Jump to content
Welcome to our new Citrix community!
  • 0

Handling of iOS KeyChain


Markus Bosch

Question

Our iOS app stores data in files and in the keychain. The app has a wipe functionality. When a user enters the password of the app wrong,

a counter is counted up and stored in the keychain. In case, the number of attempts is over the limit, the app wipes all data from the app to prevent guessing of the password. Following code is part of the deletion routine.

 

SecItemDelete((__bridge CFDictionaryRef)[NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)kSecClassGenericPassword, kSecClass, nil]);

SecItemDelete((__bridge CFDictionaryRef)[NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)kSecClassCertificate, kSecClass, nil]);

SecItemDelete((__bridge CFDictionaryRef)[NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)kSecClassIdentity, kSecClass, nil]);

 

From the behavior of the app in combination with your MDM, we can deduce that the following lines of code that clean out the keychain do not work as expected. The values remain somehow in the keychain. Without the MDM, the functionality works as expected.

Link to comment

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...