加密领域数据库并崩溃

时间:2017-10-06 08:13:38

标签: ios realm

我需要加密realm文件,我在app启动时也喜欢这样。

- (void)encryptRealm {
    // Generate 64 bytes of random data to serve as the encryption key
    uint8_t buffer[64];
    SecRandomCopyBytes(kSecRandomDefault, 64, buffer);
    NSData *keyData = [[NSData alloc] initWithBytes:buffer length:sizeof(buffer)];

    // Create a Realm Configuration object with the encryption key
    RLMRealmConfiguration *configuration = [RLMRealmConfiguration defaultConfiguration];
    configuration.encryptionKey = keyData;

    // Attempt to open a Realm file with the encryption key
    NSError *error = nil;
    RLMRealm *realm = [RLMRealm realmWithConfiguration:configuration error:&error];

    // If the encryption key was not accepted, the error will state that the database was invalid
    if (error != nil) {
        NSLog(@"%@", error.localizedDescription);
        return;
    }
}

它像这样崩溃。我不确定会发生什么。我该怎么办? 教程就在这里。

https://academy.realm.io/posts/tim-oliver-realm-cocoa-tutorial-on-encryption-with-realm/

  

2017-10-06 15:58:33.366167 + 0800 Alive 2.0 [20770:6589296] ***   由于未捕获的异常终止应用程序' RLMException',原因:   ' /var/mobile/Containers/Data/Application/FA128FC0-BB80-469E-8B05-6B7957AD04A1/Documents/default.realm:   无法在路径上打开领域   ' /var/mobile/Containers/Data/Application/FA128FC0-BB80-469E-8B05-6B7957AD04A1/Documents/default.realm' ;:   不是领域文件。'

1 个答案:

答案 0 :(得分:3)

您不需要在每次启动时生成新密钥,而是需要存储用于给定Realm的加密密钥。在该文章中进一步链接的加密示例包含example of how to do this

- (NSData *)getKey {
    // Identifier for our keychain entry - should be unique for your application
    static const uint8_t kKeychainIdentifier[] = "io.Realm.EncryptionExampleKey";
    NSData *tag = [[NSData alloc] initWithBytesNoCopy:(void *)kKeychainIdentifier
                                               length:sizeof(kKeychainIdentifier)
                                         freeWhenDone:NO];

    // First check in the keychain for an existing key
    NSDictionary *query = @{(__bridge id)kSecClass: (__bridge id)kSecClassKey,
                            (__bridge id)kSecAttrApplicationTag: tag,
                            (__bridge id)kSecAttrKeySizeInBits: @512,
                            (__bridge id)kSecReturnData: @YES};

    CFTypeRef dataRef = NULL;
    OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, &dataRef);
    if (status == errSecSuccess) {
        return (__bridge NSData *)dataRef;
    }

    // No pre-existing key from this application, so generate a new one
    uint8_t buffer[64];
    status = SecRandomCopyBytes(kSecRandomDefault, 64, buffer);
    NSAssert(status == 0, @"Failed to generate random bytes for key");
    NSData *keyData = [[NSData alloc] initWithBytes:buffer length:sizeof(buffer)];

    // Store the key in the keychain
    query = @{(__bridge id)kSecClass: (__bridge id)kSecClassKey,
              (__bridge id)kSecAttrApplicationTag: tag,
              (__bridge id)kSecAttrKeySizeInBits: @512,
              (__bridge id)kSecValueData: keyData};

    status = SecItemAdd((__bridge CFDictionaryRef)query, NULL);
    NSAssert(status == errSecSuccess, @"Failed to insert new key in the keychain");

    return keyData;
}