SecItemAdd and SecItemCopyMatching returns error code -34018 (errSecMissingEntitlement)

keychain ios cocoa sskeychain

Solution 1:

iOS 10 / XCode 8 Fix:

Add KeyChain Entitlement, Go to project settings->Capabilities->Keychain Sharing->Add Keychain Groups+Turn On

An answer here, from Apple:

UPDATE: We have finally been able to reproduce the -34018 error on iOS 8.3. This is the first step in identifying the root cause and then coming up with a fix.

As usual, we can't commit to a release timeframe, but this has affected many developers and we really want to get this resolved.

Earlier I suggested adding a small delay in application:didFinishLaunchingWithOptions and applicationDidBecomeActive: before accessing the keychain as a workaround. However, that doesn't actually appear to help. That means that there's no known workaround at this time other than relaunching the app.

The issue appears to be related to memory pressure, so perhaps being more aggressive in handling memory warnings may alleviate the problem

https://forums.developer.apple.com/thread/4743#14441

UPDATE

OK, here’s the latest.
This is a complex problem with multiple possible causes:

  • Some instances of the problem are caused by incorrect app signing. You can easily distinguish this case because the problem is 100% reproducible.
  • Some instances of the problem are caused by a bug in how iOS supports app development (r. 23,991,853). Debugging this was complicated by the fact that another bug in the OS (r. 23,770,418) masked its effect, meaning the problem only cropped up when the device was under memory pressure. We believe these problems were resolved in iOS 9.3.
  • We suspect that there may be yet more causes of this problem.

So, if you see this problem on a user device (one that hasn’t been talked to by Xcode) that’s running iOS 9.3 or later, please do file a bug report about it. Try to include the device system log in your bug report (I realise that can be tricky when dealing with customer devices; one option is to ask the customer to install Apple Configurator, which lets them view the system log). And if you do file a bug, please post your bug number, just for the record.

On behalf of Apple I’d like to thank everyone for their efforts in helping to track down this rather horrid issue. Share and Enjoy

https://forums.developer.apple.com/thread/4743#126088

Solution 2:

Basically you have to codesign your .xcttest folder by adding the following as a run script in your test target.

codesign --verify --force --sign "$CODE_SIGN_IDENTITY" "$CODESIGNING_FOLDER_PATH"

I got a lot of -34018 errors when testing my keychain on the device and this managed to fix it.

If the problem does not exist in your test target this is probably not the solution.

Related

How to build a Debian/Ubuntu package from source?
What is the difference between `git fetch origin` and `git remote update origin`?
How to include (source) R script in other scripts
What exactly happens when I set LoadUserProfile of IIS pool?
Python pandas: Keep selected column as DataFrame instead of Series
Technically what is the main difference between Oracle JDK and OpenJDK? [duplicate]
Does a UNIQUE constraint automatically create an INDEX on the field(s)?
How to create a new database after initally installing oracle database 11g Express Edition?
Logger slf4j advantages of formatting with {} instead of string concatenation
Which is better, return "ModelAndView" or "String" on spring3 controller
Wrapping synchronous code into asynchronous call
Should you ever use this.setState() when using redux?