Why does Quickstart Setup between 2 iOS devices restores Keychain values (kSecAttrAccessibleAlwaysThisDeviceOnly is set)

Hi,


I want to prevent iOS to restore security sensitive data from keychain if the backup is restored to a new device via icloud, quickstart setup between 2 iOS Devices or local iTunes backup.


I have set the following option for storing data to keychain:


kSecAttrAccessibleAlwaysThisDeviceOnly


I would expect that according to the API documentation, keychain values are only restored if the backup is transferred to the _same_ device but as I noticed, thats not the case. Am I missing something or how can I do that?

Up vote post of schakeu Down vote post of schakeu
798 views
Posted by
schakeu
Reply
Add a Comment

Replies

I would expect that according to the API documentation, keychain values are only restored if the backup is transferred to the samedevice …

I agree. I’ve recently explored the backup issue in depth and posted my results here.

I did not look at the Quick Start case but it does seem odd that it would let a 

ThisDeviceOnly
credential escape. If that’s what you’re seeing, I recommend that you file a bug about it. Please post your bug number, just for the record.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment