In this post, I’ll talk about securely persisting statistics in iOS apps the usage of Apple’s Keychain Services. I’ll stroll you via what the Keychain Services API does and illustrate a speedy and handy way to begin the usage of Keychain performance in your apps via implementation of a wrapper.
Keychain provides a invulnerable choice to saving touchy data, such as person names and passwords, with NSUserDefaults, plist or comparable methods.
As you may already know, NSUserDefaults is easy and advantageous for saving small, easy bits of data, like NSNumbers or NSStrings, to your device’s file system. But this information is in no way saved securely as hackers can get entry to it distinctly without difficulty from the device.
Apple has furnished the Keychain Services API to deal with this hassle and assist builders construct apps that safely deal with passwords and different touchy information.
A keychain is described in Apple’s documentation as:
“…an encrypted container that securely shops small chunks of facts on behalf of apps and tightly closed services.”
and
“…simply a database saved in the file system.”
Keychain is remarkable due to the fact statistics encryption robotically is taken care of earlier than it is saved in the file gadget so there is no want to waste time constructing encryption algorithms.
A keychain in each OS and iOS can be configured to lock. When locked it is not possible to get entry to and decrypt saved keychain items. For iOS the keychain is locked when the system is locked and unlocked when the system is unlocked. Even when it is unlocked, solely apps that have created an object can get right of entry to it, except configured otherwise.
Keychain additionally gives different points like: gaining access to keychain gadgets throughout apps. Normally, an app solely has get admission to to objects it created however configuration can be made to let it get right of entry to information inside a crew of exact apps.

Implementing the Keychain API
Storing and retrieving records without delay with Keychain is now not an convenient task. Unfortunately, the Keychain API is a bit torturous to use. It is written in C and requires a lot of time-consuming configuration. Luckily, Apple and many different contributors have created greater stage wrappers to cover the convoluted C code and company powering matters from beneath.

Implementation with Wrappers
Apple’s very own Keychain wrapper is referred to as GenericKeychain and is reachable inside the pattern code in each Objective C and Swift.
Other wrappers exist as Cocoapods or extension libraries on Github and different dependency administration sites.

Here are a few Keychain wrappers I recommend:

1. SwiftKeychainWrapper by Jason Rendel(jrendel) for Swift. https://cocoapods.org/pods/SwiftKeychainWrapper or https://github.com/jrendel/SwiftKeychainWrapper
2. SAMKeychain by Sam Soffes for Objective C. https://cocoapods.org/pods/SAMKeychain
3. Locksmith by Matthew Palmer for Swift. (Check out the video tutorial) https://github.com/matthewpalmer/Locksmith

Most wrappers consist of three methods: one to add a keychain item, one to edit a keychain item, and one to delete it, and make getting access to and enhancing keychain objects viable with one line of code.

Step-by-Step: Implement Keychain with a Wrapper
Let’s stroll thru enforcing Keychain for a Swift software with the assist of SwiftKeychainWrapper with the aid of Jason Rendel.
1). Open an Xcode Swift assignment the place you would like to save touchy information or take a look at out the use of Keychain.

2). Go to the supply archives for your wrapper. In our case this will be: https://cocoapods.org/pods/SwiftKeychainWrapper and in order to make it less complicated to continue to be up to date we’ll use a cocoapod. Here you can take a look at out the documentation for the wrapper and see how facts will be delivered as a keychain item, edited and deleted.

In this wrappers’ documentation we can see that it’s advocated utilization is saving Strings. So for this instance we’ll retailer a hypothetical password.
3. Make a pod file for your venture and add the modern SwiftKeychainWrapper Cocoapod, like this:

Save it and consider to do ‘pod install’ in command line for your project.
4). Open the workspace file for your project.
In an real utility you may want to get hold of the touchy string in a number of ways, whether or not it is from a request to a server asking for consumer identify and password or from a textfield the place a consumer will enter the information.
For our instance we’ll make this a easy textfield that collects a password string that we favor to keep in keychain.
Go to storyboard and set up a view controller with a textfield and one button, like this:

Then make an IBOutlet connecting the textual content discipline to the view controller and an IBAction join the button. Your view controller category ought to appear like this:

5). If you have in mind from above, the approach to store a string to keychain with the SwiftKeychainWrapper is:

let saveSuccessful: Bool = KeychainWrapper.standard.set("Some String", forKey: "myKey") Now let’s enforce taking the string cost from the passwordTextField, giving it a key, and saving it to keychain when the savePasswordButton is tapped. The approach returns a boolean fee which acts as a affirmation that the string was once efficaciously saved.
Here is what your code can seem to be like.
import UIKit import SwiftKeychainWrapper class ViewController: UIViewController { @IBOutlet weak var txtPassword: UITextField! @IBOutlet weak var btnSavePassword: UIButton! override func viewDidLoad() { super.viewDidLoad() } @IBAction func btnSavePasswordClick(_ sender: UIButton) { if let password = txtPassword.text { let saveSuccessful: Bool = KeychainWrapper.standard.set(password, forKey: "userPassword") print("Save was successful: \(saveSuccessful)") self.view.endEditing(true) } } }

Before the usage of the .set approach to retailer to keychain I am doing a take a look at the usage of an ‘if let’ assertion to make positive that there is certainly some textual content in the textfield.
When you enter textual content and faucet the button it seems that nothing happens, however down in the console we can see that it printed a confirmation.

This skill the string used to be saved to Keychain!
6). To retrieve the string from Keychain let’s set up any other button.

This button won’t do whatever besides print the retrieved string to the console.
Connect its IBAction and use the required technique retrieve the string. See below.
Add the following code to the retrievePasswordButtonTapped method. 

import UIKit import SwiftKeychainWrapper class ViewController: UIViewController { @IBOutlet weak var txtPassword: UITextField! @IBOutlet weak var btnSavePassword: UIButton! @IBOutlet weak var btnRetrivePassword: UIButton! override func viewDidLoad() { super.viewDidLoad() } @IBAction func btnSAvePasswordClick(_ sender: UIButton) { if let password = txtPassword.text { let saveSuccessful: Bool = KeychainWrapper.standard.set(password, forKey: "userPassword") print("Save was successful: \(saveSuccessful)") self.txtPassword.text = "" self.view.endEditing(true) } } @IBAction func btnRetrivePasswordClick(_ sender: UIButton) { let retrievedPassword: String? = KeychainWrapper.standard.string(forKey: "userPassword") self.txtPassword.text = retrievedPassword print("Retrieved passwork is: \(retrievedPassword!)") } }

Please observe I’ve now not set up any tests right here to make certain keychain consists of any items. You will desire to deal with this checking in a actual app.
When tapping the Retrieve button the submitted password ought to be retrieved and printed in the console like this:

7). Removing an object from Keychain follows the equal sample the usage of the following method:

let removeSuccessful: Bool = KeychainWrapper.standard.remove(key: "myKey")

8). Now you’ve correctly used the SwiftKeychainWrapper to securely persist and get entry to a string value!
As you can see adding, retrieving, and putting off from Keychain with the wrapper are carried out with one easy line of code.
Each wrapper has it’s personal barely special syntax and configurable options, however they all, extra or less, observe the identical sample as in this example.

Thank you for reading!