Protection Policy with password specific constraints. More...

#import <HIDProtectionPolicy.h>

Inheritance diagram for <HIDPasswordPolicy>:

Instance Methods
(BOOL)	- changePassword:new:error:
	Changes the password bound to the protection policy identified by the protection policyId parameter. New password must respect the defined protection policy restrictions. More...

(int)	- currentAge
	Get current password age since last change. More...

(int)	- getCacheTimeout
	Gets password cache timeout. More...

(BOOL)	- isCacheEnabled
	Gets password cache flag. More...

(BOOL)	- isSequenceAllowed
	Gets password sequence allowed flag. More...

(int)	- maxAge
	Get maximum age for a password. This determines how long (in days) users can keep a password before they have to change it. If 0, indicates that the password never expires. More...

(int)	- maxAlpha
	Get maximum number of alphabetical characters. More...

(int)	- maxHistory
	Get max password history limit. This security setting determines the number of unique new passwords that have to be associated with the the key before an old password can be reused. More...

(int)	- maxLength
	Get maximum password length. More...

(int)	- maxLowerCase
	Get maximum number of lower case letters. More...

(int)	- maxNonAlpha
	Get maximum number of special characters (non alphanumeric). More...

(int)	- maxNumeric
	Get maximum number of numeric characters. More...

(int)	- maxUpperCase
	Get maximum number of upper case letters. More...

(int)	- minAge
	Get minimum age for a password change. This security setting determines the period of time (in days) that a password must be used before the user can change it. It must be less than the maximum password age. If 0, indicates to allow changes immediately. More...

(int)	- minAlpha
	Get minimum number of alphabetical characters. More...

(int)	- minLength
	Get minimum password length. More...

(int)	- minLowerCase
	Get minimum number of lower case letters. More...

(int)	- minNonAlpha
	Get minimum number of special characters (non alphanumeric). More...

(int)	- minNumeric
	Get the minimum number of numeric characters. More...

(int)	- minUpperCase
	Get minimum number of upper case letters. More...

(BOOL)	- verifyPassword:error:
	When password caching is enabled, will verify and cache the password protecting the key for transaction signing. The cache is deleted when cache timeout is reached or cached password is used. More...

Instance Methods inherited from <HIDProtectionPolicy>
(id< HIDLockPolicy >)	- lockPolicy
	Returns the lock policy. More...

(HIDIdentifier *)	- policyId
	Returns the protection policy identifier. More...

(HIDPolicyType)	- policyType
	Returns the protection policy type. More...

Detailed Description

Protection Policy with password specific constraints.

The restrictions may be any or all of the following:

Min and max character length
Min number of uppercase characters
Min number of lowercase characters
Min number of numeric characters
Min number of letter characters
Min number of symbol (non alphanumeric) characters
Max number of uppercase characters
Max number of lowercase characters
Max number of numeric characters
Max number of letter characters
Max number of symbol (non alphanumeric) characters
Min and Max age
Max password history
Allow/prohibit sequential characters

Method Documentation

- (BOOL) changePassword:	(NSString *)	oldPassword
new:	(NSString *)	newPassword
error:	(NSError **)	error

Changes the password bound to the protection policy identified by the protection policyId parameter. New password must respect the defined protection policy restrictions.

Parameters

oldPassword	old key password.
newPassword	new key password.
error	error details. It may be nil.

Possible error codes are:

HIDAuthentication if old key password is incorrect
HIDInternal if unexpected error occurred.
HIDInvalidPassword if new key password is not accepted by protection policy
HIDPasswordNotYetUpdatable if the policy indicates that it is too early to update the password.
HIDInvalidArgument if the given parameters are invalid or required parameters are missing.

Returns: YES if password was successfully changed.

- (int) currentAge

Get current password age since last change.

Returns: the current password age in days.

- (int) getCacheTimeout

Gets password cache timeout.

Returns: the cache timeout in seconds.

- (BOOL) isCacheEnabled

Gets password cache flag.

Returns: whether password cache is enabled.

- (BOOL) isSequenceAllowed

Gets password sequence allowed flag.

Returns: sequence allowed

- (int) maxAge

Get maximum age for a password. This determines how long (in days) users can keep a password before they have to change it. If 0, indicates that the password never expires.

Returns: the maximum password age in days.

- (int) maxAlpha

Get maximum number of alphabetical characters.

Returns: the maximum number of alphabetical characters.

- (int) maxHistory

Get max password history limit. This security setting determines the number of unique new passwords that have to be associated with the the key before an old password can be reused.

Returns: the maximum password history size.

- (int) maxLength

Get maximum password length.

Returns: the maximum password length.

- (int) maxLowerCase

Get maximum number of lower case letters.

Returns: the maximum number of lower case letters.

- (int) maxNonAlpha

Get maximum number of special characters (non alphanumeric).

Returns: the maximum number of special characters.

- (int) maxNumeric

Get maximum number of numeric characters.

Returns: the maximum number of digits.

- (int) maxUpperCase

Get maximum number of upper case letters.

Returns: the maximum number of upper case letters.

- (int) minAge

Get minimum age for a password change. This security setting determines the period of time (in days) that a password must be used before the user can change it. It must be less than the maximum password age. If 0, indicates to allow changes immediately.

Returns: the minimum password age in days.

- (int) minAlpha

Get minimum number of alphabetical characters.

Returns: the minimum number of alphabetical characters.

- (int) minLength

Get minimum password length.

Returns: the minimum password length.

- (int) minLowerCase

Get minimum number of lower case letters.

Returns: the minimum number of lower case letters.

- (int) minNonAlpha

Get minimum number of special characters (non alphanumeric).

Returns: the minimum number of special characters.

- (int) minNumeric

Get the minimum number of numeric characters.

Returns: the minimum number of digits.

- (int) minUpperCase

Get minimum number of upper case letters.

Returns: the minimum number of upper case letters.

- (BOOL) verifyPassword:	(NSString *)	password
error:	(NSError **)	error

When password caching is enabled, will verify and cache the password protecting the key for transaction signing. The cache is deleted when cache timeout is reached or cached password is used.

Parameters

password	the key password.
error	error details. It may be nil.

Possible error codes are:

HIDAuthentication if password is incorrect.
HIDInvalidArgument if the given parameters are invalid or required parameters are missing.

Returns: The key in its primary encoding format, or nil if an error occurred.

See also: - getCacheTimeout; - isCacheEnabled

Instance Methods

Detailed Description

Method Documentation