/* | |
File: KeychainItemWrapper.h | |
Abstract: | |
Objective-C wrapper for accessing a single keychain item. | |
Version: 1.2 - ARCified | |
Disclaimer: IMPORTANT: This Apple software is supplied to you by Apple | |
Inc. ("Apple") in consideration of your agreement to the following | |
terms, and your use, installation, modification or redistribution of | |
this Apple software constitutes acceptance of these terms. If you do | |
not agree with these terms, please do not use, install, modify or | |
redistribute this Apple software. | |
In consideration of your agreement to abide by the following terms, and | |
subject to these terms, Apple grants you a personal, non-exclusive | |
license, under Apple's copyrights in this original Apple software (the | |
"Apple Software"), to use, reproduce, modify and redistribute the Apple | |
Software, with or without modifications, in source and/or binary forms; | |
provided that if you redistribute the Apple Software in its entirety and | |
without modifications, you must retain this notice and the following | |
text and disclaimers in all such redistributions of the Apple Software. | |
Neither the name, trademarks, service marks or logos of Apple Inc. may | |
be used to endorse or promote products derived from the Apple Software | |
without specific prior written permission from Apple. Except as | |
expressly stated in this notice, no other rights or licenses, express or | |
implied, are granted by Apple herein, including but not limited to any | |
patent rights that may be infringed by your derivative works or by other | |
works in which the Apple Software may be incorporated. | |
The Apple Software is provided by Apple on an "AS IS" basis. APPLE | |
MAKES NO WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION | |
THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS | |
FOR A PARTICULAR PURPOSE, REGARDING THE APPLE SOFTWARE OR ITS USE AND | |
OPERATION ALONE OR IN COMBINATION WITH YOUR PRODUCTS. | |
IN NO EVENT SHALL APPLE BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL | |
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
INTERRUPTION) ARISING IN ANY WAY OUT OF THE USE, REPRODUCTION, | |
MODIFICATION AND/OR DISTRIBUTION OF THE APPLE SOFTWARE, HOWEVER CAUSED | |
AND WHETHER UNDER THEORY OF CONTRACT, TORT (INCLUDING NEGLIGENCE), | |
STRICT LIABILITY OR OTHERWISE, EVEN IF APPLE HAS BEEN ADVISED OF THE | |
POSSIBILITY OF SUCH DAMAGE. | |
Copyright (C) 2010 Apple Inc. All Rights Reserved. | |
*/ | |
#import <UIKit/UIKit.h> | |
/* | |
The KeychainItemWrapper class is an abstraction layer for the iPhone Keychain communication. It is merely a | |
simple wrapper to provide a distinct barrier between all the idiosyncracies involved with the Keychain | |
CF/NS container objects. | |
*/ | |
@interface KeychainItemWrapper : NSObject | |
// Designated initializer. | |
- (id)initWithIdentifier: (NSString *)identifier accessGroup:(NSString *)accessGroup; | |
- (void)setObject:(id)inObject forKey:(id)key; | |
- (id)objectForKey:(id)key; | |
// Initializes and resets the default generic keychain item data. | |
- (void)resetKeychainItem; | |
@end |
/* | |
File: KeychainItemWrapper.m | |
Abstract: | |
Objective-C wrapper for accessing a single keychain item. | |
Version: 1.2 - ARCified | |
Disclaimer: IMPORTANT: This Apple software is supplied to you by Apple | |
Inc. ("Apple") in consideration of your agreement to the following | |
terms, and your use, installation, modification or redistribution of | |
this Apple software constitutes acceptance of these terms. If you do | |
not agree with these terms, please do not use, install, modify or | |
redistribute this Apple software. | |
In consideration of your agreement to abide by the following terms, and | |
subject to these terms, Apple grants you a personal, non-exclusive | |
license, under Apple's copyrights in this original Apple software (the | |
"Apple Software"), to use, reproduce, modify and redistribute the Apple | |
Software, with or without modifications, in source and/or binary forms; | |
