找不到钥匙串,使用 ‘security’ 框架。

huangapple go评论87阅读模式
英文:

Can't find keychain using 'security' framework

问题

I'm saving some user data of the same app in keychains. But I can't find where they are stored. Is there a way to find the path of the keychains?

class KeychainManager {
    enum KeychainError: Error {
        case duplicateEntry
        case unknown(OSStatus)
    }
    static func save(service: String, account: String, password: Data) throws {
        // service, account, password, class, data
        let query: [String: AnyObject] = [
            kSecAttrService as String: service as AnyObject,
            kSecAttrAccount as String: account as AnyObject,
            kSecValueData as String: password as AnyObject,
            kSecClass as String: kSecClassGenericPassword
        ]
        let status = SecItemAdd(query as CFDictionary, nil)
        guard status != errSecDuplicateItem else {
            throw KeychainError.duplicateEntry
        }
        guard status == errSecSuccess else {
            throw KeychainError.unknown(status)
        }
    }
}
func save(account: String, password: String) {
    
    do {
        try KeychainManager.save(
            service: "loseamp",
            account: account,
            password: password.data(using: .utf8) ?? Data())
    } catch {
        print(error)
    }
}
英文:

I'm saving some user data of the same app in keychains. But I can't find where they are stored. Is there a way to find the path of the keychains?

class KeychainManager {
    enum KeychainError: Error {
        case duplicateEntry
        case unknown(OSStatus)
    }
static func save(service: String, account: String, password: Data) throws {
        // service, account, password, class, data
        let query: [String: AnyObject] = [
            kSecAttrService as String: service as AnyObject,
            kSecAttrAccount as String: account as AnyObject,
            kSecValueData as String: password as AnyObject,
            kSecClass as String: kSecClassGenericPassword
        ]
        let status = SecItemAdd(query as CFDictionary, nil)
        guard status != errSecDuplicateItem else {
            throw KeychainError.duplicateEntry
        }
        guard status == errSecSuccess else {
            throw KeychainError.unknown(status)
        }
    }
}
func save(account: String, password: String) {
    
    do {
        try KeychainManager.save(
            service: "loseamp",
            account: account,
            password: password.data(using: .utf8) ?? Data())
    } catch {
        print(error)
    }
}

答案1

得分: 1

在Mac上,你可以使用security list-keychains命令找到当前正在搜索的所有钥匙串的路径。你可以在keychain_list.c中找到执行此操作的代码。主要的函数是SecKeychainCopySearchListSecKeychainGetPath

在Mac上,这两个函数都已经被弃用,在iOS上也不可用。通常情况下,你不应该查询特定路径,除非在Mac管理员工具中(在这种情况下,你通常会使用支持的security接口而不是编程接口)。并不是所有“钥匙串中的东西”都存储在文件中。一些数据存储在Secure Enclave中。你可以获得对这些项目的引用并在操作中使用它们,但无法访问它们的数据。

英文:

On Mac, you can find the paths of all the currently searched keychains with security list-keychains. You can find the code that does this in keychain_list.c. The main functions are SecKeychainCopySearchList and SecKeychainGetPath.

Both of these functions are deprecated on Mac and unavailable on iOS. Generally you should not be querying for the specific paths except in Mac admin tools (in which case you will generally use the supported security interface rather than a programmatic interface). Not all "things in the keychain" are in a file at all. Some are stored in the Secure Enclave. You can get a reference to these items and use them in operations, but you cannot access their data.

huangapple
  • 本文由 发表于 2023年2月24日 00:41:55
  • 转载请务必保留本文链接:https://go.coder-hub.com/75547776.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定