SecItemAdd() produces a broken, impossible-to-delete keychain entry

Originator:wiml
Number:rdar://24575784 Date Originated:09-Feb-2016 02:24 PM
Status:Open Resolved:
Product:macOS Product Version:10.10.5 / 14F27
Classification: Reproducible:Always
 
Summary:
Adding a key to a keychain using SecItemAdd() inserts an incomplete, useless item in the keychain. The item is impossible to delete ("A missing value was detected." in Keychain Access, or error errSecMissingValue / -67871 from SecItemDelete()).

Steps to Reproduce:
Insert a symmetric key using SecItemAdd, specifying the class, some data, an application tag, and a type.

Examine the key that gets added to your keychain. Try to delete it.

I've attached a C program which does this. To use it, compile it and run it with a test keychain's path on the command line. (You can only run this command once per keychain, due to a combination of this and other bugs in SecItemAdd().)

Expected Results:
They keychain item will be deletable.

Actual Results:
The key cannot be deleted.

2016-02-09 14:20:05.466 a.out[24731:391556] SecItemAdd({
    atag = <84687650 6c0724c9>;
    class = keys;
    type = 2147483649;
    "u_Keychain" = "<SecKeychain 0x7f8208c019e0 [0x7fff7e133ed0]>";
    "v_Data" = <01020304 05060708 090a0b0c 0d0e0f10>;
}) -> <SecKeychainItem 0x7f8208f206b0 [0x7fff7e133ed0]>
2016-02-09 14:20:05.466 a.out[24731:391556] SecItemCopyMatching --> 0, (
        {
        bsiz = 0;
        class = keys;
        esiz = 0;
        labl = "<null>";
        type = 0;
        "v_Ref" = "<SecKeychainItem 0x7f8208f206b0 [0x7fff7e133ed0]>";
    }
)
2016-02-09 14:20:05.467 a.out[24731:391556] Will delete key: <SecKeychainItem 0x7f8208f206b0 [0x7fff7e133ed0]>
2016-02-09 14:20:05.467 a.out[24731:391556] SecItemDelete({
    "v_Ref" = "<SecKeychainItem 0x7f8208f206b0 [0x7fff7e133ed0]>";
}) --> -67871


Version:
10.10.5 / 14F27

Notes:
The inserted key is missing several attributes which were specified in SecItemAdd(), but I'll report that as a separate RADAR.
The SecItemAdd() call fails if you try to explicitly specify kSecAttrKeyClass or kSecAttrKeySizeInBits, but I'll report that as a separate RADAR.

I have attached a .keychain file produced by this program. Its password is the single letter "x".


Configuration:
OSX

Attachments:
'secaddfail.m', 'testkeychain.keychain' and 'Screen Shot 2016-02-09 at 2.23.02 PM.png' were successfully uploaded.

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!