1. 首页
  2. 问答
  3. 将NSDictionary存储在钥匙串中

将NSDictionary存储在钥匙串中

2012-03-30 116 views
18

可以使用KeychainItemWrapper(或不使用)在iPhone钥匙串中存储NSDictionary? 如果这是不可能的,你有另一种解决方案?将NSDictionary存储在钥匙串中

来源

2012-03-30 malinois

+0

是的,但是当我读到的数据,我有一个空的NSString参考。 – malinois 2012-03-30 18:51:25

回答

6

编码:[dic description]
解码:[dic propertyList]

来源

2012-03-30 21:31:55 malinois

+0

我不能在明天之前... – malinois 2012-03-31 14:24:05

1

你可以存储任何东西,你只需要序列化它。

NSData *data = [NSKeyedArchiver archivedDataWithRootObject:dictionary];

您应该能够将数据存储在钥匙串中。

来源

2012-03-30 18:49:40 wbyoung

+2

*** - [KeychainItemWrapper writeToKeychain]中的声明失败'无法添加钥匙串项目'。 – malinois 2012-03-30 19:50:03

+0

然后,您必须提供更多详细信息。 “无法添加钥匙串项目”可能有很多原因。 – wbyoung 2012-03-30 20:48:21

25

你必须正确地将其存储到钥匙串之前序列化NSDictionary。 使用:

[dic description] 
[dic propertyList]

,你会最终有一个NSDictionary集合只NSString对象。如果要维护对象的数据类型,则可以使用NSPropertyListSerialization

KeychainItemWrapper *keychain = [[KeychainItemWrapper alloc] initWithIdentifier:@"arbitraryId" accessGroup:nil] 
NSString *error; 
//The following NSData object may be stored in the Keychain 
NSData *dictionaryRep = [NSPropertyListSerialization dataFromPropertyList:dictionary format:NSPropertyListXMLFormat_v1_0 errorDescription:&error]; 
[keychain setObject:dictionaryRep forKey:kSecValueData]; 

//When the NSData object object is retrieved from the Keychain, you convert it back to NSDictionary type 
dictionaryRep = [keychain objectForKey:kSecValueData]; 
NSDictionary *dictionary = [NSPropertyListSerialization propertyListFromData:dictionaryRep mutabilityOption:NSPropertyListImmutable format:nil errorDescription:&error]; 

if (error) { 
    NSLog(@"%@", error); 
}

第二调用NSPropertyListSerializationNSDictionary集合中保持原始数据类型返回的NSDictionary

来源

2012-11-15 16:26:18

+1

我编辑了代码,以更准确地反映如何使用KeychainItemWrapper。 – 2012-11-16 01:24:59

+4

这将数据存储在不是加密字段的'kSecAttrService'中。我相信你打算在这里使用'kSecValueData',这是加密的有效载荷。 – 2013-04-23 16:57:19

+0

由于某些原因,您的代码在ios7中不起作用。会考虑更新它更清楚。例如,你说我们需要使用[dic description],但在你的例子中没有dic变量。 – user798719 2013-09-02 19:04:58

0

我发现钥匙串包装只需要字符串。甚至没有NSData。因此,要存储一个字典,您必须按照Bret的建议来做,但需要额外的步骤将NSData序列化转换为字符串。就像这样:

NSString *error; 
KeychainItemWrapper *keychain = [[KeychainItemWrapper alloc] initWithIdentifier:MY_STRING accessGroup:nil]; 
NSData *dictionaryRep = [NSPropertyListSerialization dataFromPropertyList:dictToSave format:NSPropertyListXMLFormat_v1_0 errorDescription:&error]; 
NSString *xml = [[NSString alloc] initWithBytes:[dictionaryRep bytes] length:[dictionaryRep length] encoding:NSUTF8StringEncoding]; 
[keychain setObject:xml forKey:(__bridge id)(kSecValueData)];

回读:

