Changed SecAccessible.WhenUnLocked to AfterFirstUnLocked #80

Open
wants to merge 1 commit into
from

Projects

None yet

4 participants

@braneworks

Change allows for keychain access when the screen is locked (needed for ibeacons if you are also accessing the keychain for use auth, etc)
(this is recommended method by Apple)

@braneworks braneworks Changed SecAccessible.WhenUnLocked to AfterFirstUnLocked
to allow for keychain access when the screen is locked.
(this is recommended method by Apple)
cfe4f1b
@kevinkraemer

Have been running into exception "Could not save account to KeyChain: InteractionNotAllowed". This change should address it. Is there any timeline on when this would be merged and released?
thanks.

@boblautenbach

There is pull request I submitted about 8 months ago that fixes this.

    public override void Save (Account account, string serviceId)
    {
        var statusCode = SecStatusCode.Success;
        var serializedAccount = account.Serialize ();
        var data = NSData.FromString (serializedAccount, NSStringEncoding.UTF8);

        //
        // Remove any existing record
        //
        var existing = FindAccount (account.Username, serviceId);

        if (existing != null) {
            var query = new SecRecord (SecKind.GenericPassword);
            query.Service = serviceId;
            query.Account = account.Username;

            statusCode = SecKeyChain.Remove (query);
            if (statusCode != SecStatusCode.Success) {
                throw new Exception ("Could not save account to KeyChain: " + statusCode);
            }
        }

        //
        // Add this record
        //
        var record = new SecRecord (SecKind.GenericPassword);
        record.Service = serviceId;
        record.Account = account.Username;
        record.Generic = data;
        record.Accessible = SecAccessible.AfterFirstUnlock; ////THIS IS THE FIX

        statusCode = SecKeyChain.Add (record);

        if (statusCode != SecStatusCode.Success) {
            throw new Exception ("Could not save account to KeyChain: " + statusCode);
        }
    }
@mikegottlieb

Is there any plan to merge this in and release an update? This is a pretty huge problem for any app that wakes up in the background and needs to communicate with a service.

@boblautenbach

I hope so..submitted it some time ago

-b

On Aug 4, 2016, at 5:54 PM, Mike Gottlieb notifications@github.com wrote:

Is there any plan to merge this in and release an update? This is a pretty huge problem for any app that wakes up in the background and needs to communicate with a service.


You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.

@mikegottlieb

@boblautenbach Yes thank you for that. I am using your example to work around things, but it would be nice to get this in since it is a pretty critical thing for a lot of apps. It is amazing how many very normal scenarios are deeply affected by Apple's data protection API and it is also incredible that there is so little documentation on accounting for it.

@boblautenbach

@MikeG..Thanks …completely agree.

Bob Lautenbach
_Pluralsight_Author
https://www.pluralsight.com/courses/using-ibeacons-xamarin-ios
@boblautenbach

On August 4, 2016 at 6:14:11 PM, Mike Gottlieb (notifications@github.com)
wrote:

@boblautenbach https://github.com/boblautenbach Yes thank you for that. I
am using your example to work around things, but it would be nice to get
this in since it is a pretty critical thing for a lot of apps. It is
amazing how many very normal scenarios are deeply affected by Apple's data
protection API and it is also incredible that there is so little
documentation on accounting for it.


You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#80 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AEcNP6jciqobQPnmv8ORlgoFhbziOPQUks5qcmQzgaJpZM4DKzHs
.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment