Hi guys, I've been struggling with this problem for few days now:
I create a custom keychain and then I save a password inside it this way:
What I would like to do now is to make the added someItem accessible by any application that knows the keychainPass without prompting the user to allow. So I tried it this way:
But:
I know that this has to be possible, because when I import the newly created keychain into the Keychain Access OS X app and I mark the properties of someItem to be accessible by any application, the prompt is gone and everything works. What I don't know is how to achieve this programatically. I realize this might be a silly question, but I don't know what to do. Could you help me with this?
I create a custom keychain and then I save a password inside it this way:
Code:
SecKeychainRef someKeychain; //keychain reference
SecKeychainItemRef someItem; //keychain key item reference
SecKeychainCreate([keychainPath UTF8String], (UInt32)strlen(keychainPass), keychainPass, FALSE, NULL, &someKeychain);
SecKeychainAddGenericPassword(someKeychain, (UInt32)strlen(someServiceName), someServiceName, (UInt32)strlen(someAccountName), someAccountName, (UInt32)strlen(encryptedPass), encryptedPass, &someItem);What I would like to do now is to make the added someItem accessible by any application that knows the keychainPass without prompting the user to allow. So I tried it this way:
Code:
SecACLRef aclList;
SecAccessRef itemAccessRef;
uid_t userid = 0;
gid_t groupid;
CFArrayRef aclListArr;
SecACLRef newAcl;
SecKeychainItemCopyAccess(someItem, &itemAccessRef);
SecAccessCopyOwnerAndACL(itemAccessRef, &userid, &groupid, (UInt32*)kSecUseOnlyUID, &aclListArr);
SecACLCreateWithSimpleContents(itemAccessRef, NULL, (__bridge CFStringRef)@"someTagName", kSecKeychainPromptInvalid, &newAcl);But:
- I don't know if the function SecACLCreateWithSimpleContents is the right way to achieve this at all
- If it is, I don't know how to write the ACLlist created with it back to someItem
- I don't know how to work with these CFArrays it returns (I'm an objective-c beginner)
I know that this has to be possible, because when I import the newly created keychain into the Keychain Access OS X app and I mark the properties of someItem to be accessible by any application, the prompt is gone and everything works. What I don't know is how to achieve this programatically. I realize this might be a silly question, but I don't know what to do. Could you help me with this?