NSError *error; 
NSString *xml = [keychain objectForKey:(__bridge id)(kSecValueData)]; 
if (xml && xml.length) { 
    NSData *dictionaryRep = [xml dataUsingEncoding:NSUTF8StringEncoding]; 
    dict = [NSPropertyListSerialization propertyListWithData:dictionaryRep options:NSPropertyListImmutable format:nil error:&error]; 
    if (error) { 
     NSLog(@"%@", error); 
    } 
}

来源

2013-05-03 19:55:48

+0

并非所有的数据都是有效的UTF-8,所以这是行不通的。最好的选择是编码到Base64。 – zaph 2015-01-09 04:02:27

+0

它可能工作;毕竟XML是通过声明UTF-8编码开始的,<?xml version =“1.0”encoding =“UTF-8”?>。我相信Apple在XML中将数据编码为Base64(请参阅https://developer.apple.com/library/mac/documentation/Cocoa/Conceptual/PropertyLists/SerializePlist/SerializePlist.html中的示例)。如果确实失败了,那么回退到Base64是个好主意。 – 2015-01-09 15:49:46

14

使用KeychainItemWrapper依赖性要求修改库/示例代码接受NSData为加密的有效载荷,这是不是未来的证明。另外,执行NSDictionary > NSData > NSString转换序列只是为了您可以使用KeychainItemWrapper效率低下:KeychainItemWrapper无论如何都会将您的字符串转换回NSData,以对其进行加密。

这是一个完整的解决方案,通过直接利用钥匙串库来解决上述问题。

// to store your dictionary 
[myDict storeToKeychainWithKey:@"myStorageKey"]; 

// to retrieve it 
NSDictionary *myDict = [NSDictionary dictionaryFromKeychainWithKey:@"myStorageKey"]; 

// to delete it 
[myDict deleteFromKeychainWithKey:@"myStorageKey"];


和这里的类别:

@implementation NSDictionary (Keychain) 

-(void) storeToKeychainWithKey:(NSString *)aKey { 
    // serialize dict 
    NSString *error; 
    NSData *serializedDictionary = [NSPropertyListSerialization dataFromPropertyList:self format:NSPropertyListXMLFormat_v1_0 errorDescription:&error]; 

    // encrypt in keychain 
    if(!error) { 
     // first, delete potential existing entries with this key (it won't auto update) 
     [self deleteFromKeychainWithKey:aKey]; 

     // setup keychain storage properties 
     NSDictionary *storageQuery = @{ 
      (id)kSecAttrAccount: aKey, 
      (id)kSecValueData:  serializedDictionary, 
      (id)kSecClass:   (id)kSecClassGenericPassword, 
      (id)kSecAttrAccessible: (id)kSecAttrAccessibleWhenUnlocked 
     }; 
     OSStatus osStatus = SecItemAdd((CFDictionaryRef)storageQuery, nil); 
     if(osStatus != noErr) { 
      // do someting with error 
     } 
    } 
} 


+(NSDictionary *) dictionaryFromKeychainWithKey:(NSString *)aKey { 
    // setup keychain query properties 
    NSDictionary *readQuery = @{ 
     (id)kSecAttrAccount: aKey, 
     (id)kSecReturnData: (id)kCFBooleanTrue, 
     (id)kSecClass:  (id)kSecClassGenericPassword 
    }; 

    NSData *serializedDictionary = nil; 
    OSStatus osStatus = SecItemCopyMatching((CFDictionaryRef)readQuery, (CFTypeRef *)&serializedDictionary); 
    if(osStatus == noErr) { 
     // deserialize dictionary 
     NSString *error; 
     NSDictionary *storedDictionary = [NSPropertyListSerialization propertyListFromData:serializedDictionary mutabilityOption:NSPropertyListImmutable format:nil errorDescription:&error]; 
     if(error) { 
      NSLog(@"%@", error); 
     } 
     return storedDictionary; 
    } 
    else { 
     // do something with error 
     return nil; 
    } 
} 


