我在“钥匙串服务编程指南”中的Apple示例代码之后,将通用密码存储在钥匙串中。
只要我在Xcode中以调试模式运行应用程序,一切正常。 但是,当我存档并导出应用程序时,它仍会存储密码(在Keychain Access中可见)但无法检索它们。
钥匙串不断返回errSecAuthFailed(-25293)。 这种情况发生在Mountain Lion上,但不会发生在Snow Leopard上。 我的应用程序是代码签名和沙盒。 对我来说,似乎在检索密码时,钥匙串不会将应用程序识别为存储密码的应用程序,因为当我将密码设置为可由任何应用程序访问时,它也可以正常工作。
我使用以下代码:
+ (NSString*) retrievePasswordFromKeychainWithKey: (NSString*) theKey { SecKeychainUnlock(NULL, 0, NULL, FALSE); const char* userNameUTF8 = [NSUserName() UTF8String]; uint32_t userNameLength = (uint32_t)strlen(userNameUTF8); uint32_t serviceNameLength = (uint32_t)strlen([theKey UTF8String]); uint32_t pwLength = 0; void* pwBuffer = nil; SecKeychainItemRef itemRef = nil; OSStatus status1 = SecKeychainFindGenericPassword (NULL, serviceNameLength, serviceNameUTF8, userNameLength, userNameUTF8, &pwLength, &pwBuffer, &itemRef); if (status1 == noErr) { NSData* pwData = [NSData dataWithBytes:pwBuffer length:pwLength]; SecKeychainItemFreeContent (NULL, //No attribute data to release pwBuffer //Release data buffer allocated by SecKeychainFindGenericPassword ); return [NSString stringWithCString:[pwData bytes] encoding:NSUTF8StringEncoding]; } //status1 is always -25293 return nil; }I am storing generic passwords in the keychain following Apple's example code in the "Keychain Services Programming Guide".
Everything works fine as long as I am running the App in Debug mode from Xcode. However when I archive and export the app, it will still store passwords (visible in Keychain Access) but is not able to retrieve them.
The keychain constantly returns errSecAuthFailed (-25293). This occurs on Mountain Lion but not on Snow Leopard. My App is code signed and sandboxed. To me it seems that when retrieving the password, keychain does not recognize the App as the same one that stored the password, because when I set the password to be accessible by any application it also works well.
I use the following code:
+ (NSString*) retrievePasswordFromKeychainWithKey: (NSString*) theKey { SecKeychainUnlock(NULL, 0, NULL, FALSE); const char* userNameUTF8 = [NSUserName() UTF8String]; uint32_t userNameLength = (uint32_t)strlen(userNameUTF8); uint32_t serviceNameLength = (uint32_t)strlen([theKey UTF8String]); uint32_t pwLength = 0; void* pwBuffer = nil; SecKeychainItemRef itemRef = nil; OSStatus status1 = SecKeychainFindGenericPassword (NULL, serviceNameLength, serviceNameUTF8, userNameLength, userNameUTF8, &pwLength, &pwBuffer, &itemRef); if (status1 == noErr) { NSData* pwData = [NSData dataWithBytes:pwBuffer length:pwLength]; SecKeychainItemFreeContent (NULL, //No attribute data to release pwBuffer //Release data buffer allocated by SecKeychainFindGenericPassword ); return [NSString stringWithCString:[pwData bytes] encoding:NSUTF8StringEncoding]; } //status1 is always -25293 return nil; }最满意答案
好的,我刚刚得知这是Mac OS 10.8.0中的一个漏洞。 使用开发者ID签名的应用无法访问钥匙串中的数据。 我希望这将在10.8.1中修复......
解决方法是不使用您的开发者ID对应用程序进行签名。 (我还读到在Lion下构建的应用程序不受此错误的影响,但我无法对此进行测试)
OK, I just learnt that this is an open bug in Mac OS 10.8.0. Apps signed with a Developer ID cannot access data from the keychain. I hope this will be fixed in 10.8.1...