provided that if you redistribute the Apple Software in its entirety and | |
without modifications, you must retain this notice and the following | |
text and disclaimers in all such redistributions of the Apple Software. | |
Neither the name, trademarks, service marks or logos of Apple Inc. may | |
be used to endorse or promote products derived from the Apple Software | |
without specific prior written permission from Apple. Except as | |
expressly stated in this notice, no other rights or licenses, express or | |
implied, are granted by Apple herein, including but not limited to any | |
patent rights that may be infringed by your derivative works or by other | |
works in which the Apple Software may be incorporated. | |
The Apple Software is provided by Apple on an "AS IS" basis. APPLE | |
MAKES NO WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION | |
THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS | |
FOR A PARTICULAR PURPOSE, REGARDING THE APPLE SOFTWARE OR ITS USE AND | |
OPERATION ALONE OR IN COMBINATION WITH YOUR PRODUCTS. | |
IN NO EVENT SHALL APPLE BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL | |
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
INTERRUPTION) ARISING IN ANY WAY OUT OF THE USE, REPRODUCTION, | |
MODIFICATION AND/OR DISTRIBUTION OF THE APPLE SOFTWARE, HOWEVER CAUSED | |
AND WHETHER UNDER THEORY OF CONTRACT, TORT (INCLUDING NEGLIGENCE), | |
STRICT LIABILITY OR OTHERWISE, EVEN IF APPLE HAS BEEN ADVISED OF THE | |
POSSIBILITY OF SUCH DAMAGE. | |
Copyright (C) 2010 Apple Inc. All Rights Reserved. | |
*/ | |
#define PASSWORD_USES_DATA | |
#import "KeychainItemWrapper.h" | |
#import <Security/Security.h> | |
/* | |
These are the default constants and their respective types, | |
available for the kSecClassGenericPassword Keychain Item class: | |
kSecAttrAccessGroup - CFStringRef | |
kSecAttrCreationDate - CFDateRef | |
kSecAttrModificationDate - CFDateRef | |
kSecAttrDescription - CFStringRef | |
kSecAttrComment - CFStringRef | |
kSecAttrCreator - CFNumberRef | |
kSecAttrType - CFNumberRef | |
kSecAttrLabel - CFStringRef | |
kSecAttrIsInvisible - CFBooleanRef | |
kSecAttrIsNegative - CFBooleanRef | |
kSecAttrAccount - CFStringRef | |
kSecAttrService - CFStringRef | |
kSecAttrGeneric - CFDataRef | |
See the header file Security/SecItem.h for more details. | |
*/ | |
@interface KeychainItemWrapper (PrivateMethods) | |
/* | |
The decision behind the following two methods (secItemFormatToDictionary and dictionaryToSecItemFormat) was | |
to encapsulate the transition between what the detail view controller was expecting (NSString *) and what the | |
Keychain API expects as a validly constructed container class. | |
*/ | |
- (NSMutableDictionary *)secItemFormatToDictionary:(NSDictionary *)dictionaryToConvert; | |
- (NSMutableDictionary *)dictionaryToSecItemFormat:(NSDictionary *)dictionaryToConvert; | |
// Updates the item in the keychain, or adds it if it doesn't exist. | |
- (void)writeToKeychain; | |
@end | |
@implementation KeychainItemWrapper | |
{ | |
NSMutableDictionary *keychainItemData; // The actual keychain item data backing store. | |
NSMutableDictionary *genericPasswordQuery; // A placeholder for the generic keychain item query used to locate the item. | |
} | |
- (id)initWithIdentifier: (NSString *)identifier accessGroup:(NSString *) accessGroup; | |
{ | |
if (self = [super init]) | |
{ | |
// Begin Keychain search setup. The genericPasswordQuery leverages the special user | |
// defined attribute kSecAttrGeneric to distinguish itself between other generic Keychain | |
// items which may be included by the same application. | |
genericPasswordQuery = [[NSMutableDictionary alloc] init]; | |
[genericPasswordQuery setObject:(__bridge id)kSecClassGenericPassword forKey:(__bridge id)kSecClass]; | |
[genericPasswordQuery setObject:identifier forKey:(__bridge id)kSecAttrGeneric]; | |
// The keychain access group attribute determines if this item can be shared | |
// amongst multiple apps whose code signing entitlements contain the same keychain access group. | |
if (accessGroup != nil) | |
{ | |
