KeyChainItem question

Is the KeyChainItem a good way to store delicate information (like serials, data not visible to the user, …) for macOS apps?
Are there limitations? Can I update the KeyChainItem information anytime without any issues?

I also notice deleting a keychain using keychainitem.delete does not work.
So you can only create one, read it but never change or delete the keychain. Is this a Xojo bug?

The user can always have a look at the data in the keychain. The keychain is not the place for invisible data. Deleting should work. What happens when you try to delete?

I would instead store these items in an encrypted Preferences SQLite database inside SpecialFolder.ApplicationData — this way you have full control and it is cross platform.

Everything can be found and especially files. Keychains are less known to casual users.

Delete does not work at all.

Try yourself:

Create keychain:

Dim NewItem as KeyChainItem If System.KeyChainCount > 0 then NewItem = New KeyChainItem NewItem.ServiceName = "myAppTest" NewItem.Label="myAppTest" System.KeyChain.AddPassword NewItem, "SecretPassword" End if Exception err as KeyChainException MsgBox "Can't add item: " + err.Message

Deleting (but doesn’t work). It doesn’t throw an exception either so the key is found (I guess).

Dim ItemToDelete as KeyChainItem ItemToDelete = New KeyChainItem ItemToDelete.ServiceName ="myAppTest" ItemToDelete.Label="myAppTest" ItemToDelete.Delete Exception err as KeyChainException MsgBox "Can't find item: " + err.Message

My code doesn’t look very different. I just verified on Sierra with Xojo 2017r1 that it works fine. They KeyChainNames are in the form of accountname@servername:

[code]Protected Function DeleteKC(KeyChainName as String, AppName as String) as Boolean

'delete the existing keychain item

dim theKeyChainItem as new KeyChainItem
theKeyChainItem.ServiceName = AppName
theKeyChainItem.Label = AppName
theKeyChainItem.AccountName = KeyChainName

'check if the keychain item exists
#pragma BreakOnExceptions false
dim Password as String = System.KeyChain.FindPassword(theKeyChainItem)

catch err as KeyChainException
if err.errorNumber = -25300 then
Return true
globals.theErrorLog.DialogErrorProceed kErrorDelete + " " + Str(err.ErrorNumber) + " " + err.Message
Return False
end if
end try

'now delete it
Return true
catch err as KeyChainException
globals.theErrorLog.DialogErrorProceed kErrorDelete + " " + Str(err.ErrorNumber) + " " + err.Message
Return False
end try
#pragma BreakOnExceptions true

End Function[/code]

The format seems to make it work. Thx.