A workaround is not to sign the App with your Developer ID. (I have also read that Apps built under Lion are not affected by this bug, but I could not test this, yet)
从钥匙串检索存储的密码在XCode外部失败(Retrieving stored passwords from keychain fails outside XCode)我在“钥匙串服务编程指南”中的Apple示例代码之后,将通用密码存储在钥匙串中。
只要我在Xcode中以调试模式运行应用程序,一切正常。 但是,当我存档并导出应用程序时,它仍会存储密码(在Keychain Access中可见)但无法检索它们。
钥匙串不断返回errSecAuthFailed(-25293)。 这种情况发生在Mountain Lion上,但不会发生在Snow Leopard上。 我的应用程序是代码签名和沙盒。 对我来说,似乎在检索密码时,钥匙串不会将应用程序识别为存储密码的应用程序,因为当我将密码设置为可由任何应用程序访问时,它也可以正常工作。
我使用以下代码:
+ (NSString*) retrievePasswordFromKeychainWithKey: (NSString*) theKey { SecKeychainUnlock(NULL, 0, NULL, FALSE); const char* userNameUTF8 = [NSUserName() UTF8String]; uint32_t userNameLength = (uint32_t)strlen(userNameUTF8); uint32_t serviceNameLength = (uint32_t)strlen([theKey UTF8String]); uint32_t pwLength = 0; void* pwBuffer = nil; SecKeychainItemRef itemRef = nil; OSStatus status1 = SecKeychainFindGenericPassword (NULL, serviceNameLength, serviceNameUTF8, userNameLength, userNameUTF8, &pwLength, &pwBuffer, &itemRef); if (status1 == noErr) { NSData* pwData = [NSData dataWithBytes:pwBuffer length:pwLength]; SecKeychainItemFreeContent (NULL, //No attribute data to release pwBuffer //Release data buffer allocated by SecKeychainFindGenericPassword ); return [NSString stringWithCString:[pwData bytes] encoding:NSUTF8StringEncoding]; } //status1 is always -25293 return nil; }I am storing generic passwords in the keychain following Apple's example code in the "Keychain Services Programming Guide".
Everything works fine as long as I am running the App in Debug mode from Xcode. However when I archive and export the app, it will still store passwords (visible in Keychain Access) but is not able to retrieve them.
The keychain constantly returns errSecAuthFailed (-25293). This occurs on Mountain Lion but not on Snow Leopard. My App is code signed and sandboxed. To me it seems that when retrieving the password, keychain does not recognize the App as the same one that stored the password, because when I set the password to be accessible by any application it also works well.
I use the following code:
+ (NSString*) retrievePasswordFromKeychainWithKey: (NSString*) theKey { SecKeychainUnlock(NULL, 0, NULL, FALSE); const char* userNameUTF8 = [NSUserName() UTF8String]; uint32_t userNameLength = (uint32_t)strlen(userNameUTF8); uint32_t serviceNameLength = (uint32_t)strlen([theKey UTF8String]); uint32_t pwLength = 0; void* pwBuffer = nil; SecKeychainItemRef itemRef = nil; OSStatus status1 = SecKeychainFindGenericPassword (NULL, serviceNameLength, serviceNameUTF8, userNameLength, userNameUTF8, &pwLength, &pwBuffer, &itemRef); if (status1 == noErr) { NSData* pwData = [NSData dataWithBytes:pwBuffer length:pwLength]; SecKeychainItemFreeContent (NULL, //No attribute data to release pwBuffer //Release data buffer allocated by SecKeychainFindGenericPassword ); return [NSString stringWithCString:[pwData bytes] encoding:NSUTF8StringEncoding]; } //status1 is always -25293 return nil; }最满意答案
好的,我刚刚得知这是Mac OS 10.8.0中的一个漏洞。 使用开发者ID签名的应用无法访问钥匙串中的数据。 我希望这将在10.8.1中修复......
解决方法是不使用您的开发者ID对应用程序进行签名。 (我还读到在Lion下构建的应用程序不受此错误的影响,但我无法对此进行测试)
OK, I just learnt that this is an open bug in Mac OS 10.8.0. Apps signed with a Developer ID cannot access data from the keychain. I hope this will be fixed in 10.8.1...
A workaround is not to sign the App with your Developer ID. (I have also read that Apps built under Lion are not affected by this bug, but I could not test this, yet)
发布评论