#if TARGET_IPHONE_SIMULATOR | |
// Ignore the access group if running on the iPhone simulator. | |
// | |
// Apps that are built for the simulator aren't signed, so there's no keychain access group | |
// for the simulator to check. This means that all apps can see all keychain items when run | |
// on the simulator. | |
// | |
// If a SecItem contains an access group attribute, SecItemAdd and SecItemUpdate on the | |
// simulator will return -25243 (errSecNoAccessForItem). | |
#else | |
[genericPasswordQuery setObject:accessGroup forKey:(__bridge id)kSecAttrAccessGroup]; | |
#endif | |
} | |
// Use the proper search constants, return only the attributes of the first match. | |
[genericPasswordQuery setObject:(__bridge id)kSecMatchLimitOne forKey:(__bridge id)kSecMatchLimit]; | |
[genericPasswordQuery setObject:(__bridge id)kCFBooleanTrue forKey:(__bridge id)kSecReturnAttributes]; | |
NSDictionary *tempQuery = [NSDictionary dictionaryWithDictionary:genericPasswordQuery]; | |
CFMutableDictionaryRef outDictionary = NULL; | |
if (!SecItemCopyMatching((__bridge CFDictionaryRef)tempQuery, (CFTypeRef *)&outDictionary) == noErr) | |
{ | |
// Stick these default values into keychain item if nothing found. | |
[self resetKeychainItem]; | |
// Add the generic attribute and the keychain access group. | |
[keychainItemData setObject:identifier forKey:(__bridge id)kSecAttrGeneric]; | |
if (accessGroup != nil) | |
{ | |
#if TARGET_IPHONE_SIMULATOR | |
// Ignore the access group if running on the iPhone simulator. | |
// | |
// Apps that are built for the simulator aren't signed, so there's no keychain access group | |
// for the simulator to check. This means that all apps can see all keychain items when run | |
// on the simulator. | |
// | |
// If a SecItem contains an access group attribute, SecItemAdd and SecItemUpdate on the | |
// simulator will return -25243 (errSecNoAccessForItem). | |
#else | |
[keychainItemData setObject:accessGroup forKey:(__bridge id)kSecAttrAccessGroup]; | |
#endif | |
} | |
} | |
else | |
{ | |
// load the saved data from Keychain. | |
keychainItemData = [self secItemFormatToDictionary:(__bridge NSDictionary *)outDictionary]; | |
} | |
if(outDictionary) CFRelease(outDictionary); | |
} | |
return self; | |
} | |
- (void)setObject:(id)inObject forKey:(id)key | |
{ | |
if (inObject == nil) return; | |
id currentObject = [keychainItemData objectForKey:key]; | |
if (![currentObject isEqual:inObject]) | |
{ | |
[keychainItemData setObject:inObject forKey:key]; | |
[self writeToKeychain]; | |
} | |
} | |
- (id)objectForKey:(id)key | |
{ | |
return [keychainItemData objectForKey:key]; | |
} | |
- (void)resetKeychainItem | |
{ | |
if (!keychainItemData) | |
{ | |
keychainItemData = [[NSMutableDictionary alloc] init]; | |
} | |
else if (keychainItemData) | |
{ | |
NSMutableDictionary *tempDictionary = [self dictionaryToSecItemFormat:keychainItemData]; | |
#ifndef NS_BLOCK_ASSERTIONS | |
OSStatus junk = | |
#endif | |
SecItemDelete((__bridge CFDictionaryRef)tempDictionary); | |
NSAssert( junk == noErr || junk == errSecItemNotFound, @"Problem deleting current dictionary." ); | |
} | |
// Default attributes for keychain item. | |
[keychainItemData setObject:@"" forKey:(__bridge id)kSecAttrAccount]; | |
[keychainItemData setObject:@"" forKey:(__bridge id)kSecAttrLabel]; | |
[keychainItemData setObject:@"" forKey:(__bridge id)kSecAttrDescription]; | |
// Default data for keychain item. | |
#ifndef PASSWORD_USES_DATA | |
[keychainItemData setObject:@"" forKey:(__bridge id)kSecValueData]; | |
#else | |
[keychainItemData setObject:[NSData data] forKey:(__bridge id)kSecValueData]; | |
#endif | |
} | |
- (NSMutableDictionary *)dictionaryToSecItemFormat:(NSDictionary *)dictionaryToConvert | |
{ | |
// The assumption is that this method will be called with a properly populated dictionary | |
// containing all the right key/value pairs for a SecItem. | |
// Create a dictionary to return populated with the attributes and data. | |
NSMutableDictionary *returnDictionary = [NSMutableDictionary dictionaryWithDictionary:dictionaryToConvert]; | |
