-
Notifications
You must be signed in to change notification settings - Fork 74
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Would there be any benefit in providing a "resetKeychain" API (or similar)? #15
Comments
This is useful specially for acceptance tests. |
I agree that this would be very useful, but I worry that it would introduce a security vulnerability. FXKeychain does not allow you to retrieve an arbitrary list of all keys within the keychain; you have to request a specific key (I assume this is due to an underlying, intentional limitation by Apple). If this were possible, any third-party libraries linked with the binary could silently poll the keychain for all keys and phone the values home, which would be a huge security issue. At first it seems like the trade off probably isn't worth it, but when you consider that the keychain isn't wiped even if you delete an app (yes, even on iOS), it starts to feel like this is something that should be addressed. |
Security isn't an issue on iOS since each has its own sandboxed keychain. On Mac it would be, but ultimately that's up to the developer and Apple to worry about. My bigger concern is the first point - how to actually retrieve a list of all keys in the chain so I can wipe them? |
Bottom line, it would not be immediately backward-compatible with existing keys, but you could maintain a set of all keys within the keychain itself whenever a value is accessed/mutated. For example, when running Before any read/write from/to the keychain, you would check NSUserDefaults for the Boolean key For the sake of transparency, the security issue is that your entire binary, including any open source projects you may be using, will have access to all of the keys by looking at the value of that constant key. Because of that, you should block any attempts to read/write to that key through FXKeychain itself; not foolproof, but it helps. If you like this idea but can't find the time to implement it, let me know and I'll see if I can put in a pull request. |
All of that seems unnecessary. The easiest way to reset the keychain for a particular app (on iOS at least) is simply to perform a general query of all keychain item types and then call SecItemDelete() on the result. |
It would be convenient to be able to do:
instead of having to manually delete each key for a given keychain service.
(This probably wouldn't make sense to allow on the default keychain).
The text was updated successfully, but these errors were encountered: