Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to delete all keychain items accessible to an app?

I have stray keychain items on iOS (probably written by old version of app) that I need to delete. Is there an easy way to achieve this?

like image 831
sqreept Avatar asked Dec 29 '12 21:12

sqreept


People also ask

Can I delete all of my keychains on a Mac?

In the Keychain Access app on your Mac, if your keychains aren't visible, choose Window > Keychain Access. Select a keychain in the Keychains list. Choose File > Delete Keychain [keychain name]. Click Delete References.

How do I remove app data from Iphone Keychain?

Click Finder > Go > Utilities > Keychain Access. 2) In Keychain Access, select the Passwords category on the left to review the list of sites and services for which you've saved a password. 3) Right-click the service you want to edit/remove, then left-click Delete.


7 Answers

Do it for all classes

Objective-C:

NSArray *secItemClasses = @[(__bridge id)kSecClassGenericPassword,                        (__bridge id)kSecClassInternetPassword,                        (__bridge id)kSecClassCertificate,                        (__bridge id)kSecClassKey,                        (__bridge id)kSecClassIdentity]; for (id secItemClass in secItemClasses) {     NSDictionary *spec = @{(__bridge id)kSecClass: secItemClass};     SecItemDelete((__bridge CFDictionaryRef)spec); } 

Swift:

let secItemClasses = [kSecClassGenericPassword, kSecClassInternetPassword, kSecClassCertificate, kSecClassKey, kSecClassIdentity] for itemClass in secItemClasses {     let spec: NSDictionary = [kSecClass: itemClass]     SecItemDelete(spec) } 
like image 107
Daij-Djan Avatar answered Oct 04 '22 18:10

Daij-Djan


Xamarin iOS version (MonoTouch) of accepted answer on How to delete all keychain items accessible to an app is below:

foreach (var recordKind in new []{
                SecKind.GenericPassword,
                SecKind.Certificate,
                SecKind.Identity,
                SecKind.InternetPassword,
                SecKind.Key,
            })
    {
          SecRecord query = new SecRecord(recordKind);
          SecKeyChain.Remove(query);
    }

If you want to make sure you indeed delete the records, you may during development check number of items in KeyChain of specific kind before and after with this code:

SecStatusCode scc;
var records = SecKeyChain.QueryAsRecord(new SecRecord(SecKind.GenericPassword), 1000, out scc);
like image 43
Alex Sorokoletov Avatar answered Oct 04 '22 20:10

Alex Sorokoletov


I rewrote Daij-Djan's answer in Swift:

let secItemClasses = [kSecClassGenericPassword,
    kSecClassInternetPassword,
    kSecClassCertificate,
    kSecClassKey,
    kSecClassIdentity]
for secItemClass in secItemClasses {
    let dictionary = [kSecClass as String:secItemClass]
    SecItemDelete(dictionary as CFDictionary)
}
like image 33
Jim Rhoades Avatar answered Oct 04 '22 20:10

Jim Rhoades


Swift version

import Foundation
import Security


public class Keychain: NSObject {
  public class func logout()  {
    let secItemClasses =  [
      kSecClassGenericPassword,
      kSecClassInternetPassword,
      kSecClassCertificate,
      kSecClassKey,
      kSecClassIdentity,
    ]
    for itemClass in secItemClasses {
      let spec: NSDictionary = [kSecClass: itemClass]
      SecItemDelete(spec)
    }
  }
}

usage:

Keychain.logout()
like image 30
ScottyBlades Avatar answered Oct 04 '22 18:10

ScottyBlades


Thanks to Daij-Djan I got to this solution:

for (id secclass in @[
     (__bridge id)kSecClassGenericPassword,
     (__bridge id)kSecClassInternetPassword,
     (__bridge id)kSecClassCertificate,
     (__bridge id)kSecClassKey,
     (__bridge id)kSecClassIdentity]) {
    NSMutableDictionary *query = [NSMutableDictionary dictionaryWithObjectsAndKeys:
                                  secclass, (__bridge id)kSecClass,
                                  nil];

    SecItemDelete((__bridge CFDictionaryRef)query);        
}
like image 33
sqreept Avatar answered Oct 04 '22 20:10

sqreept


You could take a look at the KeyChain Access application found in the Utilities folder. If you launch the application and click on "All Items," it should display all the items you have created with this specific computer. The developer ones usually start with com.

like image 38
AgnosticDev Avatar answered Oct 04 '22 18:10

AgnosticDev


Unfortunately all answers of this question seem to be outdated (since iOS 7.0+) as they do not delete keychain entries that have the kSecAttrSynchronizable flag set (allow synchronization to other devices through iCloud).

To delete such entries it is crucible to add an entry to the delete query specifying kSecAttrSynchronizable: kSecAttrSynchronizableAny:

let secItemClasses = [kSecClassGenericPassword,
    kSecClassInternetPassword,
    kSecClassCertificate,
    kSecClassKey,
    kSecClassIdentity]
for secItemClass in secItemClasses {
    let query: NSDictionary = [
        kSecClass as String: secItemClass,
        kSecAttrSynchronizable as String: kSecAttrSynchronizableAny
    ]
    SecItemDelete(query)
}
like image 26
JMax Avatar answered Oct 04 '22 18:10

JMax