How to disable keychain data recovery from iCloud backup

Question

How to disable keychain data recovery from iCloud backup

0x1306a94 opened this issue 2 years ago · 2 comments

Device A creates a token write through the following options

kSecAttrAccessible = kSecAttrAccessibleAlwaysThisDeviceOnly
kSecAttrSynchronizable = kSecAttrSynchronizableAny

Device A creates an iCloud backup
Device B erases or reflashes the firmware
Device B selects the iCloud backup created by Device A to restore
After the recovery of Device B is completed, the application can read the token written by Device A
I want to disable the ability to read tokens created by other devices after restoring from the iCloud backup of other devices, what should I do?

Answer 1 · 2022-06-25T09:39:21.000Z

Hey, did you try to just disable the iOS cloud sync for your local on Device A via KeychainSwift?

let keychain = KeychainSwift()
keychain.synchronizable = false

https://github.com/evgenyneu/keychain-swift#synchronizing-keychain-items-with-other-devices

Answer 2 · 2022-07-06T05:58:20.000Z

Hey, did you try to just disable the iOS cloud sync for your local on Device A via KeychainSwift?
let keychain = KeychainSwift()
keychain.synchronizable = false
https://github.com/evgenyneu/keychain-swift#synchronizing-keychain-items-with-other-devices

@matthiastz

still the same
From the actual results, synchronization should not be equal to backup recovery