-(void) deleteFromKeychainWithKey:(NSString *)aKey { 
    // setup keychain query properties 
    NSDictionary *deletableItemsQuery = @{ 
     (id)kSecAttrAccount:  aKey, 
     (id)kSecClass:    (id)kSecClassGenericPassword, 
     (id)kSecMatchLimit:   (id)kSecMatchLimitAll, 
     (id)kSecReturnAttributes: (id)kCFBooleanTrue 
    }; 

    NSArray *itemList = nil; 
    OSStatus osStatus = SecItemCopyMatching((CFDictionaryRef)deletableItemsQuery, (CFTypeRef *)&itemList); 
    // each item in the array is a dictionary 
    for (NSDictionary *item in itemList) { 
     NSMutableDictionary *deleteQuery = [item mutableCopy]; 
     [deleteQuery setValue:(id)kSecClassGenericPassword forKey:(id)kSecClass]; 
     // do delete 
     osStatus = SecItemDelete((CFDictionaryRef)deleteQuery); 
     if(osStatus != noErr) { 
      // do something with error 
     } 
     [deleteQuery release]; 
    } 
} 


@end

事实上,你可以轻松地修改它来存储任何类型的序列化对象的,所以你像这样使用它作为一个类别实施钥匙串,而不仅仅是一本字典。只需制作要存储的对象的NSData表示形式。

来源

2013-12-18 04:21:24 DTs

11

对Dts类别做了少量改动。转换为ARC并使用NSKeyedArchiver存储自定义对象。

@implementation NSDictionary (Keychain) 

-(void) storeToKeychainWithKey:(NSString *)aKey { 
    // serialize dict 
    NSData *serializedDictionary = [NSKeyedArchiver archivedDataWithRootObject:self]; 
    // encrypt in keychain 
     // first, delete potential existing entries with this key (it won't auto update) 
     [self deleteFromKeychainWithKey:aKey]; 

     // setup keychain storage properties 
     NSDictionary *storageQuery = @{ 
             (__bridge id)kSecAttrAccount: aKey, 
             (__bridge id)kSecValueData:  serializedDictionary, 
             (__bridge id)kSecClass:   (__bridge id)kSecClassGenericPassword, 
             (__bridge id)kSecAttrAccessible: (__bridge id)kSecAttrAccessibleWhenUnlocked 
             }; 
     OSStatus osStatus = SecItemAdd((__bridge CFDictionaryRef)storageQuery, nil); 
     if(osStatus != noErr) { 
      // do someting with error 
     } 
} 


+(NSDictionary *) dictionaryFromKeychainWithKey:(NSString *)aKey { 
    // setup keychain query properties 
    NSDictionary *readQuery = @{ 
           (__bridge id)kSecAttrAccount: aKey, 
           (__bridge id)kSecReturnData: (id)kCFBooleanTrue, 
           (__bridge id)kSecClass:  (__bridge id)kSecClassGenericPassword 
           }; 

    CFDataRef serializedDictionary = NULL; 
    OSStatus osStatus = SecItemCopyMatching((__bridge CFDictionaryRef)readQuery, (CFTypeRef *)&serializedDictionary); 
    if(osStatus == noErr) { 
     // deserialize dictionary 
     NSData *data = (__bridge NSData *)serializedDictionary; 
     NSDictionary *storedDictionary = [NSKeyedUnarchiver unarchiveObjectWithData:data]; 
     return storedDictionary; 
    } 
    else { 
     // do something with error 
     return nil; 
    } 
} 


-(void) deleteFromKeychainWithKey:(NSString *)aKey { 
    // setup keychain query properties 
    NSDictionary *deletableItemsQuery = @{ 
              (__bridge id)kSecAttrAccount:  aKey, 
              (__bridge id)kSecClass:    (__bridge id)kSecClassGenericPassword, 
              (__bridge id)kSecMatchLimit:   (__bridge id)kSecMatchLimitAll, 
              (__bridge id)kSecReturnAttributes: (id)kCFBooleanTrue 
              }; 

