First up, I want to point you at the following posts:
These explain the backstory that I’m going to assume.
I also want to point you at Investigating hard-to-reproduce keychain problems. This outlines the general process that I recommend for investigating problems like this.
Error code : "-25308"
This is errSecInteractionNotAllowed. Assuming that you’re on iOS [1] or one of its child platforms, this has a pretty straightforward explanation: You’re accessing a keychain item that’s locked in some way. Typically this means that:
-
You’re accessing a keychain item that’s gated by data protection [2] and protected data isn’t available at this time. For example, the item might have the data protection set to kSecAttrAccessibleWhenUnlocked and you’re accessing it when the device is locked.
-
You’re accessing a keychain item protected by biometrics when user interaction isn’t possible, for example, when your app is in the background.
My experience is that issues like this almost always boil down to your app running code in the background unexpectedly. For example, you might have adding keychain support to your networking code and, heretofore, it’s only run in the foreground. You then add some background execution feature to your app — or you had an existing background feature but now the OS is running it in the background more often — and now you’re keychain code this this issue.
There are two ways you can approach debugging this:
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] If you’re not, first read TN3137 On Mac keychain APIs and implementations and then write back here, because the situation on the Mac is more complex.
[2] kSecAttrAccessible or, equivalently, kSecAttrAccessControl where you set the protection on the SecAccess object.
