1

I am using the keychain with iOS7 as target, I use the attribute : kSecAttrAccessibleWhenUnlockedThisDeviceOnly

It is working great, after 10sec when the device is lock the keychain variables are not accessible.

What I want now is to delete the keychain before the app is killed. applicationWillTerminate is only called if the app is killed before going into background or if the system release the application. If the app is in background for like 1min before being killed by the user, I can't find how to clear the keychain.

Is there any way to delete the keychain or have a function called when the app is killed by the user after several minute in background ?

Pull
  • 2,236
  • 2
  • 16
  • 32
  • Not really, why do you need to delete? – Wain Apr 20 '15 at 09:07
  • I am using the Keychain with sensitive data encrypted, I would like to clear everything if the app is killed by the user manually. If applicationWillTerminate is called I clear the Keychain, but is not enough... – Pull Apr 20 '15 at 09:14
  • Also see http://stackoverflow.com/q/3712979. – jww Apr 20 '15 at 09:40

1 Answers1

3

Is there any way to delete the keychain...

NO. On iOS, there's only one keychain and its a shared resource.

If interested, here's some reading from the data security point of view. Not much has changed since the iOS 4/5 days. I think the most interesting new things are the NSSecureCoding Protocol for iOS 7 (or was it 6?) and fingerprint authentication.

or have a function called when a app is killed after several minute in background

Yes and no. -applicationWillTerminate is not sent, despite what the literature says. Instead, you know you are terminating when the SIGKILL arrives. And you can't trap it. But you may be able to perform a quick wipe and return from the sighandler, though (I've never tried it, so I don't know).

The strategy to use when the data sensitivity warrants is to begin wiping data when your delegate receives -applicationWillResignActive. Or start a timer when -applicationWillResignActive arrives but cancel it if -applicationWillEnterForeground arrives. If the time elapses, then begin wiping. But both can create a poor user experience.

jww
  • 97,681
  • 90
  • 411
  • 885
  • Indeed I have a timer in background and I clear the keychain (in fact the variable inside my keychain) if the app was too long in background. So from what you are saying there is not way to catch this "app killed by user in background" event yet ? – Pull Apr 20 '15 at 09:22
  • *"... in fact the variable inside my keychain..."* - Oh, that's a `SecItem`, and you can delete that. But you should overwrite it before deleting it because Apple's Secure Allocator calls a Standard Deleter (and not a Secure Deleter). I reported that bug to them years ago, and its still not fixed. – jww Apr 20 '15 at 09:26
  • *"So from what you are saying there is not way to catch this "app killed by user in background" event yet"* - As far as I know, the answer is NO. You will get to see the `SIGKILL` fly by, but you can't trap it. You may be able to perfrom a quick wipe and return from the `sighandler`, though. And you may be able to do it on a Jailbroken device (to me, JB is the exception and not the rule). – jww Apr 20 '15 at 09:28
  • Ok very well, I understood from my research that it was not possible but a confirmation on Stackoverflow is enough for me to stop my researches :). Thank you very much Jww ! – Pull Apr 20 '15 at 09:31
  • @Pull - no problem. Be sure to check out Zavi's paper and Sogeti ESEC's paper. You won't find that information in other places (like Apple's site). And it has a lot of inner working details you will likely be interested in. – jww Apr 20 '15 at 09:34