// Add the Generic Password keychain item class attribute. | |
[returnDictionary setObject:(__bridge id)kSecClassGenericPassword forKey:(__bridge id)kSecClass]; | |
// Convert the NSString to NSData to meet the requirements for the value type kSecValueData. | |
// This is where to store sensitive data that should be encrypted. | |
#ifndef PASSWORD_USES_DATA | |
// orig | |
NSString *passwordString = [dictionaryToConvert objectForKey:(__bridge id)kSecValueData]; | |
[returnDictionary setObject:[passwordString dataUsingEncoding:NSUTF8StringEncoding] forKey:(__bridge id)kSecValueData]; | |
#else | |
// DFH | |
id val = [dictionaryToConvert objectForKey:(__bridge id)kSecValueData]; | |
if([val isKindOfClass:[NSString class]]) { | |
val = [(NSString *)val dataUsingEncoding:NSUTF8StringEncoding]; | |
} | |
[returnDictionary setObject:val forKey:(__bridge id)kSecValueData]; | |
#endif | |
return returnDictionary; | |
} | |
- (NSMutableDictionary *)secItemFormatToDictionary:(NSDictionary *)dictionaryToConvert | |
{ | |
// The assumption is that this method will be called with a properly populated dictionary | |
// containing all the right key/value pairs for the UI element. | |
// Create a dictionary to return populated with the attributes and data. | |
NSMutableDictionary *returnDictionary = [NSMutableDictionary dictionaryWithDictionary:dictionaryToConvert]; | |
// Add the proper search key and class attribute. | |
[returnDictionary setObject:(__bridge id)kCFBooleanTrue forKey:(__bridge id)kSecReturnData]; | |
[returnDictionary setObject:(__bridge id)kSecClassGenericPassword forKey:(__bridge id)kSecClass]; | |
// Acquire the password data from the attributes. | |
CFDataRef passwordData = NULL; | |
if (SecItemCopyMatching((__bridge CFDictionaryRef)returnDictionary, (CFTypeRef *)&passwordData) == noErr) | |
{ | |
// Remove the search, class, and identifier key/value, we don't need them anymore. | |
[returnDictionary removeObjectForKey:(__bridge id)kSecReturnData]; | |
#ifndef PASSWORD_USES_DATA | |
// Add the password to the dictionary, converting from NSData to NSString. | |
NSString *password = [[NSString alloc] initWithBytes:[(__bridge NSData *)passwordData bytes] length:[(__bridge NSData *)passwordData length] | |
encoding:NSUTF8StringEncoding]; | |
#else | |
NSData *password = (__bridge_transfer NSData *)passwordData; | |
passwordData = NULL; | |
#endif | |
[returnDictionary setObject:password forKey:(__bridge id)kSecValueData]; | |
} | |
else | |
{ | |
// Don't do anything if nothing is found. | |
NSAssert(NO, @"Serious error, no matching item found in the keychain.\n"); | |
} | |
if(passwordData) CFRelease(passwordData); | |
return returnDictionary; | |
} | |
- (void)writeToKeychain | |
{ | |
CFDictionaryRef attributes = NULL; | |
NSMutableDictionary *updateItem = nil; | |
OSStatus result; | |
if (SecItemCopyMatching((__bridge CFDictionaryRef)genericPasswordQuery, (CFTypeRef *)&attributes) == noErr) | |
{ | |
// First we need the attributes from the Keychain. | |
updateItem = [NSMutableDictionary dictionaryWithDictionary:(__bridge NSDictionary *)attributes]; | |
// Second we need to add the appropriate search key/values. | |
[updateItem setObject:[genericPasswordQuery objectForKey:(__bridge id)kSecClass] forKey:(__bridge id)kSecClass]; | |
// Lastly, we need to set up the updated attribute list being careful to remove the class. | |
NSMutableDictionary *tempCheck = [self dictionaryToSecItemFormat:keychainItemData]; | |
[tempCheck removeObjectForKey:(__bridge id)kSecClass]; | |
#if TARGET_IPHONE_SIMULATOR | |
// Remove the access group if running on the iPhone simulator. | |
// | |
// Apps that are built for the simulator aren't signed, so there's no keychain access group | |
// for the simulator to check. This means that all apps can see all keychain items when run | |
// on the simulator. | |
// | |
// If a SecItem contains an access group attribute, SecItemAdd and SecItemUpdate on the | |
// simulator will return -25243 (errSecNoAccessForItem). | |
// | |
// The access group attribute will be included in items returned by SecItemCopyMatching, | |