    CFArrayRef itemList = nil; 
    OSStatus osStatus = SecItemCopyMatching((__bridge CFDictionaryRef)deletableItemsQuery, (CFTypeRef *)&itemList); 
    // each item in the array is a dictionary 
    NSArray *itemListArray = (__bridge NSArray *)itemList; 
    for (NSDictionary *item in itemListArray) { 
     NSMutableDictionary *deleteQuery = [item mutableCopy]; 
     [deleteQuery setValue:(__bridge id)kSecClassGenericPassword forKey:(__bridge id)kSecClass]; 
     // do delete 
     osStatus = SecItemDelete((__bridge CFDictionaryRef)deleteQuery); 
     if(osStatus != noErr) { 
      // do something with error 
     } 
    } 
} 

@end

来源

2015-01-08 19:31:24

+0

看起来不错。我用你的,除了我做了deleteFromKeychainWithKey一个类的方法,所以我也可以执行一般的清理,而不需要字典。 – Fervus 2015-04-09 14:38:47

+0

好!!!!!!!!! – 2015-04-11 07:11:09

+0

工程就像一个魅力。我从KeychainItemWrapper中添加了最好的部分。 – dogsgod 2016-02-11 20:02:14

0

我加访问组的支持和模拟器安全Amols解决方案:

// 
// NSDictionary+SharedKeyChain.h 
// LHSharedKeyChain 
// 

#import <Foundation/Foundation.h> 

@interface NSDictionary (SharedKeyChain) 

/** 
* Returns a previously stored dictionary from the KeyChain. 
* 
* @param key   NSString The name of the dictionary. There can be multiple dictionaries stored in the KeyChain. 
* @param accessGroup NSString Access group for shared KeyChains, set to nil for no group. 
* 
* @return NSDictionary A dictionary that has been stored in the Keychain, nil if no dictionary for the key and accessGroup exist. 
*/ 
+ (NSDictionary *)dictionaryFromKeychainWithKey:(NSString *)key accessGroup:(NSString *)accessGroup; 

/** 
* Deletes a previously stored dictionary from the KeyChain. 
* 
* @param key   NSString The name of the dictionary. There can be multiple dictionaries stored in the KeyChain. 
* @param accessGroup NSString Access group for shared KeyChains, set to nil for no group. 
*/ 
+ (void)deleteFromKeychainWithKey:(NSString *)key accessGroup:(NSString *)accessGroup; 

/** 
* Save dictionary instance to the KeyChain. Any previously existing data with the same key and accessGroup will be overwritten. 
* 
* @param key   NSString The name of the dictionary. There can be multiple dictionaries stored in the KeyChain. 
* @param accessGroup NSString Access group for shared KeyChains, set to nil for no group. 
*/ 
- (void)storeToKeychainWithKey:(NSString *)key accessGroup:(NSString *)accessGroup; 

@end 

// 
// NSDictionary+SharedKeyChain.m 
// LHSharedKeyChain 
// 

#import "NSDictionary+SharedKeyChain.h" 

@implementation NSDictionary (SharedKeyChain) 

- (void)storeToKeychainWithKey:(NSString *)key accessGroup:(NSString *)accessGroup; 
{ 
    // serialize dict 
    NSData *serializedDictionary = [NSKeyedArchiver archivedDataWithRootObject:self]; 
    // encrypt in keychain 
    // first, delete potential existing entries with this key (it won't auto update) 
    [NSDictionary deleteFromKeychainWithKey:key accessGroup:accessGroup]; 

    // setup keychain storage properties 
    NSDictionary *storageQuery = @{ 
     (__bridge id)kSecAttrAccount: key, 
#if TARGET_IPHONE_SIMULATOR 
// Ignore the access group if running on the iPhone simulator. 
// 
// Apps that are built for the simulator aren't signed, so there's no keychain access group 
// for the simulator to check. This means that all apps can see all keychain items when run 
// on the simulator. 
// 
// If a SecItem contains an access group attribute, SecItemAdd and SecItemUpdate on the 
// simulator will return -25243 (errSecNoAccessForItem). 
#else 
     (__bridge id)kSecAttrAccessGroup: accessGroup, 
#endif 
     (__bridge id)kSecValueData: serializedDictionary, 
     (__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword, 
     (__bridge id)kSecAttrAccessible: (__bridge id)kSecAttrAccessibleWhenUnlocked 
    }; 
    OSStatus status = SecItemAdd ((__bridge CFDictionaryRef)storageQuery, nil); 
    if (status != noErr) 
    { 
     NSLog (@"%d %@", (int)status, @"Couldn't save to Keychain."); 
    } 
} 


