##AHKeychain ####Objective-c Class for managing OSX keychains and keychain items.
This is project is a derivative of SSKeychain https://github.com/soffes/sskeychain/
There are four enhancements of this project
-
It lets the user specify which keychain work with, such as the system keychain or a keychain on an external drive/SD card.
-
The other added feature is the ability to specify an Array of trusted apps granted access to the keychain item.
-
This also gives you the ability to change the keychain's password .
-
The other minor improvement is that it actually updates the keychain item using SecItemUpdate(). SSKeychain actually deletes and re-adds the keychain item which can cause peculiar behavior when an app is not code signed and has proper entitlements.
##Working with a specific keychain. #####To specify the default login keychain
AHKeychain *keychain = [AHKeychain loginKeychain];
#####To specify the system keychain
to write to this keychain you application must run as root
AHKeychain *keychain = [AHKeychain systemKeychain];
#####To specify a keychain at a particular path (external drive)
AHKeychain *keychain = [AHKeychain keychainAtPath:@"/Volumes/MyExternalHD/Library/Keychains/myextkc.keychain"];
#####To create a new user keychain
AHKeychain *keychain = [AHKeychain alloc]initCreatingNewKeychain:@"Test Keychain"
password:@"realfakepsswd"];
#####To remove the keychain file. It's Destructive!
*calling this method on either the login keychain or the system keychain will fail
[keychain deleteKeychain];
##Modifying a keychain item.
#####To add/update an item
AHKeychainItem *item = [AHkeychainItem alloc] init];
item.service = @"com.eeaapps.test";
item.account = @"myusername";
item.label = @"AHKeychain Test Keychain Item";
item.password = @"mysecretpass";
// also if you want to allow other app to access the keychain item
NSArray *trustedApps = [NSArray arrayWithObjects:@"/Applications/Mail.app",
@"/Applications/Preview.app",
nil];
item.trustedApplications = trustedApps;
[keychain saveItem:item error:&error];
#####To get an item's password
AHKeychainItem *item = [AHkeychainItem alloc] init];
item.service = @"com.eeaapps.test";
item.account = @"myusername";
[keychain getItem:item error:&error];
NSLog(@"The Password is %@",item.password);
#####To remove a keychain item
AHKeychainItem *item = [AHkeychainItem alloc] init];
item.service = @"com.eeaapps.test";
item.account = @"myusername";
[keychain deleteItem:item error:&error];
==== ##Class Methods for convenience there are two keychain constants that refer to standard keychains
kAHKeychainLoginKeychain
kAHKeychainSystemKeychain
You can use either of these, or specify a full path to the keychain file in the following methods
#####Setting a password
[AHKeychain setPassword:@"mysecretpass"
service:@"com.eeaapps.testkc"
account:@"myusername"
keychain:kAHKeychainLoginKeychain
error:&error];
#####Getting a password
NSError *error;
NSString *password = [AHKeychain getPasswordForService:item.service
account:item.account
keychain:kAHKeychainLoginKeychain
error:&error];
NSLog(@"The Password is %@",item.password);
See AHKeychain.h and AHKeychainItem.h for more info.