0

I have an app that stores data in the keychain which will be periodically updated. Unsurprisingly, whenever I update the application, keychain once again requires the user's permission for that build. However, keychain does not permit modification (either removing items or overwriting the contents).

Obviously this is a big problem for keychain items that need to be periodically updated.

I have absolutely no issue editing/deleting/modifying keychain items with the same build number.

Any ideas?

[Edit: Additions removed]

See my own answer below.

Andrew J. Freyer
  • 591
  • 2
  • 12
  • 38
  • It sounds like you aren't code-signing your application. Applications which are code-signed will persist their keychain trust settings and the user will never be prompted to re-authorize the app. – Lily Ballard Jul 04 '12 at 01:28
  • Its true - I'm not yet. I had not joined the developer program as this is just a limited distribution tool. Will that solve the editing issue as well? – Andrew J. Freyer Jul 04 '12 at 01:33
  • Possibly. I'm surprised to hear that you can't edit the items after you've gotten permission to access them from the user. – Lily Ballard Jul 04 '12 at 01:37
  • As am I. I just code signed and issued an update. I'll be able to test in a moment. – Andrew J. Freyer Jul 04 '12 at 01:40
  • Well yes, the first code-signed version still needs the credentials. It's only when performing an update to an already-code-signed app that the keychain trust settings are preserved. Although I still have no idea about the editing issue. – Lily Ballard Jul 04 '12 at 02:07

1 Answers1

0

The issue with this program is specific to the development machine. Since I was receiving the update in the /Applications/ folder and was testing the update in the build directory, keychain saw two applications in different locations trying to access the same secure credentials.I do not have a way to test if this theory is the actual cause since neither keychain or sandbox spat errors.

However, deleting the applications and their keys fixed the problem.

Andrew J. Freyer
  • 591
  • 2
  • 12
  • 38