Recommend that data should be no longer than REASONABLE_SECRET_DATA_SIZE #248
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See this file for the constant. Follow up to #246 and #247.
Given that we have the known upper desired limit of keychain secret size (thank you @KhaosT!), I think it's reasonable for us to create a new
KeychainError
casevalueTooLarge
, and check that the entered data isn't above that limit before interacting with thesecurityd
. If and when we do that, we'd want to change this/// - Important
to a/// - Precondition
.Open to someone putting out a PR that does that (or I can get to it at a future date). We'd want to do this check within
Keychain
'ssetObject(_:forKey:options:)
.But for now, let's make sure our documentation is telling our customers the right thing per #246 (comment).