英文:
Can't find keychain using 'security' framework
问题
I'm saving some user data of the same app in keychains. But I can't find where they are stored. Is there a way to find the path of the keychains?
class KeychainManager {
enum KeychainError: Error {
case duplicateEntry
case unknown(OSStatus)
}
static func save(service: String, account: String, password: Data) throws {
// service, account, password, class, data
let query: [String: AnyObject] = [
kSecAttrService as String: service as AnyObject,
kSecAttrAccount as String: account as AnyObject,
kSecValueData as String: password as AnyObject,
kSecClass as String: kSecClassGenericPassword
]
let status = SecItemAdd(query as CFDictionary, nil)
guard status != errSecDuplicateItem else {
throw KeychainError.duplicateEntry
}
guard status == errSecSuccess else {
throw KeychainError.unknown(status)
}
}
}
func save(account: String, password: String) {
do {
try KeychainManager.save(
service: "loseamp",
account: account,
password: password.data(using: .utf8) ?? Data())
} catch {
print(error)
}
}
英文:
I'm saving some user data of the same app in keychains. But I can't find where they are stored. Is there a way to find the path of the keychains?
class KeychainManager {
enum KeychainError: Error {
case duplicateEntry
case unknown(OSStatus)
}
static func save(service: String, account: String, password: Data) throws {
// service, account, password, class, data
let query: [String: AnyObject] = [
kSecAttrService as String: service as AnyObject,
kSecAttrAccount as String: account as AnyObject,
kSecValueData as String: password as AnyObject,
kSecClass as String: kSecClassGenericPassword
]
let status = SecItemAdd(query as CFDictionary, nil)
guard status != errSecDuplicateItem else {
throw KeychainError.duplicateEntry
}
guard status == errSecSuccess else {
throw KeychainError.unknown(status)
}
}
}
func save(account: String, password: String) {
do {
try KeychainManager.save(
service: "loseamp",
account: account,
password: password.data(using: .utf8) ?? Data())
} catch {
print(error)
}
}
答案1
得分: 1
在Mac上,你可以使用security list-keychains命令找到当前正在搜索的所有钥匙串的路径。你可以在keychain_list.c中找到执行此操作的代码。主要的函数是SecKeychainCopySearchList和SecKeychainGetPath。
在Mac上,这两个函数都已经被弃用,在iOS上也不可用。通常情况下,你不应该查询特定路径,除非在Mac管理员工具中(在这种情况下,你通常会使用支持的security接口而不是编程接口)。并不是所有“钥匙串中的东西”都存储在文件中。一些数据存储在Secure Enclave中。你可以获得对这些项目的引用并在操作中使用它们,但无法访问它们的数据。
英文:
On Mac, you can find the paths of all the currently searched keychains with security list-keychains. You can find the code that does this in keychain_list.c. The main functions are SecKeychainCopySearchList and SecKeychainGetPath.
Both of these functions are deprecated on Mac and unavailable on iOS. Generally you should not be querying for the specific paths except in Mac admin tools (in which case you will generally use the supported security interface rather than a programmatic interface). Not all "things in the keychain" are in a file at all. Some are stored in the Secure Enclave. You can get a reference to these items and use them in operations, but you cannot access their data.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论