5

I'm using this method in order to retrieve a saved value (and using SecItemAdd to add it originally):

+ (NSData *)passwordDataForService:(NSString *)service 
        account:(NSString *)account error:(NSError **)error {

    CFTypeRef result = NULL;    
    NSMutableDictionary *query = [self _queryForService:service account:account];

    [query setObject:(__bridge id)kCFBooleanTrue 
        forKey:(__bridge id)kSecReturnData];
    [query setObject:(__bridge id)kSecMatchLimitOne 
        forKey:(__bridge id)kSecMatchLimit];
    status = SecItemCopyMatching((__bridge CFDictionaryRef)query, &result);

    if (status != noErr && error != NULL) {
        *error = [NSError errorWithDomain:kSSKeychainErrorDomain code:status 
            userInfo:nil];
        return nil;
    }

    return (__bridge_transfer NSData *)result;
}

This code is working fine for most users, but a small percentage of my users (< 1%) are experiencing results indicating that either the read or write here is failing. My code unfortunately swallows any errors (i.e. doesn't log them anywhere when they occur) so I can't tell why it's failing out in the world, and I can't reproduce the problem at all on any of my development devices.

Does anyone know of any security/permissions settings that can be enabled on an iOS device that could cause SecItemAdd or SecItemCopyMatching to fail? I've tried turning on passcode locking, but that seems to have no effect.

MusiGenesis
  • 74,184
  • 40
  • 190
  • 334
  • [Passing `NULL` for the 2nd arg in `SecItemAdd` fails](http://stackoverflow.com/questions/10038885/objective-c-secitemadd-has-errorexc-bad-access-first-time-and-errsecduplica/19319848#19319848) (crashes in fact) when you have `KSecReturnData` set as TRUE – bobobobo Oct 11 '13 at 17:40
  • Any luck with this? I'm experiencing a similar issue, where CopyMatching doesn't find something, but when I try to add something it says it already exists. – WDUK Mar 13 '14 at 14:52
  • @WDUK: sorry, I don't even remember asking this question, or what I was working on at the time. I probably solved the problem by leaving it for somebody else to deal with. – MusiGenesis Mar 14 '14 at 12:08
  • @MusiGenesis No worries, I posted a question earlier today: http://stackoverflow.com/questions/22403734/keychain-item-reported-as-errsecitemnotfound-but-receive-errsecduplicateitem-o Fingers crossed someone sees it! – WDUK Mar 14 '14 at 12:13

0 Answers0