keychain-swift
keychain-swift copied to clipboard
evgenyneu
Creating "synchronizable" entries on OS X fails
Not sure what is amiss here. I'm on OS X 10.11.5, Xcode 8 beta 2, Swift 3.
This works fine:
keychain.set("Value", forKey: "KeyName") // returns true
keychain.get("KeyName") // returns "Value"
But this fails to create new entries in the keychain (assuming key does not yet exist):
keychain.synchronizable = true
if keychain.set("Value", forKey: "KeyName") {
print("success")
} else {
print("failed")
}
The .set function returns false and the key fails to be created.
Hi @orchetect, thank you for reporting. I have never actually tested the synchronization in OS X, only in iOS. If you still have the code nearby, what error code does the set method return?
keychain.set("Value", forKey: "KeyName")
print(keychain.lastResultCode)
I tested keychain synchronization on macOS and could not make it work. Function SecItemAdd returns -34018 result code on macOS when kSecAttrSynchronizable is true.
Added a macOS demo app to the project as well.
Is this a KeyChain bug? Will this problem also occur if I use the KeyChain API from Apple directly without using this library?
Good question. I have no idea. Based on my tests, the iCloud synchronization in this library works on iOS but not on macOS.
Here is another question that I want to know the answer to. Does macOS support iCloud keychain synchronization at all? If it does then we aren't using it correctly in this library.
macOS does support it.
Apple's docs for macOS Sierra state:
Developer ID-signed apps can now take advantage of CloudKit, iCloud Keychain, ...
I'm building apps with a free Apple Dev account. Do you suppose that's why it's not working? Maybe it requires a paid Developer account with proper certificate signing.
This issue seems to be fixed when adding "Keychain Sharing" to the macOS App Target Capabillities (it's off by default). After this Xcode will need to generate a provision profile with this capability and the error will disappear.
