问题
I write very secure application (for Bank) and I keep the private key in the Keychain. I keep the Private key using the following code:
+(void)savePrivatekey:(NSString *)Key
{
KeychainItemWrapper *keychain = [[KeychainItemWrapper alloc] initWithIdentifier:@"pKey" accessGroup:nil];
[keychain setObject:Key forKey:(id)kSecValueData];
[keychain release];
}
and for get the private key using the following code:
+(NSString *)privateKey
{
KeychainItemWrapper *keychain = [[KeychainItemWrapper alloc] initWithIdentifier:@"pKey"accessGroup:nil];
NSString *privateKey = [keychain objectForKey:(id)kSecValueData];
[keychain release];
return privateKey;
}
i don't save the private key in local variable from security reasons. because every call to server I need the private key i call to to function "GetPrivateKey" a lot of times. Maybe that's why sometimes i get from the keychain empty string. i can't think of why this might happen. I noticed that in most cases this happens when the application return from background but no only... thanks...
I opened ticket at Apple's engineers and they responded to me:
Are you setting the kSecAttrAccessible attribute when you create the keychain item initially?
I always create the same shape keychain: KeychainItemWrapper * keychain = [[KeychainItemWrapper alloc] initWithIdentifier: @ "pKey" accessGroup: nil];
Does anyone know what their intent? thanks...
回答1:
I answered my own question a while back regarding this. I'm not sure if this is your exact problem as your code seems to look/work fine. So regarding your keychain access, I'm guessing it is a bit different. This may or may not help, but might steer you in the right direction.
iOS KeyChain not retrieving values from background
回答2:
If your class is using ARC the following works for me every time.
KeychainItemWrapper *testKeychain = [[KeychainItemWrapper alloc] initWithIdentifier:@"AppUniqueID" accessGroup:nil];
NSString *privateKey = [testKeychain objectForKey:(__bridge id)(kSecValueData)];
NSLog(@"Private Key: %@ \n", privateKey);
来源:https://stackoverflow.com/questions/17344613/ios-keychain-occasionally-return-empty-string