3 Replies
      Latest reply on Sep 15, 2019 11:24 PM by aiden.zhang
      aiden.zhang Level 1 Level 1 (0 points)

        I have two applications to operate the same keychain item.

        App A save a key in keychain item and App B get the key from that keychain item.

         

        I know there are some solutions:

        1. "set trust list", but it doesn't work.
        2. "allows all applications to access the item", but I don't know how to do with objc.
        3. "keychain share", but my developer account is temporarily unavailable.

         

        First,

        I want to know why trust list of keychain not work?

        When App B want to get the key, it need to input login password, but it doesn't need when App A to get the key.

        There are some following codes:

            // save app
            SecTrustedApplicationRef saveRef;
            SecTrustedApplicationCreateFromPath([@"/Users/mr.zhang/Desktop/SaveKeychainInfo.app" cStringUsingEncoding:NSUTF8StringEncoding]
                                                , &saveRef);
            // get app
            SecTrustedApplicationRef getRef;
            SecTrustedApplicationCreateFromPath([@"/Users/mr.zhang/Desktop/GetKeychainInfo.app" cStringUsingEncoding:NSUTF8StringEncoding]
                                                , &getRef);
         
            SecAccessRef accessRef;
            NSArray *trustList = @[(__bridge id)saveRef, (__bridge id)getRef];
            SecAccessCreate((__bridge CFStringRef)@"access", (__bridge CFArrayRef)trustList, &accessRef);
         
            NSDictionary *keychainQuery = @{
                                            (__bridge NSString *)kSecClass : (__bridge NSString *)kSecClassGenericPassword,
                                            (__bridge NSString *)kSecAttrService : service,
                                            (__bridge NSString *)kSecAttrAccount : service,
                                            (__bridge NSString *)kSecAttrAccess : (__bridge NSString *)accessRef,
                                           };

         

        Second,

        I want to know how to "allows all applications to access the item" with code?

        I have no idea about it.

         

        Thanks