Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

What to do when there is no "default" keychain

Sorry if I missed something obvious, but after spending some time looking on-line in Apple docs and mail list archives, I fail to get clear answer to following question:

Apple docs talking about "login" keychain and "default" keychain as two separate entities. Apple mentions that "usually" "login" keychain is "default" keychain, but obviously it does not have to be true all the time (In "Keychain Access" you can apply "Make default keychain" action to ANY(almost any) keychain). Now, there is no "un- make default" action, but by creating new keychain, making it default and then deleting it, it is possible to get to situation when there is not "default" keychain. Now, the problem is what to do if your application needs to save piece of secure information, but does not wont to create new keychain. I used to rely on "SecKeychainCopyDefault" to get "default" keychain and than use this keychain to store what ever I need to store. It looks like it is far from been bulletproof ( there is even special error code -25307 : "A default keychain does not exist". to react on situation when there is no default keychain). So what else left to do? There is no "SecKeychainCopyLogin" API and I think one can not expect to find "login" keychain always in ~/Library/Keychains/login.keychain (The fact that login.keychain does not have to be in ~/Library/Keychains made me switch to "SecKeychainCopyDefault" in a first place ). Will passing "nil" in place of keychain in APIs like SecKeychainFindInternetPassword/SecKeychainItemCreateFromContent will work in situation where there is NO default keychain?

	Your comments on this subject will be highly appreciated,

Andrei Tchijov

P.S. On a separate but related subject, I have a customer who some how end-up in the "no default keychain" situation (My application gets -25307 from SecKeychainCopyDefault and none of keychains shown in "bold" in "Keychain Access"). However, when he is trying to apply "make default keychain" to his login keychain, he can not. The menu item is grayed out. So the question is: what could prevent "make default keychain" action from been available and how to fix it ( "keychain first aid" does not report any problems with his setup).
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden

This email sent to email@hidden


Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.