Stack Overflow
Stack Overflow

Questions tagged [security-framework]

Security Framework is an iOS and OSX API, which provides Authorization Services; Certificate, Key, and Trust Services; Cryptographic Message Syntax Services; and Keychain Services.

Security Framework is an iOS and OS X API, which provides Authorization Services; Certificate, Key, and Trust Services; Cryptographic Message Syntax (CMS) Services; and Keychain Services. Apple's documentation can be found at Security Framework.

62 questions
35
votes
5 answers

Keychain Query Always Returns errSecItemNotFound After Upgrading to iOS 13

I am storing passwords into the iOS keychain and later retrieving them to implement a "remember me" (auto-login) feature on my app. I implemented my own wrapper around the Security.framework functions (SecItemCopyMatching(), etc.), and it was…
Nicolas Miari
  • 16,006
  • 8
  • 81
  • 189
14
votes
1 answer

Invisible files associated with OS X keychains

It seems that a keychain file (with extension .keychain) will usually have an invisible file associated with it, located in the same directory. This invisible file always has these properties: It is empty (zero bytes). Its permissions are 0444…
TachyonVortex
  • 8,242
  • 3
  • 48
  • 63
11
votes
1 answer

Importing a PKCS12 Using SecItemImport

Apple's documentation for OS X talks about using SecItemImport to obtain a SecKeyRef. The function signature looks like this: OSStatus SecItemImport ( CFDataRef importedData, CFStringRef fileNameOrExtension, SecExternalFormat *inputFormat, …
Paul Kehrer
  • 13,466
  • 4
  • 40
  • 57
8
votes
1 answer

Mac Launch Daemon unable to retrieve password from system keychain after saving it there

We have a Launch Daemon which (necessarily, for various reasons) runs as root, and which communicates with a server component via the network. It needs to authenticate with the service, so when it first obtains the password, we save it to the system…
pmdj
  • 22,018
  • 3
  • 52
  • 103
7
votes
1 answer

Is OS X's SecRandomCopyBytes fork safe?

Many userspace CSPRNG's have an issue where after fork(2), it's possible for the two different processes to return the same stream of random bytes. From looking at dtruss, it's clear that SecRandomCopyBytes is, at a minimum, seeding from…
Alex Gaynor
  • 14,353
  • 9
  • 63
  • 113
7
votes
2 answers

SecKeyRawVerify and OSError -9809

I am using digital certificates to sign data files in my App. The code fragment below fails when the call to SecKeyRawVerify returns with -9809. This is running on an iPhone. I can't even identify exactly what this error code means The prior…
drew
  • 2,371
  • 2
  • 19
  • 27
6
votes
1 answer

SecAccessControlCreateWithFlags() in Swift

I am trying to call a function in the Security.framework, from swift code. Forgetting about the "error out" (last) parameter for a second, if I call the function like this: let accessControlRef = SecAccessControlCreateFlags( …
Nicolas Miari
  • 16,006
  • 8
  • 81
  • 189
6
votes
1 answer

iOS keychain: SecItemUpdate returns -50 (paramErr) when updating kSecAttrAccessible

I need to update the kSecAttrAccessible of a keychain entry. I don't need to update the actual data, just the accessibility attribute. First I try to find the item to make sure that my query dictionary is good: sanityCheck =…
SeaJelly
  • 1,738
  • 1
  • 15
  • 30
6
votes
1 answer

SecKeyGeneratePair public exponent

Is it possible to change the default public exponent (e) when generating an RSA key pair using SecKeyGeneratePair? I am aware 65537 is a good default, so this is just a question about whether it is technically possible.
Paul Kehrer
  • 13,466
  • 4
  • 40
  • 57
6
votes
1 answer

How can I access identity profiles and certificates with iPhone SDK?

I am trying to verify the user identity on my application using a certificate / identity that the user has stored by opening a .cer / .p12 attached to an email. The certificate appears on the settings app of the phone under the group "Configuration…
user236667
5
votes
3 answers

Get the Username(s) stored in Keychain, using only the ServiceName? OR: Where are you supposed to store the Username?

So the OS X Keychain has three pieces of information: ServiceName (the name of my app) Username Password I obviously always know the ServiceName. Is there a way to find any saved Username(s) for that ServiceName? (Finding the password is easy once…
ck_
  • 3,719
  • 10
  • 49
  • 76
5
votes
1 answer

Continuously getting kSecTrustResultRecoverableTrustFailure while trust evaluation - iphone

I want to securely communicate with my server and here is what I am doing... NSURLProtectionSpace *protectionSpace = [challenge protectionSpace]; SecTrustRef trust = [protectionSpace serverTrust]; NSURLCredential *credential = [NSURLCredential…
Deam
  • 1,007
  • 2
  • 17
  • 36
5
votes
2 answers

Sign on OS X, Verify on iOS and OSStatus -9809

I am using Apple's Security Framework. I am able to sign and then successfully verify all on OS X, but when I try to use SecKeyRawVerify on iOS it fails with -9809 error. I've played with various PKCS padding options and many other attributes but…
Maurizio
  • 4,143
  • 1
  • 29
  • 28
5
votes
2 answers

SecAddItem Only Retuns errSecParam, No Matter I Do

For some reason I can't get this simple keychain code to work. //Let's create an empty mutable dictionary: NSMutableDictionary *keychainItem = [NSMutableDictionary dictionary]; NSString *username = self.nwUsernameTxtFld.text; NSString *password =…
Andy Ibanez
  • 12,104
  • 9
  • 65
  • 100
5
votes
1 answer

Two applications sharing keychain data works fine in iOS simulator but not in device

I am trying to access keychain data set by an application from another application with the same identifier(same profile). I used this link to achieve this. The saving of keychain data is happening properly, I get errSecSuccess for the below…
Satheesh
  • 10,998
  • 6
  • 50
  • 93
1
2 3 4 5