KeychainAccess icon indicating copy to clipboard operation
KeychainAccess copied to clipboard

Published 20 hours ago verified publisher icon kishikawakatsumi

Support for kSecAttrAccess (Attribute Key Constant)?

Open AndreasIgelCC opened this issue 6 years ago • 4 comments

Hi,

realy good solution of yours! Do you plan to support kSecAttrAccess for Attribute Key Constants? In that way trusted apps for keychain-entry-access could be defined. This is a key-feature of us and there is no framework supporting it yet.

Greetings, Andreas

AndreasIgelCC avatar Oct 18 '17 12:10 AndreasIgelCC

has this been supported yet? if not I will have to move to a different keychain library.

joshoconnor89 avatar Apr 23 '18 22:04 joshoconnor89

As far as I know, it is not supported yet. @kishikawakatsumi: Do you agree?

AndreasIgelCC avatar Jul 16 '18 06:07 AndreasIgelCC

I too would love to see this handled. Without this, using the keychain on macOS always requires user interaction since an ACL for the item can not be created with this framework. Please reference https://developer.apple.com/documentation/security/keychain_services/access_control_lists and Quinn's comments here: https://forums.developer.apple.com/message/230451#230451

levigroker avatar Jun 04 '19 06:06 levigroker

Since macOS 10.12, it is not enough to set an ACL for a keychain item, you also have to set the partition list. The Security Framework currently does not support setting partition lists as far as I know. A workaround is to use the /usr/bin/security binary. (Reference: https://mostlikelee.com/blog-1/2017/9/16/scripting-the-macos-keychain-partition-ids)

chinh-tran avatar Jun 21 '19 14:06 chinh-tran