'iOS Keychain Access

I am using the SSKeyChain library to store and access a password in the keychain. I'm testing in the iPhone Simulator and I can write and access the keychain. But when I close out the app (Double click the home button, swipe app up so it is no longer in background) I cannot access the data in Keychain. My understanding was that, unless specifically deleted this data would remain there. Am I wrong in that or is it possible I am not storing the data properly?

A second question is, should this data be encrypted or does Keychain take care of that already? If it should be encrypted any suggestions of how?

Here's my code:

- (void)viewDidLoad
{
    [super viewDidLoad];

    /*
    Let sskeychain know how the keychain values can be accessed - these are the options:

    kSecAttrAccessibleWhenUnlocked  Only accessible when device is unlocked.
    kSecAttrAccessibleAfterFirstUnlock  Accessible while locked. But if the device is restarted it must first be unlocked for data to be accessible again.
    kSecAttrAccessibleAlways    Always accessible.
    kSecAttrAccessibleWhenUnlockedThisDeviceOnly    Only accessible when device is unlocked. Data is not migrated via backups.
    kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly    Accessible while locked. But if the device is restarted it must first be unlocked for data to be accessible again. Data is not migrated via backups.
    kSecAttrAccessibleAlwaysThisDeviceOnly  Always accessible. Data is not migrated via backups.
    */

    [SSKeychain setAccessibilityType:kSecAttrAccessibleWhenUnlocked];

    txtUserName = [[UITextField alloc] initWithFrame:CGRectMake((self.view.frame.size.width/2)-100.0, 200.0, 200.0, 30.0)];
    txtUserName.placeholder = @"User Name";
    txtUserName.font = [UIFont fontWithName:@"Avenir" size:18.0];
    txtUserName.layer.cornerRadius = 8.0f;
    txtUserName.backgroundColor = [UIColor whiteColor];
    txtUserName.layer.borderWidth = 1.0;
    [self.view addSubview:txtUserName];

    txtSignon = [[UITextField alloc] initWithFrame:CGRectMake((self.view.frame.size.width/2)-100.0, txtUserName.frame.origin.y + txtUserName.frame.size.height + 20.0, 200.0, 30.0)];
    txtSignon.placeholder = @"Password";
    txtSignon.font = [UIFont fontWithName:@"Avenir" size:18.0];
    txtSignon.layer.cornerRadius = 8.0f;
    txtSignon.backgroundColor = [UIColor whiteColor];
    txtSignon.layer.borderWidth = 1.0;
    txtSignon.secureTextEntry = YES;
    [self.view addSubview:txtSignon];

    UIButton* btnSubmit = [UIButton buttonWithType:UIButtonTypeRoundedRect];
    [btnSubmit setTitle:@"Submit" forState:UIControlStateNormal];
    [btnSubmit addTarget:self action:@selector(storeValues:) forControlEvents:UIControlEventTouchUpInside];
    [btnSubmit setFrame:CGRectMake((self.view.frame.size.width/2)-100, txtSignon.frame.origin.y + txtSignon.frame.size.height + 20.0, 200.0, 30.0)];
    [self.view addSubview:btnSubmit];

    UIButton* btnGetData = [UIButton buttonWithType:UIButtonTypeRoundedRect];
    [btnGetData setTitle:@"Get Stored Credentials" forState:UIControlStateNormal];
    [btnGetData addTarget:self action:@selector(getStoredValues:) forControlEvents:UIControlEventTouchUpInside];
    [btnGetData setFrame:CGRectMake((self.view.frame.size.width/2)-100, btnSubmit.frame.origin.y + btnSubmit.frame.size.height + 20.0, 200.0, 30.0)];
    [self.view addSubview:btnGetData];


}

- (void) storeValues : (UIButton*) myButton {

    [self.view endEditing:YES];

    //get the saved values
    NSString* strUserName = txtUserName.text;
    NSString* strUserPass = txtSignon.text;

    self.strStoredUserName = strUserName;

    //pass them along to the keychain
    [SSKeychain setPassword:strUserPass forService:@"com.sanofi.us" account:strUserName];

    UIAlertView* alert = [[UIAlertView alloc] initWithTitle:@"Success" message:@"Your user name and password were stored in the devices keychain!" delegate:nil cancelButtonTitle:@"Okay" otherButtonTitles:nil, nil];
    [alert show];

    txtUserName.text = @"";
    txtSignon.text = @"";


}

- (void) getStoredValues : (UIButton*) myButton {

    NSString* strUserName = self.strStoredUserName;

    // Access that token when needed
    NSString* strPassword = [SSKeychain passwordForService:@"com.sanofi.us" account:strUserName];

    if (strPassword) {
        UIAlertView* alert = [[UIAlertView alloc] initWithTitle:@"Success" message:[NSString stringWithFormat:@"Your credentials stored in the keychain are:\nUsername: %@\nPassword: %@", strUserName, strPassword] delegate:nil cancelButtonTitle:@"Okay" otherButtonTitles:nil, nil];
        [alert show];
    }

}
ioskeychain


Solution 1:[1]

This code looks correct and the data should be sticking around unless the simulator is being reset. Are you able to test on a device?

To answer the second question, depending on your device and iOS version the keychain passwords are either encrypted using 3DES or AES, however the exact implementation can change in the future.

Solution 2:[2]

For Swift, you can use KeychainAccess, which is a bit easier to use:

// Create keychain object
let keychain = Keychain(service: "com.company.AppName")

// Store value in keychain
keychain["password"] = "test"

// Retrieve value from keychain
let password = keychain["password"]

According to the current iOS 11 security guide keychain items are encrypted with AES 128.

Components of a Keychain item: Along with the access group, each Keychain item contains administrative metadata (such as “created” and “last updated” timestamps). It also contains SHA-1 hashes of the attributes used to query for the item (such as the account and server name) to allow lookup without decrypting each item. And finally, it contains the encryption data, which includes the following: • Version number • Access control list (ACL) data • Value indicating which protection class the item is in • Per-item key wrapped with the protection class key • Dictionary of attributes describing the item (as passed to SecItemAdd), encoded as a binary plist and encrypted with the per-item key The encryption is AES 128 in GCM (Galois/Counter Mode); the access group is included in the attributes and protected by the GMAC tag calculated during encryption.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 NSDestr0yer
Solution 2 sundance

Related Questions

Autoshrink setting for UIButton in Storyboard

Find all available images for Image(systemName:) in SwiftUI

Save string to the NSUserDefaults?

UITextField Autocomplete?

iOS Charts - Bar Chart repeating labels on X axis

Debug embedded browser view in native Facebook iOS app

Xcode Import For Localizations Missing Resource in Import error

How long can an iPhone app live in the background?

UIPageViewController swipe ignores SwiftUI's navigationBarHidden(true)

About using Swiftz library issues(Functional programing)

Force AutoFill Save Password dialog programmatically

building for iOS Simulator, but linking in object file built for iOS

ERROR: Runner.xcworkspace does not exist. error implementing google maps

ERROR: Runner.xcworkspace does not exist. error implementing google maps

AutoLayout Equal Heights hides Subviews