User Profile

I'm setting up unit tests for my application using Xcode. When I tried to access default keychain on MacOS using SecKeychainCopyDefault, I got error OSStatus -25307, which means "A default keychain could not be found." The tests worked locally, and the issue only happened with Github Actions. Would anyone have any insight on this issue, or point me to some reading I can refer to? Thanks in advance! Here is some more tests I've done here. I tried to run "security default-keychain" on GithubAction, and I got > security default-keychain "/Users/runner/Library/Keychains/login.keychain-db" However, when I tried to start a shell to run the same security command in my unit test, I got SecKeychainCopyDefault: A default keychain could not be found. Here is my test calling security command from shell: static func run_shell(_ command: String) -> String { let task = Process() let pipe = Pipe() task.standardOutput = pipe task.standardError = pipe task.arguments = ["-c", command] task.launchPath = "/bin/zsh" task.standardInput = nil task.launch() let data = pipe.fileHandleForReading.readDataToEndOfFile() let output = String(data: data, encoding: .utf8)! return output } func testSecurityDefaultKeychain() throws { print(TLSContextTests.run_shell("security default-keychain")); }

I'm having issue with keychain access for my SWIFT project. The keychain operations succeed while I run the test with Xcode.app (GUI), but failed when I run the test through command line tool xcodebuild. I assume I did something wrong with the environment. Is there any suggestion or instruction about how should I setup for the xcodebuild command line tool? Here is my unit test. static func run_shell(_ command: String) -> String { let task = Process() let pipe = Pipe() task.standardOutput = pipe task.standardError = pipe task.arguments = ["-c", command] task.launchPath = "/bin/zsh" task.standardInput = nil task.launch() let data = pipe.fileHandleForReading.readDataToEndOfFile() let output = String(data: data, encoding: .utf8)! return output } func testSecurityDefaultKeychain() throws { print(TLSContextTests.run_shell("security default-keychain")); } Other things I have tried: I got the same result if I use SecKeychainCopyDefault instead of the security command. If I directly run security command in my terminal, it worked fine. > security default-keychain "/Users/runner/Library/Keychains/login.keychain-db" I also tried with sudo xcodebuild & chmod a+x xcodebuild to make sure the tool has permission to access keychain, but it was not helpful. I had a post about the same issue a month ago. At that time I thought it was an issue for CI environment only. However, it turns out it was the xcodebuild. https://forums.developer.apple.com/forums/thread/747794

Hi all, I'm working on a macOS project with C interface. And I'm trying to import my private key to a SecKeychainRef, but I always got error code -50. Would you have any advice or suggestion in it? Thanks in advance. Here is my code: // Get default keychain SecKeychainRef import_keychain = NULL; OSStatus keychain_status = SecKeychainCopyDefault(&import_keychain); // Create key from ECC key data in X963 format CFMutableDictionaryRef parameters = CFDictionaryCreateMutable(default_alloc, 0, NULL, NULL); CFDictionarySetValue(parameters, kSecAttrKeyType, kSecAttrKeyTypeECSECPrimeRandom); CFDictionarySetValue(parameters, kSecAttrKeyClass, kSecAttrKeyClassPrivate); CFDictionarySetValue(parameters, kSecAttrApplicationLabel, cfLabel); SecKeyRef private_key= SecKeyCreateWithData(hard_code_key_ref, parameters, &key_error); // Add seckey to key chain CFMutableDictionaryRef secItemParams = CFDictionaryCreateMutable(default_alloc, 0, NULL, NULL); CFDictionarySetValue(secItemParams, kSecClass, kSecClassKey); CFDictionarySetValue(secItemParams, kSecValueRef, privateKey); CFDictionarySetValue(secItemParams, kSecUseKeychain, import_keychain); OSStatus key_status = SecItemAdd(secItemParams, NULL); I also tried to test "SecItemAdd" with password value, but it also failed with -25308. I'm not sure if it is related or not. Here is the test code:             CFStringRef server = CFStringCreateWithCString(default_alloc, "example.com", kCFStringEncodingUTF8);             CFStringRef username = CFStringCreateWithCString(default_alloc, "username", kCFStringEncodingUTF8);             CFStringRef password = CFStringCreateWithCString(default_alloc, "password", kCFStringEncodingUTF8);             CFMutableDictionaryRef secItemParams = CFDictionaryCreateMutable(default_alloc, 0, NULL, NULL);             CFDictionarySetValue(secItemParams, kSecClass, kSecClassInternetPassword);             CFDictionarySetValue(secItemParams, kSecValueData, password);             CFDictionarySetValue(secItemParams, kSecAttrAccount, username);             CFDictionarySetValue(secItemParams, kSecAttrServer, server);                         CFDictionarySetValue(secItemParams, kSecUseKeychain, import_keychain);             CFDictionarySetValue(secItemParams, kSecAttrAccessible, kSecAttrAccessibleAlways); OSStatus key_status = SecItemAdd(secItemParams, NULL); The above code failed with "OSStatus -25308 : User interaction is not allowed." Any advice is welcomed. Thank you!