Databases
StackOverflow2013
Postsdbo
POOriginal and upgrade iOS apps have same keychain and application identities, but upgrade app cannot decrypt passwords encrypted by original app
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POOriginal and upgrade iOS apps have same keychain and application identities, but upgrade app cannot decrypt passwords encrypted by original app
    text
    copied!<p>We have a version of an app in the App Store at 1.2.0 whose entitlements look like this (names changed to protect the innocent). This information came from iTunes Connect app details (app > View Details > Binary Details).</p> <pre><code>Bundle Identifier : com.ourco.xxx-app [...] Bundle Short Version String : 1.2.0 Bundle Version : 1.2.0.66338 [...] Entitlements : Faspex.app/Faspex get-task-allow: false keychain-access-groups: ( 8xxxxxxxxE.com.ourco.xxx-app ) application-identifier: 8xxxxxxxxE.com.ourco.xxx-app </code></pre> <p>We have a Release build of version 2.0.0 built from Xcode and signed with our distribution profile whose entitlements look like this (gotten by changing .ipa to .zip, unzipping it and the running codesign against the unzipped app).</p> <pre><code>$ codesign --display --entitlements - Payload/Xxx.app [...]&lt;?xml version="1.0" encoding="UTF-8"?&gt; &lt;!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"&gt; &lt;plist version="1.0"&gt; &lt;dict&gt; &lt;key&gt;application-identifier&lt;/key&gt; &lt;string&gt;8xxxxxxxxE.com.asperasoft.xxx-app&lt;/string&gt; &lt;key&gt;get-task-allow&lt;/key&gt; &lt;false/&gt; &lt;key&gt;keychain-access-groups&lt;/key&gt; &lt;array&gt; &lt;string&gt;8xxxxxxxxE.com.asperasoft.xxx-app&lt;/string&gt; &lt;/array&gt; &lt;/dict&gt; &lt;/plist&gt; </code></pre> <p>When we conduct upgrade testing from the App Store version to our new version we are unable to retrieve previously stored passwords (stored by the 1.2.0 version) from the keychain. </p> <p>By "upgrade testing" I mean we are installing the App Store version from the App Store itself, making an app account and saving that account's password in the keychain, then using the Xcode Organizer to install the Release build of 2.0.0 over top of the App Store (1.2.0) version. When we try to access the password from the keychain with the "upgraded" 2.0.0 version, we are unable to access the password.</p> <p>It's been a while since we upgraded this app, but last time we did I don't recall having this kind of issue during upgrade testing like this.</p> <p>Some of my team think this will magically fix itself when users install the real 2.0.0 upgrade from the App Store, but I am skeptical. </p> <p>I will add any necessary details to this question if needed to help get a solid answer. Thanks in advance!</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload