iOS 10 crypto not working on simulator

This particular piece of code (minus the setup code) generate a 2048 key pair


sanityCheck = SecKeyGeneratePair((__bridge CFDictionaryRef)keyPairAttr, &publicKeyRef, &privateKeyRef);


It works wonderfully on iOS 9 simulator, iOS 9 device, iOS 10 device, but not iOS 10 simulator.


Was there any change in the iOS 10 simulator prevent it from working?


The error while calling this function on iOS 10 simulator is -34018


thanks

jerry

Replies

Hi Eskimo,

I also need to execute unit tests inside a framework and I still encounter the problem with xcode 8.1.

Thanks

Jeremie

I also need to execute unit tests inside a framework and I still encounter the problem with xcode 8.1.

Right. This is a well-known issue with library tests (sometimes called logic tests by Xcode). Those tests are run by a tool (

xctest
) that does not have entitlements. Historically this caused problems for folks using custom entitlements (to access CloudKit, for example) but now it affects folks using the keychain as well.

AFAIK there’s no direct workaround. However, I believe you can avoid the problem by running this test code within your app (in the docs this is called an app test). Because these run inside your app, they get the app’s entitlements.

If you don’t have an app handy, you can create a dummy one just to host the tests.

Please try this out and let us know if you hit any snags.

Oh, and don’t let the availability of a workaround prevent you from filing a bug about this. Xcode should be able to run library tests with entitlements, and this recent keychain change makes this even more important.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Hy Eskimo,

I just installed the latest Xcode 8.2 beta (beta 2) and was hoping it would fix the issue for library tests/logic tests, too. Unfortunately, the issues seems to be still around, our logic tests continue to fail if they try to access the keychain.


Any pointes when/if we can expect a fix for this?


Thanks

Benny

Unfortunately, the issues seems to be still around, our logic tests continue to fail if they try to access the keychain.

Correct.

Any pointes when/if we can expect a fix for this?

I can’t comment on The Future™ but I will repeat my advice from earlier:

  • You can avoid the problem by running your tests within an app, creating a dummy app if you don’t have one handy.

  • Feel free to file your own bug about this limitation.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Do you have any documentation, maybe it's simple enough to provide right here, where you take an existing Framework target's tests and add them to a dummy app to be executed? Or do I have the wrong idea about this dummy app?

I think it’s as simple as:

  1. Creating a new app target for the appropriate platform.

  2. In the target editor for the test target, go to the General tab and select that as the host application.

I recently did this for the CryptoCompatibility sample code and it didn’t cause me any grief (be aware that’s not in the current public release of the sample, but something internal).

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"