Two applications sharing keychain data works fine in iOS simulator but not in device

Question

I am trying to access keychain data set by an application from another application with the same identifier(same profile). I used this link to achieve this.

The saving of keychain data is happening properly, I get errSecSuccess for the below statment (both in simulator and device)

OSStatus status = SecItemAdd((CFDictionaryRef)dictionary, NULL);

So far so good, but when I am trying to fetch back the credentials that my app A saved in another app B it works differently in simulator and device.

In iOS simulator 6.1 I get status as '0' for the below statement.

 OSStatus status = SecItemCopyMatching((CFDictionaryRef)searchDictionary, &foundDict);

In any iOS device I get the status as '-25300'.

I know these are the error codes that are in the security framework:

//errSecSuccess                = 0,       /* No error. */
//errSecUnimplemented          = -4,      /* Function or operation not implemented. */
//errSecParam                  = -50,     /* One or more parameters passed to a function where not valid. */
//errSecAllocate               = -108,    /* Failed to allocate memory. */
//errSecNotAvailable           = -25291,  /* No keychain is available. You may need to restart your computer. */
//errSecDuplicateItem          = -25299,  /* The specified item already exists in the keychain. */
//errSecItemNotFound           = -25300,  /* The specified item could not be found in the keychain. */
//errSecInteractionNotAllowed  = -25308,  /* User interaction is not allowed. */
//errSecDecode                 = -26275,  /* Unable to decode the provided data. */
//errSecAuthFailed             = -25293,  /* The user name or passphrase you entered is not correct. */

and I get it the item is not found, but why different in device and simulator.

Answer 1

To my knowledge the Keychain groups you deal with in your application are not shared by default across other Apps on the system. If this were the case it would mean that if you managed to find the group of another App you could steal their private Keychain items invalidating the security that Keychain provides.

As a result, there is a concept knows as Keychain Access Groups that allows for the public definition of a keychain group that you would like to share across your Apps. The documentation states:

Enabling keychain sharing allows your app to share passwords in the keychain with other apps developed by your team

So be aware that you can only share keychain items with other applications from the same developer (i.e. your other Apps).