This is a continuation of from the old forums: https://devforums.apple.com/thread/246122
Calling SecItemCopyMatching will sometimes return an OSStatus of -34018 (errSecMissingEntitlement). This seems to happen when the system is running low on memory. This has not been fixed in iOS9. I've of course filed radars about this and I would encourage others to do the same while iOS 9 is under development.
No, we actually can not ignore it because we can not save anything in keychain. It breaks our app behaviour. Apple should find a way to fix this bug
Hey guys,
any updates on this?
We were told in July you were working on this but several months have passed and this is still a major issue.
What is going on? What can we expect going forward?
We really need some official response on this.
Thank you.
We are desparate for this fix too.
I've been having same problems on iOS 8 and iOS 9, with iPhone 5, 5s, 6, 6+, 6s+. I don't think this problem is related to a combination of OS and device, beecause after reading this thread, there a lots of combinations that just don't work.
I wanted to publish my app, but it won't pass review because it uses Keychain not only for registration, but also many times in app.
I decided to put an alert when user starts the app. It would check whether I can retrieve values from Keychain, if not, I'll tell them to kill the app and start over, hopefully, with Keychain working. This will get me a lot one star ratings ...
Certainly, not a good for Apple as well. Their keychain doesn't store sensitive data correctly!!!
Xcode, Mac OSX, and iOS update today. Seems to be fixed for me.... for now at least.
Edit: Nope. Still Broken. Is this happening in the wild or just debug mode? I only know debug mode but I'm also see bug reports that don't make any sense unless this is also happening in the wild.
Just to add my voice to the noise, Xcode 7.1 and iOS 9.1 this is STILL a bug.
In my scenario it seems to happen when users update the App. Reading from the Keychain fails immediately and then the user is forced to login again. BUT, since reading and writing to Keychain fails its a stalemate. I did see a solution that simply involved crashing the app whenever this occured but I'm not sure I'm comfortable with that.
Since all we are storing in the Keychain is the users access tokens, I think i'm going to move that into NSUserDefaults as this just isnt worth the time. We do use Safari Credential Sharing and havent experience any issues with that so for those who are struggling maybe thats a better option?
Has there been ANY update on this since July? I knowthe Facebook SDK team is having real trouble with this and causing a lot of Apps to be rejected from the store due to login bugs.
Can we please get an update on where Apple engineers are at with fixing this bug and what we as developers can do to work around it in prior versions of iOS where this issue will remain prevalent?
Adding my voice to say that it is happening in the latest Xcode (7.1) while debugging an iPhone 6 with 9.1. Any and all keychain access results in -34018, but then if I run the exact same build outside of the debugger, without rebooting my phone, all accesses work.
I am desperate for a workaround.
Workaround...get the app built and copied to the phone, and then start the app from the device (not the debugger). Then, attach the debugger to the running process. This seems to get around whatever timing issue is breaking this, and the various keychain operations appear to work correctly while debugging.
Confirming totvos workaround. Works as a temporary solution. Would be nice to have this resolved properly.
Thanks for sharing the workaround totvos!
Seeing reports that this is happening in production Apps. Is anyone else able to confirm? https://github.com/soffes/sskeychain/issues/52
Feedback/workarounds from Apple would be appreciated...
An update on this would be appreciated. Very frustrating issue.
An update on this would be appreciated. Very frustrating issue.
Alas, I don’t have any helpful info to share. This is a bug that, AFAIK, keychain engineering is still hunting (r. 19844807). Moreover, while there’s lots of anecdotal suggestions for ways to avoid the problem, AFAIK the only guaranteed workaround is to restart the process, which is not very helpful when you’re talking about an iOS app.
Share and Enjoy
—
Quinn "The Eskimo!"
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"Thank you Quinn.
How can I get updates on the bug resolution? As we try to workaround it in over 60 applications, you can imagine the coordination required to update them all, and the risk of introducing a new issue.
Unfortunately, having zero information on an issue with this kind of impact does not allow me to do any kind of damage control with my clients.
Thanks
Thank you Quinn for your updates.
But what can we do to help here? Are there still issues replicating the bug? I think it's been pretty well documented.
This has been going on for too long. Our apps are unreliable bacause of this and our users are leaving us.
Apple is really hanging us out to dry with this.
How can I get updates on the bug resolution?
Probably the best option here is to file your own bug about it. That’ll get closed as a duplicate, at which point you’ll be able to see the status of the original.
It’s not ideal (for example, you’ll have to poll for changes) but it’s the best you can do in the current setup.
Share and Enjoy
—
Quinn "The Eskimo!"
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"Just to add to the discussion, I'm also suffering with this problem.
Months ago, I was seeing the -34018 error when accessing the keychain quite often. However, I turned off ARC for the file that was doing keychain access, started doing the memory management manually, and I haven't seen the problem for a long time - over 6 months. However, I started seeing it again recently (since iOS 9.1 and XCode 7.1.1). No idea why (Xcode and iOS updates might be a coicidence), but yes it always seems to happen when bringing the app back into the foreground.
The keychain was indeed being accessed in applicationWillEnterForeground: so I've moved that to applicationDidBecomeActive: and will see if that elleviates the problem.
You are both wrong.
The issue happens in App Store versions too.
The cause is a memory stress that probably cause the securityd process to fail with its connection to the keychain.
When this one happens the only thing to do is kill the app, kill other apps to release some memory and only then open the app.
The bug was reported back in 2013 and Apple didn't do anything until today with the claim this is hard to reproduce. Thousand developers reported this bug but Apple can't reproduce. Sounds funny.
Anyway, Don't trust the details you reported as this one is just around the corner for everyone.
Can confirm the -34018 error is still present in iOS 9.2. 😟
Ditto, started seeing this today.
result = SecItemAdd((__bridge CFDictionaryRef)[self dictionaryToSecItemFormat:keychainItemData], NULL);(lldb) p result
(OSStatus) $1 = -34018
😢
Did you notice if this improved things? I moved my keychain access from '....aplicationDidFinishLaunching...' to the '...applicationDidBecomeActive..' but we are still seeing the issue; although it appears to be less often.
Quinn,
OK, I followed your advice and openned a defect; I hope Apple can find the root cause and provide an OS fix or at least a workaround on the code side.
Don't hold your breath.....this bug has been in the OS for ages and no fix is in sight.
Only two options:
Our only course of action is to make as much noise as possible to attract Apple/Others/the Media's Attention and bring the issue to the spotlight to ensure Apple commits the appropriate resources to fixing this.
This is affecting at least a few major developers (I know Facebook/Parse runs into this issue), so we must unite to make our voices heard.
Everybody should file their own bugs about this so Apple understands it's affecting many of us. And then make as much noise as possible. Should we consider a petition to Tim?
Merry Christmas everyone. At least I know what I want front Santa this year....!
same here, on SecItemCopyMatching, XCode 7.2, iOS 9.2, running attached to debugger
you can see the code here: https://github.com/tradle/react-native-ecc
SecItemAdd goes through: https://github.com/tradle/react-native-ecc/blob/master/ios/RNECC.m#L141
SecItemCopyMatching intermittently fails with the dreaded 34018: https://github.com/tradle/react-native-ecc/blob/master/ios/RNECC.m#L399
if there's any other information i can provide to speed up the resolution of this bug, don't hesitate to ping me at mark@tradle.io