Hi all
I am trying to implement the Keychain API for both iOS and OSX and I'm scratching my head around some issues :
- SecItemDelete + kSecMatchLimitAll : iOS give OSStatus error -50 if this parameter is set, but OSX requires the parameter to be set (if you want to delete more than one item of course)
- SecItemCopyMatching + kSecClassIdentity : OSX only returns the {certificate, privatekey} pairs, while iOS returns both the {certificate, privatekey} and {certificate, publickey} pairs
- SecItemAdd + kSecClassCertificate + kSecAttrLabel : OSX ignores the kSecAttrLabel, while iOS records it
- SecKeyGeneratePair + kSecAttrIsPermanent : Both iOS and OSX ignore kSecAttrIsPermanent if set to false. Items are added to the keychain whatever happens. OSX crashes if SecKeyRefs arguments are provided as NULLs while iOS accept it.
- SecItemCopyMatching + kSecAttrKeyClassPublic + kSecReturnData true : iOS returns the content of the public key in ASN.1 encoded format, OSX returns an internal byte array that cannot be decoded
- SecItemCopyMatching + kSecAttrLabel : OSX performs a strict evaluation of the label parameter (returns only the matching labels) while iOS performs a lazy evaluation (returns all items that contain the words in the parameter)
Am I right to assume the above, or is there something which I am doing awfully wrong ?