iOS Keychain

Help us to keep this website almost Ad Free! It takes only 10 seconds of your time:
> Step 1: Go view our video on YouTube: EF Core Bulk Extensions
> Step 2: And Like the video. BONUS: You can also share it!

Syntax

  • kSecClassGenericPassword // A value key representing a non-internet password
  • kSecClassInternetPassword // A value key representing an internet password
  • kSecClassCertificate // A value key representing a certificate
  • kSecClassCertificate // A value key representing a key
  • kSecClassIdentity // A value key representing an identity, which is a certificate plus a key

Remarks

iOS stores private information such as passwords, encryption keys, certificates, and identities in a secure storage area called the Keychain. This storage area is managed completely by a co-processor called the Secure Enclave, which is embedded inside the application processor. Because the Keychain is sandboxed on iOS, keychain items may only be retrieved by the application that put them there in the first place.

In some cases you must turn on Keychain Sharing in Xcode capabilities in order to avoid errors.

In order to interact with the keychain, we use a c framework called Keychain Services. For more information, see Apple's Keychain Services Programming Guide.

Because Keychain Services is below the Foundation level, it is restricted to using CoreFoundation types. As a result, most objects are internally represented as CFDictionarys holding CFStrings as their keys and a variety of CoreFoundation types as their values.

While Keychain Services is included as a part of the Security framework, importing Foundation is usually a good option since it includes some helper functions in the backend.

Additionally, if you don't want to deal with Keychain Services directly, Apple provides the Generic Keychain Swift sample project that provides Swift types that use Keychain Services behind the scenes.



Got any iOS Question?