PDA

View Full Version : Retrieve password from keychain SecKeychainFindGenericPassword




Turbo-555
Jun 20, 2008, 08:07 AM
Hello guys!!


I starting to program on the iPhone (and I'm new at programming on macs too...).


I'm encountering some problems retrieving a password from the keychain..

I managed to store it (at least it's what I can guess, until I have a confirmation..:) ) using:

OSStatus ss= SecKeychainAddGenericPassword(NULL, 13, "TokenPassword", 10, "MyUserAcct", [firstCheck length], firstCheck, NULL);
where firstCheck is a NSString..



now I trying to read that same password with:
OSStatus ss= SecKeychainFindGenericPassword(NULL, 13, "TokenPassword", 10, "MyUserAcct", &l, pwdData, itemRef);

where:
UInt32 l;
void **pwdData; (this doesn't feel right...is it right?)
SecKeychainItemRef *itemRef;


The code compiles without warnings or else..but when I run the app and get there...in the console I get this message:

"Loading program into debuggerů
GNU gdb 6.3.50-20050815 (Apple version gdb-960) (Sun May 18 18:38:33 UTC 2008)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-apple-darwin".warning: Unable to read symbols for "/System/Library/Frameworks/UIKit.framework/UIKit" (file not found).
warning: Unable to read symbols from "UIKit" (not yet mapped into memory).
Program loaded.
sharedlibrary apply-load-rules all
Attaching to program: `/Users/fra/Library/Application Support/iPhone Simulator/User/Applications/BD7CD692-303E-4342-AB3D-4323236D3766/Login.app/Login', process 3584."



but if I write:
OSStatus ss= SecKeychainFindGenericPassword(NULL, 13, "TokenPassword", 10, "MyUserAcct", NULL, NULL, NULL);
I don't get any problem...



does anyone now where I'm doing wrong?
feel free to insult me, after all I'm a newbie :D:D



gnasher729
Jun 25, 2008, 07:30 AM
Look at the parameter list of SecKeychainAddGenericPassword. The password is passed in as a number of bytes, plus a pointer to the actual data. Your first parameter is the length which is a number of characters (you may actually need more bytes) and a pointer to an NSString (which is not a pointer to the password data).

I recommend you use a function like CFStringGetCString to extract the password; use an encoding like UTF8 so that the user can type anything in their password that they want. Then pass strlen (theCString) and the C string itself. Same method to get the password back; you can then create an NSString from the string data you received.

Turbo-555
Jun 25, 2008, 01:04 PM
Look at the parameter list of SecKeychainAddGenericPassword. The password is passed in as a number of bytes, plus a pointer to the actual data. Your first parameter is the length which is a number of characters (you may actually need more bytes) and a pointer to an NSString (which is not a pointer to the password data).

I recommend you use a function like CFStringGetCString to extract the password; use an encoding like UTF8 so that the user can type anything in their password that they want. Then pass strlen (theCString) and the C string itself. Same method to get the password back; you can then create an NSString from the string data you received.


Ok...but...my problem is that the program crashes when I call SecKeychainFindGenericPassword...it doesn't say the password is wrong or anything else..it just crashes...even if I used the parameter like the APIs show (so I think...) so it should be a problem of memory...is it possible that the iphone simulator isn't able to use SecKeychainFindGenericPassword and I need to try it on the device??



I'll try your solution too...

Sbrocket
Jun 25, 2008, 01:31 PM
SecKeychainAddGenericPassword() doesn't exist on the iPhone or iPod touch (though it should on the Simulator). There is a different (and much more limited) set of security tools available for the iPhone, and you should take a look at the GenericKeychain example from the docs to get an idea of how to use the keychain on the phone.

The problem with this, of course, is that you then can't test your application on the Simulator. You could, in turn, write different code for the Simulator and the Device (which is what people that want to test with the Simulator but use the keychain do).

On that note, I wouldn't just ignore gnasher729's comments. Eliminating the currently recognized problem (by doing what he recommended, since you aren't currently using SecKeychainAddGenericPassword() and SecKeychainFindGenericPassword() correctly, means that we can look at other possible problems.

Turbo-555
Jun 25, 2008, 02:03 PM
SecKeychainAddGenericPassword() doesn't exist on the iPhone or iPod touch (though it should on the Simulator). There is a different (and much more limited) set of security tools available for the iPhone, and you should take a look at the GenericKeychain example from the docs to get an idea of how to use the keychain on the phone.

The problem with this, of course, is that you then can't test your application on the Simulator. You could, in turn, write different code for the Simulator and the Device (which is what people that want to test with the Simulator but use the keychain do).

On that note, I wouldn't just ignore gnasher729's comments. Eliminating the currently recognized problem (by doing what he recommended, since you aren't currently using SecKeychainAddGenericPassword() and SecKeychainFindGenericPassword() correctly, means that we can look at other possible problems.


oh ****...


then that's my problem!! it doesn't exist on the iphone!!


I'll take a closer look to the generickeychain example ;)

it works on the simulator....probably because xcode uses the system's frameworks...when needed...



thanks! ;)