName
query.value( KeychainManagerMBS.kSecClass ) = KeychainManagerMBS.kSecClassGenericPassword

// Build Dictionary with new values
dim newValues as new Dictionary
newValues.value( KeychainManagerMBS.kSecAttrComment ) = "Just a test"

// and update
if KeychainManagerMBS.UpdateItem(query, newValues) then
MsgBox "OK"
else
MsgBox "Failed."
end if

query: A dictionary containing an item class specification and optional attributes for controlling the search. Specify the items whose values you wish to change. See "Search Keys" for a description of currently defined search attributes.
attributesToUpdate: A dictionary containing the attributes whose values should be changed, along with the new values. Only real keychain attributes are permitted in this dictionary (no "meta" attributes are allowed.) See "Attribute Item Keys and Values" for a description of currently defined value attributes.

Lasterror is set.
See the discussion section of the CopyMatching function for information about how to construct a search dictionary.

Available in OS X v10.6 and later.

Some examples using this method:

KeychainManagerMBS.UserInteractionAllowed as boolean

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Indicates whether Keychain Services functions that normally display a user interaction are allowed to do so.
Example
MsgBox str(KeychainManagerMBS.UserInteractionAllowed)
KeychainManagerMBS.UserInteractionAllowed = false
MsgBox str(KeychainManagerMBS.UserInteractionAllowed)

Lasterror is set.
A Boolean value indicating whether user interaction is permitted. If true, user interaction is allowed, and Keychain Services functions that display a user interface can do so as appropriate.
(Read and Write computed property)

Some examples using this method:

KeychainManagerMBS.Version as Integer

Type Topic Plugin Version macOS Windows Linux iOS Targets
method Keychain MBS MacClassic Plugin 13.1 ✅ Yes ❌ No ❌ No ❌ No Desktop, Console & Web
Determines the version of Keychain Services installed on the user's system.
Example
MsgBox str(KeychainManagerMBS.Version)

Your application can call the Version function to find out which version of Keychain Services is installed on the user's system.
Lasterror is set.

Previous items

The items on this page are in the following plugins: MBS MacClassic Plugin.


The biggest plugin in space...