Apple GenericKeychain示例中的KeychainItemWrapper类使用kSecValueData键来存储密码 .
但参考http://developer.apple.com/library/ios/#documentation/Security/Reference/keychainservices/Reference/reference.html#//apple_ref/doc/uid/TP30000898
表示在SecItemCopyMatching或SecItemAdd的结果字典中使用了kSecValueData,表示返回值的类型 .
当我调用SecItemAdd来创建钥匙串项时,我应该使用哪个键?
您应该使用kSecValue数据作为密钥来存储密码(以NSData或CFDataRef格式) .
该主题的参考有点不清楚,kSecValueData键用作输出键和输入键 . 也就是说,在查询钥匙串项(SecItemCopyMatching)并指定kSecReturnAttributes键时使用它,因此结果作为字典返回,密码将存储在该字典的kSecValueData键下 . 您还可以在将项添加到钥匙串(SecItemAdd)时使用它,在调用方法之前将密码的NSData或CFDataRef值存储在kSecValueData键中 .
以下是两种情况的示例:
Retrieving password:
NSMutableDictionary *queryDictionary = [[NSMutableDictionary alloc] init]; [queryDictionary setObject: (__bridge id)kSecClassGenericPassword forKey: (__bridge id<NSCopying>)kSecClass]; [queryDictionary setObject:service forKey:kSecAttrService]; [queryDictionary setObject:account forKey:kSecAttrAccount]; // The result will be a dictionary containing the password attributes... [queryDictionary setObject:YES forKey:(__bridge id<NSCopying>)(kSecReturnAttributes)]; // ...one of those attributes will be a kSecValueData with the password [queryDictionary setObject:YES forKey:(__bridge id<NSCopying>)(kSecReturnData)]; OSStatus sanityCheck = SecItemCopyMatching((__bridge CFDictionaryRef)(queryDictionary), (CFTypeRef *)&result); if (sanityCheck != noErr) { NSDictionary * resultDict = (__bridge NSDictionary *)result; // here's the queried password value NSData *passwordValue = [resultDict objectForKey:(__bridge id)(kSecValueData)]; }
Adding password:
NSString *passwordString = @"my password value"; NSData *passwordData = [passwordString dataUsingEncoding:NSUTF8StringEncoding]; CFDictionaryRef result = nil; NSMutableDictionary *addDictionary = [[NSMutableDictionary alloc] init]; [addDictionary setObject: (__bridge id)kSecClassGenericPassword forKey: (__bridge id<NSCopying>)kSecClass]; [addDictionary setObject:service forKey:kSecAttrService]; [addDictionary setObject:account forKey:kSecAttrAccount]; // here goes the password value [addDictionary setObject:passwordData forKey:(__bridge id<NSCopying>)(kSecValueData)]; OSStatus sanityCheck = SecItemAdd((__bridge CFDictionaryRef)(queryDictionary), NULL) if (sanityCheck != noErr) { // if no error the password got successfully stored in the keychain }
1 回答
您应该使用kSecValue数据作为密钥来存储密码(以NSData或CFDataRef格式) .
该主题的参考有点不清楚,kSecValueData键用作输出键和输入键 . 也就是说,在查询钥匙串项(SecItemCopyMatching)并指定kSecReturnAttributes键时使用它,因此结果作为字典返回,密码将存储在该字典的kSecValueData键下 . 您还可以在将项添加到钥匙串(SecItemAdd)时使用它,在调用方法之前将密码的NSData或CFDataRef值存储在kSecValueData键中 .
以下是两种情况的示例:
Retrieving password:
Adding password: