How to share keychain data between iOS applications
IphoneIpadIos4SharedKeychainIphone Problem Overview
I am describing a problem for which it took me quite some time to learn the answer.
The "[GenericKeychain][1]" example is a good start at providing a wrapper for sharing keychain data between applications when using the accessGroup in the init.
However, implementing this in my app yielded an obscure error code (which took forever to locate) -25243, which means: No access control.
I ran Apple's example app (GenericKeychain) on my iPad only to get the same error. Huh?
Does Apple's documentation fail to deliver on what is necessary to accomplish this?
[1]: http://developer.apple.com/library/ios/#samplecode/GenericKeychain/Introduction/Intro.html "GenericKeychain"
Iphone Solutions
Solution 1 - Iphone
After some (a lot of) digging throughout the web, I found the answer. The access Group that you use when constructing your KeychainItemWrapper class must ALSO be specified in each of your application's Entitlements.plist file in the "keychain-access-groups" section.
It seems almost obvious now that I see "keychain-access-groups". However, I had no idea to even look there. Hope this helps others.
Solution 2 - Iphone
Actually it's not hard to do. Please follow the steps.
App1:
-
Open your App's target Capabilities and enable KeyChain Sharing.
-
Add a identifier. (eg : com.example.sharedaccess)
-
Add "UICKeyChainStore" to your project.
-
Be sure you have a team id added to your App1 project.
-
Add Security.framework to your App1 project.
-
And add these codes to somewhere you need.
[UICKeyChainStore setString:@"someValue" forKey:@"someKey" service:@"someService"];
App2:
-
Open your App's target Capabilities and enable KeyChain Sharing.
-
Add a identifier. (eg : com.example.sharedaccess)
-
Add "UICKeyChainStore" to your project.
-
Be sure you have a team id added to your App2 project.
-
Add Security.framework to your App2 project.
-
And add these codes to somewhere you need.
NSString *string = [UICKeyChainStore stringForKey:@"someKey" service:@"someService"];
-
Your TeamIDs should be same for both projects.
-
I tried these steps on a real iPhone device.
-
I also tried these steps with Automatic and iOs Development provisioning profile.
-
My apps' bundle identifiers were like that : com.example.app1, com.example.app2.