Keychain Data Not Returning Anything Randomly

App & System Services Core OS
chiragAware OP
Created Feb ’24
Replies 2
Boosts 0
Views 307
Participants 2

So I have an app in production. For the past 3 weeks I am facing an issue. To add any item to keychain I the use the following query

                     [kSecClass: kSecClassGenericPassword,
                      kSecAttrService: type.rawValue,
                      kSecAttrAccount: identifier,
                      kSecValueData: dataFromString]

To retrieve data this is the query

[kSecClass: kSecClassGenericPassword,
 kSecAttrService: type.rawValue,
 kSecReturnData: true]

A bit more context:- Whether a user can log in or not using faceID 3 conditions are important

  1. App should have been biometrics access
  2. App should be able to fetch clientID from keychain
  3. App should be able to fetch refreshToken from keychain

The app works fine for most users. But since the latest update we did for the app the retrieve method has been failing, more so in users with iOS 17.I am not able to replicate this locally. And it seems to be a recurring issue for certain users. What could be the source for the issue? And how to diagnose in production given it is not at all reproducible in our test environments.

Replies  2
Boosts  0
Views  307
Participants  2
chiragAware OP
Feb ’24

The retrieve query above was incorrect. Here are the correct queries.

Add -

[kSecClass: kSecClassGenericPassword,

                                          kSecAttrService: type.rawValue,

                                          kSecAttrAccount: identifier,

                                          kSecValueData: dataFromString]

Update -

[kSecClass: kSecClassGenericPassword,

                                          kSecAttrService: type.rawValue,

                                          kSecAttrAccount: identifier]

Remove -

[kSecClass: kSecClassGenericPassword,

                                          kSecAttrService: type.rawValue,

                                          kSecAttrAccount: identifier]

Retrieve -

[kSecClass: kSecClassGenericPassword,

                                          kSecAttrService: type.rawValue,

                                          kSecAttrAccount: identifier,

                                          kSecReturnData: true,

                                          kSecMatchLimit: kSecMatchLimitOne]
0
DTS Engineer OP
Apple
Feb ’24

The retrieve query above was incorrect.

Does that mean that:

  • The example you posted above was an inaccurate representation of your code?

  • The example above is an accurate representation of your code, and you’ve just applied this correction to your code?

Also, the SecItem API is tricky to use correctly, so I recommend that you read the following posts:

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
Keychain Data Not Returning Anything Randomly
First post date Last post date
 
 
Q