I am working on an app that stores a password in the keychain. Everything is working fine when I run the app from Xcode using a development profile - I can save a password, quit the app, relaunch and fetch the password from the keychain.
However, whenever I run the app using an Ad Hoc or App Store profile SecItemCopyMatching always returns errSecItemNotFound when I try to fetch the password from the keychain after relaunching the app.
Is there something I missing with the app ID, provisioning profile or entitlements?
Turns out I was being caught out by the Enable Foundation Assertions build setting. It seems to be set to No by default for release builds.
I was using code from Keychain Services Tasks for iOS in the Apple Docs which has a lot of the keychain calls (including SecItemAdd) wrapped in NSAssert() therefore they weren't getting called and nothing was getting saved to the keychain.
Related
I have inherited an iOS project that has an app currently submitted to the App Store. I want to release a new beta version of an app. After I Archive the app in the Xcode and try to Validate it, it shows the following message shown on the screenshot:
Failed to locate or generate matching signing assets. Your account already has a valid iOS Distribution certificate.
I don't have the distribution certificate locally and don't have access to the computer that had it. As far as I understood form other questions, one option is to click the "Reset" button. What are the implications of reseting the distribution certificate? Will it affect the current app in the App Store? Will other services like Push notifications and in-app purchases continue to work in the current app?
I have reseted the distribution certificate and it did not affect the published version of the app. Push notifications continue to work.
Resetting Certificates Using Xcode
If Xcode detects an issue with a signing identity, it displays an appropriate action in Accounts preferences. If Xcode displays a Create button, the signing identity doesn’t exist in your developer account or on your Mac. If Xcode displays a Reset button, the signing identity is not usable on your Mac—for example, it is missing the private key. If you click the Reset button, Xcode revokes and re-creates the corresponding certificate.
https://developer.apple.com/library/content/documentation/IDEs/Conceptual/AppDistributionGuide/MaintainingCertificates/MaintainingCertificates.html
As per my experience, according to Apple support revoking certificate will not have any effect on the uploaded build on iTunes or on live.
https://developer.apple.com/support/certificates/
iOS Distribution Certificate (App Store)
If your Apple Developer Program membership is valid, your existing apps on the App Store will not be affected. However, you will no longer be able to submit new apps or updates to the App Store.
I have 2 applications. One is in appstore and the other one I am working currently. Using my first app I have saved a string in keychain and now using the second app I am trying to retrieve the same value. But every time the below condition fails. So I am unable to retrieve the saved value.
if (! SecItemCopyMatching((CFDictionaryRef)tempQuery, (CFTypeRef *)&outDictionary) == noErr)
Please let me know where am I doing wrong.
As far as I know, you cannot share keychain between an app store app and an app you are currently developing. The entitlements are different for the apps signed with distribution profile (which is the case for an app store app) and those signed with a development profile.
What's happen to data stored in keychain when user update his iOS version to new system ? i.e user have ios 6 and stored some information from my App in Keychain, are those information will be still avaiable after install ios 7 ??
BR
Kivu
Nothing will happen to data in KeyChain, keychain persists even after the app is removed, it is linked to AppID and the access rights depend on the provisioning profile used when signing your application.
On iPhone, Keychain rights depend on the provisioning profile used to
sign your application. Be sure to consistently use the same
provisioning profile across different versions of your application
After my customers upgraded to a new version of my App using KeyChain.... under iOS7 they lost all the information.
I only have this issue when downloading my live app from the app store, then running my latest build over it via XCode. When I run the app 'clean' it works fine.
I want to make sure users will be able to update the app and have iCloud work as expected.
NSUbiquitousKeyValueStore error: com.xxx.xxx has no valid com.apple.developer.ubiquity-kvstore-identifier entitlement
Will this be an issue when I submit the update or is my update testing flawed?
After testing updates using OTA instead of directly through XCode, it appears to work fine. Not sure why, but the development profile isn't playing nice with the App Store profile, whereas the Ad Hoc profile is.
I have a bash script that builds and signs my iOS apps for adhoc over-the-air distribution to testers.
The signing process requires that the keychain be unlocked, which means storing the password in plain-text in my script. I'd rather this not be the main keychain (login) and create a separate keychain just for these keys/certificates where the password isn't that big of a deal.
I can create the new keychain and put all the keys/certs in there, but xcode 4 seems to only look in the login keychain. Is there a way to change this, or am I doing something else wrong?
You can create a separate keychain, and xcode 4 (at least, I just tested and confirmed with xcode 4.5 on mountain lion) will look not only in the login keychain, but all keychains, including the new keychain.
So it is good, and you can store just the keys/certs that you need in the new keychain.