iOS简单使用keychain存储密码
2015-04-07 本文已影响26240人
大慈大悲大熊猫
2016.12.22最新更新
最近一直有朋友说不知道怎么用,特来更新了 PDKeyChain,添加了注释,有问题可以提 issue 欢迎讨论。
2016.8.23最新更新
最近一直有朋友问源码,整理了一下发在这里。
2016.3.23最新更新
近期项目中又用到keychain,于是回头翻了翻以前写的代码,感觉写的/(ㄒoㄒ)/~~
设计不科学,命名不规范,怎么看怎么别扭,那就重写吧~
Tips:在实习过程中,有次让我实现一个app七天免登陆功能。当时没细想,直接就用NSUserDefaults给做的,用NSDate判断时间,取七天的间隔判断登陆状态。直到现在了解了keychain,才知道用NSUserDefaults是非常不安全的。通常情况下,可以用NSUserDefaults存储数据信息,但是对于一些私密信息,比如账号、密码等等,就需要使用更为安全的keychain了。而Keychain的信息是存在于每个应用(app)的沙盒之外的,所以keychain里保存的信息不会因App被删除而丢失,在用户重新安装App后依然有效,数据还在。
KeyChain
话不多说,咱们直接来看怎么快速集成keychain。
- 自定义一个类,取名XXXKeyChain,如下:
#import <Foundation/Foundation.h>
#import <Security/Security.h>
#define KEY_PASSWORD @"com.rry.app.password"
#define KEY_USERNAME_PASSWORD @"com.rry.app.usernamepassword"
@interface RRYKeyChain : NSObject
+ (void)save:(NSString *)service data:(id)data;
+ (id)load:(NSString *)service;
+ (void)delete:(NSString *)service;
@end
以上代码自定义了三个方法,存、取、删。并且定义了几个字符串用来做key。当然,想使用keychain请不要忘记引入Security包,引入文件 #import <Security/Security.h>。
- 再来看.m文件的具体实现
#import "RRYKeyChain.h"
@implementation RRYKeyChain
+ (NSMutableDictionary *)getKeychainQuery:(NSString *)service {
return [NSMutableDictionary dictionaryWithObjectsAndKeys:
(id)kSecClassGenericPassword,(id)kSecClass,
service, (id)kSecAttrService,
service, (id)kSecAttrAccount,
(id)kSecAttrAccessibleAfterFirstUnlock,(id)kSecAttrAccessible,
nil];
}
+ (void)save:(NSString *)service data:(id)data {
//Get search dictionary
NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];
//Delete old item before add new item
SecItemDelete((CFDictionaryRef)keychainQuery);
//Add new object to search dictionary(Attention:the data format)
[keychainQuery setObject:[NSKeyedArchiver archivedDataWithRootObject:data] forKey:(id)kSecValueData];
//Add item to keychain with the search dictionary
SecItemAdd((CFDictionaryRef)keychainQuery, NULL);
}
+ (id)load:(NSString *)service {
id ret = nil;
NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];
//Configure the search setting
//Since in our simple case we are expecting only a single attribute to be returned (the password) we can set the attribute kSecReturnData to kCFBooleanTrue
[keychainQuery setObject:(id)kCFBooleanTrue forKey:(id)kSecReturnData];
[keychainQuery setObject:(id)kSecMatchLimitOne forKey:(id)kSecMatchLimit];
CFDataRef keyData = NULL;
if (SecItemCopyMatching((CFDictionaryRef)keychainQuery, (CFTypeRef *)&keyData) == noErr) {
@try {
ret = [NSKeyedUnarchiver unarchiveObjectWithData:(NSData *)keyData];
} @catch (NSException *e) {
NSLog(@"Unarchive of %@ failed: %@", service, e);
} @finally {
}
}
if (keyData)
CFRelease(keyData);
return ret;
}
+ (void)delete:(NSString *)service {
NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];
SecItemDelete((CFDictionaryRef)keychainQuery);
}
然后就是存,其中mmm是要存的密码字符串。
NSMutableDictionary *usernamepasswordKVPairs = [NSMutableDictionary dictionary];
[usernamepasswordKVPairs setObject:mmm forKey:KEY_PASSWORD];
[RRYKeyChain save:KEY_USERNAME_PASSWORD data:usernamepasswordKVPairs];
取
NSMutableDictionary *usernamepasswordKVPairs = (NSMutableDictionary *)[RRYKeyChain load:KEY_USERNAME_PASSWORD];
NSLog(@"%@",[usernamepasswordKVPairs objectForKey:KEY_PASSWORD]);
删
[RRYKeyChain delete:KEY_USERNAME_PASSWORD];
这样一个简单的使用keychain快速存储密码的功能就做好了。
2016.3.23最新更新
话不多说,直接上代码,首先是.h
#import <Foundation/Foundation.h>
#import <Security/Security.h>
@interface RHKeyChain : NSObject
+ (void)rhKeyChainSave:(NSString *)service;
+ (NSString *)rhKeyChainLoad;
+ (void)rhKeyChainDelete:(NSString *)service;
@end
只对外提供三个方法,存、取、删,实现放在内部,再是.m
static NSString * const kRHDictionaryKey = @"com.xxxx.dictionaryKey";
static NSString * const kRHKeyChainKey = @"com.xxxx.keychainKey";
+ (void)rhKeyChainSave:(NSString *)service {
NSMutableDictionary *tempDic = [NSMutableDictionary dictionary];
[tempDic setObject:service forKey:kRHDictionaryKey];
[self save:kRHKeyChainKey data:tempDic];
}
+ (NSString *)rhKeyChainLoad{
NSMutableDictionary *tempDic = (NSMutableDictionary *)[self load:kRHKeyChainKey];
return [tempDic objectForKey:kRHDictionaryKey];
}
+ (void)rhKeyChainDelete{
[self delete:kRHKeyChainKey];
}
三个方法的实现。
