OS X Keychain access using C/C++

About

Asked 12/11, 2019 at 23:34 Answered 14/11, 2019 at 5:42

I am trying to write a simple test application to access OS X keychain. Add/Update/Delete an entry using C/C++. I am just testing whether I can use this in a larger C/C++ code base that we have, where we need a secure secret storage, hence the language requirements.

I looked up the API that Apple has on this but that is mostly in Objective-C. Are there any solutions anyone is aware of? The only thing I could find was Apple's Security tool which seems old and am not sure if the APIs are still supported.

Thanks in advance.

Presignify answered 12/11, 2019 at 23:34 Comment(5)

I'm unclear on what you're asking. Are you looking for sample code, or just the APIs? SecKeychainAddGenericPassword, for example, is a C API. – Upswing 12/11, 2019 at 23:38

Your security tool example is indeed old, but the keychain API on macOS is old. It's still supported. It's a C API. Apple have an archived code sample on their documentation called GenericKeychain but at some point it got ported to swift. If you drill into the keychain services documentation, you'll see it's all C... – Guardianship 13/11, 2019 at 6:9

@Upswing I was looking for code references using the C APIs or any kind of examples. The one that you pointed out seems to be an Objective C API on searching. Apart from the tool I mentioned I couldn't find anything. I had basic questions regarding this, what libs to link against, what right headers to include, the tool is old and just dumps out code. I working example would have definitely helped. – Presignify 14/11, 2019 at 0:24

@Guardianship I have been looking into the keychain services, seems everything has been ported to Objective C. I am trying to quickly understand Objective C basics and write a short sample code that does what I am trying to do. I will try to see if there is a good way to mix Obj C code with the traditional C/C++ code base. – Presignify 14/11, 2019 at 0:26

@Presignify you seem to be confused, Keychain Services is C. The SecKeychainAddGenericPassword function mentioned is a C function. There is no Objective C involved. – Guardianship 14/11, 2019 at 3:41

A minimal example showing how to add a password to the keychain using C:

#include <CoreFoundation/CoreFoundation.h>
#include <Security/Security.h>

int main(int argc, const char* argv[]) {
    CFStringRef keys[3];
    keys[0] = kSecClass;
    keys[1] = kSecAttrAccount;
    keys[2] = kSecValueData;

    CFTypeRef values[3];
    values[0] = kSecClassGenericPassword;
    values[1] = CFSTR("accountname");
    values[2] = CFSTR("password");

    CFDictionaryRef query;
    query = CFDictionaryCreate(kCFAllocatorDefault, (const void**) keys, (const void**) values, 3, NULL, NULL);

    OSStatus result = SecItemAdd(query, NULL);

    printf("%d", result);

    return 0;
}

Guardianship answered 14/11, 2019 at 5:42 Comment(1)

thanks @TheNextman. There was indeed some confusion and lack of understanding. I am a bit wiser than yesterday. I did not use your code, but it nudged me to look in the right direction. Thank you. – Presignify 18/11, 2019 at 2:38

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags