2

I have implemented KeyChainWrapper class and stored NSData object into KeyChain.

Now my worry is about security, about the identifier which I have used for storing the keychainItem data.

I tried accessing the data from another application using same identifier, I was able access the information. I tried this on iOS 6 simulator.

How can I ensure keychain data that my app is storing should not be accessible to other applications on the same device?

halfer
  • 19,824
  • 17
  • 99
  • 186
Srivathsa
  • 606
  • 10
  • 34
  • are you storing sensitive data like password in keychain? or what you are storing in keychain may be i can tell you better and easy way to store rather than key chain. if you specially want to store in keychain then also let me know. – Anurag Soni Aug 22 '13 at 11:53
  • I am not storing password. I will get some set of keys from server which are needed by my iPad client application to execute further operations. I want to provide high security in this case. Please let me know if you get any better solution for the same purpose. – Srivathsa Aug 22 '13 at 13:40

1 Answers1

3

This is a restriction of the iOS Simulator, which uses a single SQLite database keychain-2-debug.db in

Library/Application Support/iPhone Simulator/<version>/Library/Keychains

for all applications, and all apps have access to all Keychain data.

On the device, each app has only access to its own Keychain data (or that of its access group).

Martin R
  • 529,903
  • 94
  • 1,240
  • 1,382
  • I heard there is some setting like access group id which we need to set in our keychainwrapper. If so Can you give a snippet of code how to restrict the data from other applications. Sorry to confirm again but I am in last phase of my delivery. – Srivathsa Aug 22 '13 at 13:38
  • 1
    @Sivannarayana: Sorry, I do not have code at this moment. Perhaps this helps: http://stackoverflow.com/questions/11793271/keychain-group-access-to-share-data-between-my-existing-applications. - IN ANY CASE: Your keychain data is always protected from foreign applications on the device. Access groups are only needed if you want to share Keychain data between two or more or *your applications*. It works only for apps from the same vendor. – Martin R Aug 22 '13 at 13:49
  • what happens with jailbreak though? – Panagiotis Nov 04 '13 at 10:10
  • @Panagiotis: I have no experience with jailbreaks. – Martin R Nov 04 '13 at 10:37
  • Figured it out! Just for information purpose, if anyone hooks to your app, everything is allowed! – Panagiotis Nov 06 '13 at 19:47