Deprecate more types

Sources/SpeziSecureStorage/Credentials/CredentialStorage.swift

@@ -96,8 +96,8 @@ public final class CredentialStorage: Module, DefaultInitializable, EnvironmentA
     /// - Parameters:
     ///   - itemTypes: The types of items.
     ///   - accessGroup: The access group associated with the credentials.
-    public func deleteAll(types itemTypes: SecureStorageItemTypes = .all, accessGroup: String? = nil) throws {
-        for kSecClassType in itemTypes.kSecClass {
+    public func deleteAll(types: CredentialTypes, accessGroup: String? = nil) throws {
+        for kSecClassType in types.kSecClasses {
             do {
                 var query: [String: Any] = [kSecClass as String: kSecClassType]
                 // Only append the accessGroup attribute if the `CredentialsStore` is configured to use KeyChain access groups

Sources/SpeziSecureStorage/Credentials/CredentialTypes.swift

@@ -0,0 +1,44 @@
+//
+//  CredentialType.swift
+//  SpeziStorage
+//
+//  Created by Paul Kraft on 21.10.2024.
+//
+
+import CryptoKit
+import Foundation
+
+public struct CredentialTypes: OptionSet {
+    /// Credentials that are created using a server name.
+    ///
+    /// Refers to any credentials that are stored with a server name using ``CredentialStorage``.
+    public static let server = CredentialTypes(rawValue: 1 << 1)
+    /// Credentials that are created without supplying a server name.
+    ///
+    /// Refers to any credentials that are stored without a server name using ``CredentialStorage``.
+    public static let nonServer = CredentialTypes(rawValue: 1 << 2)
+
+    /// Any credentials created with the `CredentialStorage` module.
+    ///
+    /// Refers to any credentials that are created using  ``CredentialStorage``.
+    public static let all: CredentialTypes = [.server, .nonServer]
+
+    var kSecClasses: [CFString] {
+        var kSecClasses: [CFString] = []
+        if self.contains(.server) {
+            kSecClasses.append(kSecClassGenericPassword)
+        }
+        if self.contains(.nonServer) {
+            kSecClasses.append(kSecClassInternetPassword)
+        }
+        return kSecClasses
+    }
+
+    public let rawValue: Int
+
+    public init(rawValue: Int) {
+        self.rawValue = rawValue
+    }
+}
+
+extension CredentialTypes: Sendable {}

Sources/SpeziSecureStorage/Keys/KeyStorage.swift

@@ -113,6 +113,25 @@ public final class KeyStorage: Module, DefaultInitializable, EnvironmentAccessib
         }
     }
 
+    /// Deletes all keys currently stored in the keychain or the secure enclave.
+    public func deleteAll() throws {
+        do {
+            var query: [String: Any] = [kSecClass as String: kSecClassKey]
+
+            // Use Data protection keychain on macOS
+            #if os(macOS)
+            query[kSecUseDataProtectionKeychain as String] = true
+            #endif
+
+            try SecureStorageError.execute(SecItemDelete(query as CFDictionary))
+        } catch SecureStorageError.notFound {
+            // We are fine it no keychain items have been found and therefore non had been deleted.
+            return
+        } catch {
+            print(error)
+        }
+    }
+
     private func keyQuery(forTag tag: String) -> [String: Any] {
         var query: [String: Any] = [
             kSecClass as String: kSecClassKey,

Sources/SpeziSecureStorage/SecureStorage.swift

@@ -165,7 +165,27 @@ public final class SecureStorage: Module, DefaultInitializable, EnvironmentAcces
     ///   - itemTypes: The types of items.
     ///   - accessGroup: The access group associated with the credentials.
     public func deleteAllCredentials(itemTypes: SecureStorageItemTypes = .all, accessGroup: String? = nil) throws {
-        try credentialStorage.deleteAll(types: itemTypes, accessGroup: accessGroup)
+        for kSecClassType in itemTypes.kSecClasses {
+            do {
+                var query: [String: Any] = [kSecClass as String: kSecClassType]
+                // Only append the accessGroup attribute if the `CredentialsStore` is configured to use KeyChain access groups
+                if let accessGroup {
+                    query[kSecAttrAccessGroup as String] = accessGroup
+                }
+
+                // Use Data protection keychain on macOS
+                #if os(macOS)
+                query[kSecUseDataProtectionKeychain as String] = true
+                #endif
+
+                try SecureStorageError.execute(SecItemDelete(query as CFDictionary))
+            } catch SecureStorageError.notFound {
+                // We are fine it no keychain items have been found and therefore non had been deleted.
+                continue
+            } catch {
+                print(error)
+            }
+        }
     }
 
     /// Update existing credentials found in the Keychain.

Sources/SpeziSecureStorage/SecureStorageItemTypes.swift

@@ -10,6 +10,7 @@ import Security
 
 
 /// Types of items that can be stored in the secure storage.
+@available(*, deprecated, message: "Migrate your code to use `CredentialStorage` and `KeyStorage`.")
 public struct SecureStorageItemTypes: OptionSet {
     /// Any keys created with the `SecureStorage` module.
     ///
@@ -34,19 +35,18 @@ public struct SecureStorageItemTypes: OptionSet {
 
     public let rawValue: Int
 
-
-    var kSecClass: [CFString] {
-        var kSecClass: [CFString] = []
+    var kSecClasses: [CFString] {
+        var kSecClasses: [CFString] = []
         if self.contains(.keys) {
-            kSecClass.append(kSecClassKey)
+            kSecClasses.append(kSecClassKey)
         }
         if self.contains(.serverCredentials) {
-            kSecClass.append(kSecClassGenericPassword)
+            kSecClasses.append(kSecClassGenericPassword)
         }
         if self.contains(.nonServerCredentials) {
-            kSecClass.append(kSecClassInternetPassword)
+            kSecClasses.append(kSecClassInternetPassword)
         }
-        return kSecClass
+        return kSecClasses
     }
 
 
@@ -55,5 +55,4 @@ public struct SecureStorageItemTypes: OptionSet {
     }
 }
 
-
 extension SecureStorageItemTypes: Sendable {}