我想在App中保存用户的ID和密码。
保存ID和密码时,推荐的加密方式是什么。
我从越狱或黑客中找到了更安全的方法。
GenericKeychain示例代码怎么样?
我对安全如何使用Keychain(如GenericKeychain示例代码)无法保证。
请告诉我一些建议。谢谢^^ *
答案 0 :(得分:23)
您可以使用安全框架
#import <Security/Security.h>
保存服务器的用户名和密码:
-(void) saveUsername:(NSString*)user withPassword:(NSString*)pass forServer:(NSString*)server {
// Create dictionary of search parameters
NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)(kSecClassInternetPassword), kSecClass, server, kSecAttrServer, kCFBooleanTrue, kSecReturnAttributes, nil];
// Remove any old values from the keychain
OSStatus err = SecItemDelete((__bridge CFDictionaryRef) dict);
// Create dictionary of parameters to add
NSData* passwordData = [pass dataUsingEncoding:NSUTF8StringEncoding];
dict = [NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)(kSecClassInternetPassword), kSecClass, server, kSecAttrServer, passwordData, kSecValueData, user, kSecAttrAccount, nil];
// Try to save to keychain
err = SecItemAdd((__bridge CFDictionaryRef) dict, NULL);
}
删除:
-(void) removeAllCredentialsForServer:(NSString*)server {
// Create dictionary of search parameters
NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)(kSecClassInternetPassword), kSecClass, server, kSecAttrServer, kCFBooleanTrue, kSecReturnAttributes, kCFBooleanTrue, kSecReturnData, nil];
// Remove any old values from the keychain
OSStatus err = SecItemDelete((__bridge CFDictionaryRef) dict);
}
阅读:
-(void) getCredentialsForServer:(NSString*)server {
// Create dictionary of search parameters
NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)(kSecClassInternetPassword), kSecClass, server, kSecAttrServer, kCFBooleanTrue, kSecReturnAttributes, kCFBooleanTrue, kSecReturnData, nil];
// Look up server in the keychain
NSDictionary* found = nil;
CFDictionaryRef foundCF;
OSStatus err = SecItemCopyMatching((__bridge CFDictionaryRef) dict, (CFTypeRef*)&foundCF);
// Check if found
found = (__bridge NSDictionary*)(foundCF);
if (!found)
return;
// Found
NSString* user = (NSString*) [found objectForKey:(__bridge id)(kSecAttrAccount)];
NSString* pass = [[NSString alloc] initWithData:[found objectForKey:(__bridge id)(kSecValueData)] encoding:NSUTF8StringEncoding];
}