iOS SFHFKeychainUtils failing *sometimes* with error -25308 errSecInteractionNotAllowed
I have this code getting back a password from the keychain for a given username NSString:
NSError *error = nil; NSString *appName = [[[NSBundle mainBundle] infoDictionary] objectForKey:(NSString*)kCFBundleNameKey]; NSString *pw = [SFHFKeychainUtils getPasswordForUsername:username andServiceName:appName error:&error]; if(error != nil) // log the error
Most of the time for most users this all works fine – but for some specific users this call seems to fail (and carry on failing) where it returns the following error:
The operation couldn’t be completed. (SFHFKeychainUtilsErrorDomain error -25308.)
This is apparently errSecInteractionNotAllowed – which from what I’ve read I think this means some kind of user interaction is required for the keychain to be accessed.
Does anyone have any idea why this call may be failing for some specific users only? This keychain entry is specific to my app – so why would any user interaction be required to access it?
Any pointers much appreciated…
- IOS data notifications with FCM
- My iPhone app is still in “test ads” status even after ready for sale
- Can't move UILabel's Y position with Autolayout “on” in view
- IOS - remove ALL padding from UITextView
- How to format localised strings in Swift?
- Redbar Noticed when dismissing UIImagePickerController
Solutions Collect From Internet About “iOS SFHFKeychainUtils failing *sometimes* with error -25308 errSecInteractionNotAllowed”
OK so I worked this out finally.
Eventually I worked out the users who were having problems had set a lock code on their phone. If the phone was locked the keychain system was returning this -25308 error.
If you only ever need to access the keychain when the app is active in the forground you would never see this issue – but if you need to carry on processing when the phone is locked or if the app is in background then you would see it.
Elsewhere I’d read that the default access attribute for the kechain system is kSecAttrAccessibleAlways – but I think that is out of date. It seems the default access attribute for the keychain system is such that when the phone is locked with a pin code then the items are unavailable.
The fix for this is to change the SFHFKeychainUtils code to set a specific kSecAttrAccessible attribute on the keychain items it manages (which the original code did not do – presumably as it pre-dated these attributes).
This wordpress updated version of the SFHFKeychainUtils code has the fixes in it – search for kSecAttrAccessible to see where they have added the accessible attribute code.
Hope this helps anyone else running into this…
- Does Xcode 4 install git?
- What's difference between NSPhotoLibraryAddUsageDescription and NSPhotoLibraryUsageDescription?
- How many ways to pass/share data b/w view controller
- Swift 3 GCD lock variable and block_and_release error
- show progress bar until video loads IOS7
- Constraining proportions of GUI elements in Spritekit game
- iOS GCD custom concurrent queue execution sequence
- How do I retrieve accelerometer data correctly with Swift in iOS?
- Including custom data into iOS crash dumps
- Does UIImageView cache images?
- Core Data memory usage while importing large dataset
- How do I (successfully) set a maskView to a UIView?
- Wrong specialized generic function gets called in Swift 3 from an indirect call
- What is the pragma mark substitute in .strings file in xcode?
- Xcode / Cocoa : What are the differences between debug and release builds?