// which is why we need to remove it before updating the item. | |
[tempCheck removeObjectForKey:(__bridge id)kSecAttrAccessGroup]; | |
#endif | |
// An implicit assumption is that you can only update a single item at a time. | |
#ifndef NDEBUG | |
result = | |
#endif | |
SecItemUpdate((__bridge CFDictionaryRef)updateItem, (__bridge CFDictionaryRef)tempCheck); | |
NSAssert( result == noErr, @"Couldn't update the Keychain Item." ); | |
} | |
else | |
{ | |
// No previous item found; add the new one. | |
result = SecItemAdd((__bridge CFDictionaryRef)[self dictionaryToSecItemFormat:keychainItemData], NULL); | |
NSAssert( result == noErr, @"Couldn't add the Keychain Item." ); | |
} | |
if(attributes) CFRelease(attributes); | |
} | |
@end |
This comment has been minimized.
This comment has been minimized.
Well, that code you are having problems with is NOT in the code I posted here. Not sure where you got it, but the above code I posted compiles and works fine in the latest Xcode 4.2. The problem with your line is the "objc_unretainedPointer" function which as I understand it is not public. |
This comment has been minimized.
This comment has been minimized.
Thanks David, for your pointer. This key chain wrapper i converted for ARC by myself. But in latest version of XCode 4.2 it was crashing. Your code is working fine. Difference as bellow- Now my code is also working fine. __bridge internally using objc_unretainedPointer so why we can't directly use it. Do you know any link where i can get public and private API reference. Any ways thanks a lot..... :) |
This comment has been minimized.
This comment has been minimized.
Hey David, When I try to add something to the Keychain like this: KeychainItemWrapper *wrapper = [[KeychainItemWrapper alloc]initWithIdentifier:keyChainIdentifier accessGroup:nil]; I get a the following error As you see I don't use an accessgroup so there shouldn't be any issues with the entitlements.plist Thanks in advance. |
This comment has been minimized.
This comment has been minimized.
I really don't know. After I posted the code I modified it to take a
dictionary instead of a string.
David
|
This comment has been minimized.
This comment has been minimized.
Hi, I found a "solution" just a few minutes ago. But thanks for that quick reply! |
This comment has been minimized.
This comment has been minimized.
Shouldn't if __has_feature(objc_arc)error THIS CODE MUST BE COMPILED WITH ARC ENABLED!endifbe checking if arc ISN'T enabled? |
This comment has been minimized.
This comment has been minimized.
Ooops :-) |
This comment has been minimized.
This comment has been minimized.
Hi David, I'm getting an EXC_BAD_ACCESS at line 244 in the .m:
Any ideas? |
This comment has been minimized.
This comment has been minimized.
Add a NSLog message just before that function call and log both dictionaryToConvert and also returnDictionary. See if they are what you think they should be. This exact code has been working flawlessly for me with ARC for close to 6 months now. |
This comment has been minimized.
This comment has been minimized.
Thanks, to be honest I'm very new to iOS development so it's almost certainly a problem with my code. This is my first time using keychain in any scenario so I wonder if you could point me in the direction of some simple sample code that puts/gets to/from the keychain? |
This comment has been minimized.
This comment has been minimized.
Apple has some sample code - I thought this piece was taken from it. This is not the easiest API to use. I'm 100% sure you can find something if you google around, look on Apple's developer site (at the sample code). I just don't have time right now to go look myself. |
This comment has been minimized.
This comment has been minimized.
IMHO if you can use in line 250 NSString *password = [[NSString alloc] initWithData:(__bridge_transfer NSData *)passwordData encoding:NSUTF8StringEncoding]; and as a result of using "__bridge_transfer" you don't need the release in 259. |
This comment has been minimized.
This comment has been minimized.
