Framework

HID_Approve_SDK_Wallet

Version 6.1.0.45
Containers C HIDApproveDevice C HIDApproveContainer Keys C HIDApproveKey S HIDApproveKeyFilter Key Protection Policies E HIDApprovePolicyType P HIDApproveProtectionPolicy C HIDApproveDevicePolicy C HIDApprovePasswordPolicy C HIDApproveBioPasswordPolicy Key Protection Lock Policies E HIDApproveLockType P HIDApproveLockPolicy C HIDApproveNoLockPolicy C HIDApproveCounterLockPolicy C HIDApproveDelayLockPolicy C HIDApproveSilentLockPolicy Direct Client Signature (DCS) C HIDApproveTransaction OTP C HIDApproveOTPGenerator C HIDApproveOTPAlgorithmParameters OTP - Synchronous (HOTP/TOTP) C HIDApproveSyncOTPGenerator C HIDApproveHOTPAlgorithmParameters C HIDApproveTOTPAlgorithmParameters OTP - Asynchronous (OCRA) C HIDApproveAsyncOTPGenerator C HIDApproveOCRAAlgorithmParameters S HIDApproveOCRASuite E HIDApproveOCRAChallengeType E HIDApproveOCRAAuthMode S HIDApproveOCRAInputAlgorithmParameters Error Handling S HIDApproveLogging S HIDApproveError Structures S HIDApproveParameter

Overview

This is the API documentation for HID Approve SDK for Apple Wallet Extension.

This new framework provides the capability to access provisioned credentials of an shared active container from your primary provisioned application to another application or extension defined within the same app group.

Requirements

The following prerequisite steps are necessary:

  • Both app and extension must be signed with the same Apple Developer Team ID and provisioning profile identity

  • Both app and extension must add the App Groups capability and declare the same App Group identifier

  • Both app and extension must add the Keychain Sharing capability and declare the same Keychain Access Group identifier

  • The primary application must share the active container using the new HID Approve SDK method HIDContainer.shareContainer().

Features

The framework has been optimized for a limited features set available in the full HID Approve SDK.

Specifically the following:

  • Read-only operations

    • Device Information

    • List Containers and Container Properties

    • List Keys and Key Properties

  • Key Protection Policies

    • Device, Password, Biometrics

    • Locking policies None, Counter, Delay, and Silent

  • OTP

    • Synchronous (HOTP/TOTP)

    • Asychnronous (OCRA challenge/response and signature)

  • Direct Client Signature (DCS)

Topics

Containers

class HIDApproveDevice
Parent device object used to query device information and discover any active containers.
class HIDApproveContainer
Encapsulates an active shared service container instance.

Keys

class HIDApproveKey
Key instance.
struct HIDApproveKeyFilter
Represents a filter parameter consisting of an id/value pair.

Key Protection Policies

enum HIDApprovePolicyType
Key Protection Policy Types
protocol HIDApproveProtectionPolicy
A base class for Key Protection Policies
class HIDApproveDevicePolicy
Protection Policy with device derived key protection.
class HIDApprovePasswordPolicy
Protection Policy with password specific constraints.
class HIDApproveBioPasswordPolicy
Protection policy with authentication using either biometrics or password.

Key Protection Lock Policies

enum HIDApproveLockType
protocol HIDApproveLockPolicy
Lock Policy with specific access constraints.
class HIDApproveNoLockPolicy
Credential never locks.
class HIDApproveCounterLockPolicy
The access to the credential will be locked after a configurable number of failed attempts.
class HIDApproveDelayLockPolicy
The access to the credential will be limited by applying an exponential delay for each failed attempt.
class HIDApproveSilentLockPolicy
Credential access is limited by delegating validation and blocking to server-side controls

Direct Client Signature (DCS)

class HIDApproveTransaction
Encapsulates a transaction instance.

OTP

class HIDApproveOTPGenerator
A base class for OTP generators
class HIDApproveOTPAlgorithmParameters
Represents parameters for the OTP algorithm

OTP - Synchronous (HOTP/TOTP)

class HIDApproveSyncOTPGenerator
Extends the OTP generator to support synchronous time or event based generation. (HOTP, TOTP)
class HIDApproveHOTPAlgorithmParameters
Represents parameters ruling a HOTP algorithm (RFC 4226).
class HIDApproveTOTPAlgorithmParameters
Represents parameters ruling a TOTP algorithm (RFC 6238).

OTP - Asynchronous (OCRA)

class HIDApproveAsyncOTPGenerator
OCRA OTP generator to support asynchronous challenge-response generation.
class HIDApproveOCRAAlgorithmParameters
Represents parameters ruling a OCRA algorithm (RFC 6287).
struct HIDApproveOCRASuite
Represents the OCRA suite and associated runtime parameters.
enum HIDApproveOCRAChallengeType
Represents OCRA challenge formats
enum HIDApproveOCRAAuthMode
Represents a supported OCRA authentication mode
struct HIDApproveOCRAInputAlgorithmParameters
Defines the OCRA algorithm parameters for input.

Error Handling

struct HIDApproveLogging
String constants for use with Logging mechanism.
struct HIDApproveError
HID Approve Error Code definitions (NSError.code)

Structures

struct HIDApproveParameter
Represents a parameter consisting of an id/value pair.