Comments on: Using The iOS Keychain. https://www.andyibanez.com/using-ios-keychain/ Teaching you cool stuff since 2012. Fri, 21 Jun 2019 10:32:11 +0000 hourly 1 https://wordpress.org/?v=4.9.10 By: anas https://www.andyibanez.com/using-ios-keychain/#comment-1785 Thu, 09 May 2019 06:17:36 +0000 http://andyibanez.com/?p=295#comment-1785 Can you please explain this part? ” It is important that your app and all subsequent versions of it are all signed by the same mobile provision profile. If they aren’t, you will have many troubles later on.” What problem that will occure? Thanks you

]]>
By: anas https://www.andyibanez.com/using-ios-keychain/#comment-1784 Thu, 09 May 2019 03:17:15 +0000 http://andyibanez.com/?p=295#comment-1784 Thanks you for sharing this tutorial

]]>
By: SIA https://www.andyibanez.com/using-ios-keychain/#comment-1774 Tue, 27 Nov 2018 15:55:27 +0000 http://andyibanez.com/?p=295#comment-1774 wonderful… such nice n clear article on keuychain

]]>
By: iOS Interview Questions – Site Title https://www.andyibanez.com/using-ios-keychain/#comment-1564 Sun, 19 Feb 2017 06:14:00 +0000 http://andyibanez.com/?p=295#comment-1564 […] https://www.andyibanez.com/using-ios-keychain/ […]

]]>
By: iosdevtopics https://www.andyibanez.com/using-ios-keychain/#comment-1265 Thu, 28 Apr 2016 15:29:49 +0000 http://andyibanez.com/?p=295#comment-1265 I might have a mistake here. For the update method, it ‘seems’ I also need to set the following:

keyChainItem[kSecReturnData] = false
keyChainItem[kSecReturnRef] = false

Any idea why? (I’m quite new to the KeyChain API, so please excuse me if this is a daft question)

]]>
By: iosdevtopics https://www.andyibanez.com/using-ios-keychain/#comment-1263 Thu, 28 Apr 2016 13:27:37 +0000 http://andyibanez.com/?p=295#comment-1263 I think the update method I posted below is wrong (missed it in my unit tests)

]]>
By: iosdevtopics https://www.andyibanez.com/using-ios-keychain/#comment-1261 Wed, 27 Apr 2016 17:41:55 +0000 http://andyibanez.com/?p=295#comment-1261 Here is a draft Swift 2 conversion I did today – do test carefully before using it (it checks out in my unit tests, but it’s not been fully tested / refactored for efficiency)

class MyKeyChain {
    
    lazy var keyChainItem = [NSString : AnyObject]()
    let website = "http://groovywebsite.me"

    //
    // Each of the following methods should return errSecSuccess
    //
    func setupForUsername(un : String, andPassword pw : String) -> OSStatus {
        keyChainItem[kSecClass] = kSecClassInternetPassword
        keyChainItem[kSecAttrAccessible] = kSecAttrAccessibleWhenUnlocked
        keyChainItem[kSecAttrServer] = website
        keyChainItem[kSecAttrAccount] = un
        
        //Does it exist already
        if SecItemCopyMatching(keyChainItem, nil) == noErr {
            print("Already exists : performing update")
            
            return errSecDuplicateItem
        } else {
            keyChainItem[kSecValueData] = NSString(string: pw).dataUsingEncoding(NSUTF8StringEncoding)
            let sts = SecItemAdd(keyChainItem, nil)
            print("Added keychain: result=\(sts)")
            return sts
        }
    }

    func updateKeyChainForUsername(un : String, andPassword pw : String) -> OSStatus {
        keyChainItem[kSecClass] = kSecClassInternetPassword
        keyChainItem[kSecAttrAccessible] = kSecAttrAccessibleWhenUnlocked
        keyChainItem[kSecAttrServer] = website
        keyChainItem[kSecAttrAccount] = un
        
        //Does it exist already
        if SecItemCopyMatching(keyChainItem, nil) == noErr {
            var updatedAttributes = [NSString : AnyObject]()
            updatedAttributes[kSecValueData] = NSString(string: pw).dataUsingEncoding(NSUTF8StringEncoding)
            let sts = SecItemUpdate(keyChainItem, updatedAttributes)
            return sts
        } else {
            return errSecItemNotFound
        }
    }

    func getPasswordInlineFromKeychainWithUsername(un : String, inout pw : String?) -> OSStatus {
        keyChainItem[kSecClass] = kSecClassInternetPassword
        keyChainItem[kSecAttrAccessible] = kSecAttrAccessibleWhenUnlocked
        keyChainItem[kSecAttrServer] = website
        keyChainItem[kSecAttrAccount] = un
        
        //Default value
        pw = nil
        
        //Does it exist?
        keyChainItem[kSecReturnData] = true
        keyChainItem[kSecReturnAttributes] = true
        let result = [NSString : AnyObject]()
        var obj = result as AnyObject?
        let sts = SecItemCopyMatching(keyChainItem, &obj)
        
        if (sts == noErr) {
            guard let r = obj as? [NSString : AnyObject] else { return errSecDecode }
            if let resultData = r[kSecValueData] as? NSData {
                let resultString = String(data: resultData, encoding:NSUTF8StringEncoding)
                pw = resultString
            } else {
                return errSecDecode
            }
        }
        
        return sts
    }
    
    func deletePasswordFromKeychainWithUsername(un : String) -> OSStatus {
        keyChainItem[kSecClass] = kSecClassInternetPassword
        keyChainItem[kSecAttrAccessible] = kSecAttrAccessibleWhenUnlocked
        keyChainItem[kSecAttrServer] = website
        keyChainItem[kSecAttrAccount] = un
        
        //Does it exist?
        if SecItemCopyMatching(keyChainItem, nil) == noErr {
            let sts = SecItemDelete(keyChainItem)
            return sts
        } else {
            return errSecItemNotFound
        }
    }
    
}
]]>
By: lexlab https://www.andyibanez.com/using-ios-keychain/#comment-1236 Mon, 18 Apr 2016 01:56:57 +0000 http://andyibanez.com/?p=295#comment-1236 Thanks a lot for this tutorial.

]]>
By: Andrés Ibañez https://www.andyibanez.com/using-ios-keychain/#comment-1167 Wed, 16 Mar 2016 12:25:39 +0000 http://andyibanez.com/?p=295#comment-1167 You gain no extra security by doing that. If you are going to encrypt, might as well use NSUserDefaults for the encrypted data or something else.

]]>
By: David https://www.andyibanez.com/using-ios-keychain/#comment-1163 Wed, 16 Mar 2016 00:42:44 +0000 http://andyibanez.com/?p=295#comment-1163 Does the rabbit hole ever end?

I appreciate the response. The link is very informative.

What if I encrypt the key/value pair using AES and then insert into the keychain?

]]>