What happens then on the "else" - the enclosing if() statement fails? That is why I did it that way. |
This comment has been minimized.
This comment has been minimized.
well the expectation is if ( SecItemCopyMatching( ..., (CFTypeRef *)&passwordData ) == noErr) { Do you know a conditions where you get passwordData and the return value is not noErr? |
This comment has been minimized.
This comment has been minimized.
Hi, great work! While debugging I found something that I can't explain though: When I do NSLog(@"account = %@", [keyChain objectForKey:(__bridge id)kSecAttrAccount]); the password gets printed. But when I pass exactly the same reference to a textfield (i.e. _userNameTextField.text = ...) it displays the user name. You know what ... I'm an idiot, I switched the symbol names on the username and password field :( |
This comment has been minimized.
This comment has been minimized.
Thank you for providing this source code to others. |
This comment has been minimized.
This comment has been minimized.
It was very kind of you to just post a thank you - trust me, its quite rare! Good luck with it! |
This comment has been minimized.
This comment has been minimized.
Thanks for this. Wouldn't it be possible to use Apple's non-ARC code and just turn off ARC for the Apple files? |
This comment has been minimized.
This comment has been minimized.
Well, that is probably true, however someone would need to rigorously analyze the code to verify it doesn't break any of the heuristics that ARC brings into play, like all objects from init are retained, all objects from factory nondescript methods are autoreleased, etc. This way you know you have no memory leaks since clang would notify you. You cannot assume that all Apple sample code is perfect. I prefer having it vetted by a good complier! |
This comment has been minimized.
This comment has been minimized.
I did three things to use Apple's current sample code in my ARC projects:
Works and is vetted by the compiler. ;) |
This comment has been minimized.
This comment has been minimized.
Well, not sure why you even visited this gist. I never claimed you HAD to do this - just that if you wanted ARC compliant code you could take it. I converted every piece of code used in my companies app to ARC on general principal. Apple clearly says you do not have to do this, as you can use the flag above. Others have had the same desire as me and have been glad to have found this code. |
This comment has been minimized.
This comment has been minimized.
Hello Can you somehow add an identifier, since from what I understand the kSecValueData means the value should be encrypted? Thanks |
This comment has been minimized.
This comment has been minimized.
Hi, I am not able to get the stored key chain data .please show me how to retrieve the data from key chain for item.Thanks in advance |
This comment has been minimized.
This comment has been minimized.
Thanks for providing this. FWIW, I've made my own version that modernizes the code a bit, using dictionary subscript notation and default synthesized members. It doesn't do anything your version doesn't do, but I find it easier to understand. |
This comment has been minimized.
This comment has been minimized.
@yogeshbh You actually can read the header files of GNUstep libobjc2 to get an idea what is under the hood of Objective-C runtime - GNUstep libobjc2 is code compatible with Apple's. |
This comment has been minimized.
This comment has been minimized.
Hi, I have an issue about keychainwrapper:
Jan 5 04:22:46 GeremIphone securityd[162] : securityd_xpc_dictionary_handler Crossfit Lyon[480] copy_matching The operation couldn’t be completed. (OSStatus error -34018 - client has neither application-identifier nor keychain-access-groups entitlements) Have you any idea about fix this ? I initiate my object : keychainItem = [[KeychainItemWrapper alloc] initWithIdentifier:@"CrossfitLyonLogin" accessGroup:nil]; |
This comment has been minimized.
This comment has been minimized.
geremp same issue here. I'm still trying to find a solution |
This comment has been minimized.
This comment has been minimized.
Worked like magic! Thank you for sharing this! |
This comment has been minimized.
This comment has been minimized.
Thanks for the code, saved me a bunch of time. |
This comment has been minimized.
This comment has been minimized.
Is this code still necessary to store items in the keychain in iOS 8? Or is there an easier to store items in teh keychain? |
This comment has been minimized.
This comment has been minimized.
For those who received 25243 error or "Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'Couldn't add the Keychain Item.'" 25243 is related to keychain permission and you won't see this error in simulator because simulator app wasn't signed. In my case, i set the keychain access group in Target->Keychain sharing, then i directly accessed the keychain with the group name. This is wrong because the actual keychain access group should be $(AppIdentifierPrefix)whatever.you.set. You can find it from entitlements.plist. |
This comment has been minimized.
