keychain keys are not cleared
ihassanalattas opened this issue · 5 comments
When I uninstall the app and reinstall it again the keys are still exists
- Library setup method: Swift Package Manager.
- Version of the library: 19.0.0.
- Xcode version: 12.0 (12A7209).
- OS version: iOS 14.0.
HI @ihassanalattas, thanks for reporting this. I noticed this as well, Keychain is not removed when the app is uninstalled.
Is this a bug, or is it the way the keychain is supposed to work? I am not an expert in keychain, so forgive my naiveté.
The keychain is designed to distribute across iCloud, so I assume that it has some persistence.
Not sure if it's a bug or a feature of Keychain. It persists locally after the app is removed, so probably not related to iCloud.
That's how the Keychain works.
If you want your Keychain values to be tied to an app install you need to add a salt to your key and store that locally. This way you lose access to the key when the app is removed.
The general idea is:
let baseKey = UUID().uuidString
UserDefaults.standard.setValue(baseKey, forKey: "jwtKeyBase")
keychain.set(token, forKey: "jwt-\(baseKey)")
That said, it could be a nice feature for this package to provide this option of a two-stage key.
This Apple Developer forums thread has more information related to what @josh150 wrote above.