+ (NSDictionary *)dictionaryFromKeychainWithKey:(NSString *)key accessGroup:(NSString *)accessGroup; 
{ 
    // setup keychain query properties 
    NSDictionary *readQuery = @{ 
     (__bridge id)kSecAttrAccount: key, 
#if TARGET_IPHONE_SIMULATOR 
// Ignore the access group if running on the iPhone simulator. 
// 
// Apps that are built for the simulator aren't signed, so there's no keychain access group 
// for the simulator to check. This means that all apps can see all keychain items when run 
// on the simulator. 
// 
// If a SecItem contains an access group attribute, SecItemAdd and SecItemUpdate on the 
// simulator will return -25243 (errSecNoAccessForItem). 
#else 
     (__bridge id)kSecAttrAccessGroup: accessGroup, 
#endif 
     (__bridge id)kSecReturnData: (id)kCFBooleanTrue, 
     (__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword 
    }; 

    CFDataRef serializedDictionary = NULL; 
    OSStatus status = SecItemCopyMatching ((__bridge CFDictionaryRef)readQuery, (CFTypeRef *)&serializedDictionary); 
    if (status == noErr) 
    { 
     // deserialize dictionary 
     NSData *data = (__bridge NSData *)serializedDictionary; 
     NSDictionary *storedDictionary = [NSKeyedUnarchiver unarchiveObjectWithData:data]; 
     return storedDictionary; 
    } 
    else 
    { 
     NSLog (@"%d %@", (int)status, @"Couldn't read from Keychain."); 
     return nil; 
    } 
} 


+ (void)deleteFromKeychainWithKey:(NSString *)key accessGroup:(NSString *)accessGroup; 
{ 
    // setup keychain query properties 
    NSDictionary *deletableItemsQuery = @{ 
     (__bridge id)kSecAttrAccount: key, 
#if TARGET_IPHONE_SIMULATOR 
// Ignore the access group if running on the iPhone simulator. 
// 
// Apps that are built for the simulator aren't signed, so there's no keychain access group 
// for the simulator to check. This means that all apps can see all keychain items when run 
// on the simulator. 
// 
// If a SecItem contains an access group attribute, SecItemAdd and SecItemUpdate on the 
// simulator will return -25243 (errSecNoAccessForItem). 
#else 
     (__bridge id)kSecAttrAccessGroup: accessGroup, 
#endif 
     (__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword, 
     (__bridge id)kSecMatchLimit: (__bridge id)kSecMatchLimitAll, 
     (__bridge id)kSecReturnAttributes: (id)kCFBooleanTrue 
    }; 

    CFArrayRef itemList = nil; 
    OSStatus status = SecItemCopyMatching ((__bridge CFDictionaryRef)deletableItemsQuery, (CFTypeRef *)&itemList); 
    // each item in the array is a dictionary 
    NSArray *itemListArray = (__bridge NSArray *)itemList; 
    for (NSDictionary *item in itemListArray) 
    { 
     NSMutableDictionary *deleteQuery = [item mutableCopy]; 
     [deleteQuery setValue:(__bridge id)kSecClassGenericPassword forKey:(__bridge id)kSecClass]; 
     // do delete 
     status = SecItemDelete ((__bridge CFDictionaryRef)deleteQuery); 
     if (status != noErr) 
     { 
      NSLog (@"%d %@", (int)status, @"Couldn't delete from Keychain."); 
     } 
    } 
} 

@end

来源

2016-02-11 20:09:25 dogsgod

相关问题

 相关问题