This comment has been minimized.
thanks for converting this... i am having a problem... when i build an ad hoc distrib of this and install it on my ipad running 8.1.1 (though i'm guessing the fact that it is an ipad isn't a factor here)... it is running fine other other devices... and it is running fine as a debug build on the ipad.... any ideas? i'm getting an exception in the init method on line 164 (the line where you release outDictionary): Date/Time: 2015-09-02 15:36:07.182 -0700 Exception Type: EXC_BREAKPOINT (SIGTRAP) Thread 0 name: Dispatch queue: com.apple.main-thread |
This comment has been minimized.
This comment has been minimized.
Line 136:
can be changed to
to prevent a warning in Xcode 7.3. This just moves the |
This comment has been minimized.
This comment has been minimized.
I'm hitting a problem in the iOS 9.3 simulator in Xcode 7.3.1. I create and update a single item in the keychain with a username and password. I'm not using access groups (it is nil in the initWithIdentifier:accessGroup: method). I have not tried my code out on a real device since discovering this problem. However when I stop and rerun the app in the simulator, I do a sanity check search after [super init] in the initWithIdentifier:accessGroup: method:
This helped during development to detect any "crud" entered in the keychain - I then use SecItemDelete() to delete each one. However the query now returns two items matching what we've created:
What's the engine-state in the result? Why is the access group called "test"? Should I be using access groups explicitly now, even in the simulator? |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
fyi - a reworked version https://gist.github.com/kristopherjohnson/5212625 That error I was getting is related to 34018 / entitlements missing. By turning on keychain sharing it does work. |
This comment has been minimized.
This comment has been minimized.
I'm getting the *** Assertion failure in -[KeychainItemWrapper resetKeychainItem] error in Xcode 8.0.
Any help would be appreciated. |
This comment has been minimized.
This comment has been minimized.
Hi David. I realize that this is a copy of 5 year old code & in Objective-C. Still, it took me quite a while to understand how to use it with iCloud syncing. Finding and saving where not effective at all. Are you interested in adding or having comments added showing how to do this? If so, please describe how to make changes to your gist. Thank you so much for posting this.... I wasn't quite ready for the jump to Swift. David |
This comment has been minimized.
This comment has been minimized.
Curse these wretched chains for |
This comment has been minimized.
This comment has been minimized.
Have a look here, many solutions for both |
This comment has been minimized.
This comment has been minimized.
Remarkable that, in the 7 years since Apple published this, it seems no one has picked up the big in line 136. It's pure luck that this code works at all. |
This comment has been minimized.
This comment has been minimized.
Hello, Crash Exception thrown : “NSInternalInconsistencyException: Serious error, no matching item found in the keychain. “ |
This comment has been minimized.
This comment has been minimized.
Hello, Crash Exception thrown : “NSInternalInconsistencyException: Serious error, no matching item found in the keychain. “ |
This comment has been minimized.
This comment has been minimized.
Any Update about crash? |
This comment has been minimized.
This comment has been minimized.
Hello, What do you think about fixing this issue? Should we add kSecAttrAccessible property to the query to allow to copy keychain data when the device is locked? A workaround is to start the listener when the app starts and keeps the listener running when the app is in background. Thanks, |
This comment has been minimized.
This comment has been minimized.
I'm SAM new iOS Developer, Anybody can show me how to use KeychainItemWrapper.h and KeychainItemWrapper.m put to xCode project because i'm use WKWebview for user login and after user exit my app and reopen need user login again and again. Please show me example coding |
This comment has been minimized.
This comment has been minimized.
Can someone look into this crash happening on release build . I am using nil access group if this is a reason How can I reproduce it ? |
This comment has been minimized.
I am facing issue with ARC conversion with newer version of XCode 4.2 on following statement.
if (! SecItemCopyMatching((CFDictionaryRef) objc_unretainedPointer(tempQuery), (CFTypeRef *)objc_unretainedPointer(objc_unretainedObject(&outDictionary)) ) == noErr)
Following statement from your code is not working for me. It give some ARC error for outDictionary.
if (!SecItemCopyMatching((__bridge CFDictionaryRef)tempQuery, (CFTypeRef *)&outDictionary) == noErr)
{......
Please guide me.
Thanks,
Yogesh