问题描述

我想在 App 中保存用户的 ID 和密码.

I want to save user's id and password in App.

当我保存ID和密码时，推荐的加密方式是什么.

What is recommendable encryption way when I save id and password.

我从越狱或黑客那里找到了更安全的方法.

I'm finding more safe way from Jailbreak or Hacker.

GenericKeychain 示例代码怎么样?

How about GenericKeychain sample code ?

http://developer.apple.com/library/ios/#samplecode/GenericKeychain/Introduction/Intro.html#//apple_ref/doc/uid/DTS40007797

我对如何像 GenericKeychain 示例代码一样安全地使用 Keychain 没有信心.

I can't have confidence about safe how to use Keychain like GenericKeychain sample code.

请告诉我一些建议.谢谢^^*

Please tell me some advices. Thank you ^^*

推荐答案

您可以使用安全框架

#import

要为服务器保存用户名和密码:

-(void) saveUsername:(NSString*)user withPassword:(NSString*)pass forServer:(NSString*)server {

    // Create dictionary of search parameters
    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)(kSecClassInternetPassword),  kSecClass, server, kSecAttrServer, kCFBooleanTrue, kSecReturnAttributes, nil];

    // Remove any old values from the keychain
    OSStatus err = SecItemDelete((__bridge CFDictionaryRef) dict);

    // Create dictionary of parameters to add
    NSData* passwordData = [pass dataUsingEncoding:NSUTF8StringEncoding];
    dict = [NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)(kSecClassInternetPassword), kSecClass, server, kSecAttrServer, passwordData, kSecValueData, user, kSecAttrAccount, nil];

    // Try to save to keychain
    err = SecItemAdd((__bridge CFDictionaryRef) dict, NULL);

}

删除:

-(void) removeAllCredentialsForServer:(NSString*)server {

    // Create dictionary of search parameters
    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)(kSecClassInternetPassword),  kSecClass, server, kSecAttrServer, kCFBooleanTrue, kSecReturnAttributes, kCFBooleanTrue, kSecReturnData, nil];

    // Remove any old values from the keychain
    OSStatus err = SecItemDelete((__bridge CFDictionaryRef) dict);

}

阅读:

-(void) getCredentialsForServer:(NSString*)server {

    // Create dictionary of search parameters
    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:(__bridge id)(kSecClassInternetPassword),  kSecClass, server, kSecAttrServer, kCFBooleanTrue, kSecReturnAttributes, kCFBooleanTrue, kSecReturnData, nil];

    // Look up server in the keychain
    NSDictionary* found = nil;
    CFDictionaryRef foundCF;
    OSStatus err = SecItemCopyMatching((__bridge CFDictionaryRef) dict, (CFTypeRef*)&foundCF);

    // Check if found
    found = (__bridge NSDictionary*)(foundCF);
    if (!found) 
        return;

    // Found
    NSString* user = (NSString*) [found objectForKey:(__bridge id)(kSecAttrAccount)];
    NSString* pass = [[NSString alloc] initWithData:[found objectForKey:(__bridge id)(kSecValueData)] encoding:NSUTF8StringEncoding];

}

这篇关于如何使用 Keychain 来保存密码，如 GenericKeychain 示例代码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！