10

I have some code that stores data in keychain. The code is working during unit testing. The value that I store is Data However, when I specify

 kSecClass : kSecClassGenericPassword, I get OSStatus 0 - success
 kSecClass : kSecClassInternetPassword, I get OSStatus -25303

What are the storage requirements or differences between kSecClassGenericPassword and kSecClassInternetPassword? (Same code fails with kSecClassInternetPassword)

Update: potentially the internet password query was missing one of the required fields, like kSecAttrServer,not kSecAttrService

Alex Stone
  • 46,408
  • 55
  • 231
  • 407

1 Answers1

14

"Internet passwords" are somewhat specialized records for Safari. They include host and user data that make them easier to look when you're storing hundreds of records for an unknown list of sites. They are almost never what anything other than a browser wants.

In almost all cases what apps want in order to store data is "generic password," no matter what you're storing, even if it's not a password. "Generic password" is basically "blob of encrypted data." (If your app needs to store public/private keys or certificates, then the applicable classes are useful for that, but this is less common than storing "blobs of encrypted data.")

Rob Napier
  • 286,113
  • 34
  • 456
  • 610
  • Just to clarify - do you mean that the query to store something in kSecClassInternetPassword requires some additional parameters which are missing? – Alex Stone Apr 02 '19 at 12:50
  • 1
    Yes, I think Server is mandatory, and probably Account. It's been a very long time since I've tried to use it (because it's generally not useful). – Rob Napier Apr 02 '19 at 12:54
  • I have updated the question with a possible missing key – Alex Stone Apr 02 '19 at 13:12
  • I'm using react-native-keychain and stumbled upon the same question. There's no proper Apple documentation explaining what is internet password. – Param Singh May 25 '22 at 14:22