How do I programmatically import a certificate into my iOS app's keychain and pass the identity to a server when needed?

Question

I am working on an iOS5 application that will facilitate mobile payments between two users. As part of the payment process, the sender and the recipient need to communicate with

Answer 1

The following code should do the trick :

NSMutableDictionary *secIdentityParams = [[NSMutableDictionary alloc] init];
[secIdentityParams setObject:(id)myIdentity forKey:(id)kSecValueRef];
OSStatus status = SecItemAdd((CFDictionaryRef) secIdentityParams, NULL);

You interact with the Keychain by passing in a dictionary of key-value pairs that you want to find or create. Each key represents a search option or an attribute of the item in the keychain. Keys are pre-defined constants that you must use depending on the type of data to be stored. Those keys can be found in Apple's developer doc.

I think Apple's source code is indeed missing the allocation of persistentRef. They should have added such declaration at the beginning of the method :

NSData *persistentRef = nil; 

Note that use of persistent reference is not mandatory. The above code should work just fine. As Apple explains it well :

Because a persistent reference remains valid between invocations of your program and can be stored on disk, you can use one to make it easier to find a keychain item that you will need repeatedly

source : https://developer.apple.com/library/ios/#documentation/Security/Conceptual/CertKeyTrustProgGuide/iPhone_Tasks/iPhone_Tasks.html#//apple_ref/doc/uid/TP40001358-CH208-DontLinkElementID_10