Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

iOS Keychain - what is the difference between kSecClassGenericPassword and kSecClassInternetPassword?

I have some code that stores data in keychain. The code is working during unit testing. The value that I store is Data However, when I specify

 kSecClass : kSecClassGenericPassword, I get OSStatus 0 - success
 kSecClass : kSecClassInternetPassword, I get OSStatus -25303

What are the storage requirements or differences between kSecClassGenericPassword and kSecClassInternetPassword? (Same code fails with kSecClassInternetPassword)

Update: potentially the internet password query was missing one of the required fields, like kSecAttrServer,not kSecAttrService

like image 718
Alex Stone Avatar asked Apr 01 '19 13:04

Alex Stone


1 Answers

"Internet passwords" are somewhat specialized records for Safari. They include host and user data that make them easier to look when you're storing hundreds of records for an unknown list of sites. They are almost never what anything other than a browser wants.

In almost all cases what apps want in order to store data is "generic password," no matter what you're storing, even if it's not a password. "Generic password" is basically "blob of encrypted data." (If your app needs to store public/private keys or certificates, then the applicable classes are useful for that, but this is less common than storing "blobs of encrypted data.")

like image 101
Rob Napier Avatar answered Sep 30 '22 13:09

Rob Napier