Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What would happen if kSecAttrIsPermanent is set to NO?

What is the usage of the kSecAttrIsPermanent attribute when using Apples libcommonCrypto.dylib on iOS?

Apples documentation says:

The corresponding value is of type CFBooleanRef and indicates whether this cryptographic key is to be stored permanently.


What is the reason not to store something permanently in the keychain and how long will it be stored then? (until reboot? until app is closed? until app is uninstalled?)

like image 690
miho Avatar asked Feb 06 '14 13:02

miho


1 Answers

It's a parameter used within SecKeyGeneratePair when generating keys.

From the Certificate, Key, and Trust Services Reference

kSecAttrIsPermanent — If this key is present and has a Boolean value of true, the key or key pair is added to the default keychain.

In this context, if you provide this parameter and it is false, then you'll receive the keys in memory, but it won't be persisted to the keychain (on disk). It'll last for however long you keep a hold of it whilst the application is still running, unless you persist it yourself afterwards.

like image 149
WDUK Avatar answered Sep 22 '22 03:09

WDUK