KeyChain是蘋果提供的一種安全的保存用戶名表谊、密碼橘沥、證書的方式毅戈，將敏感信息保存在keychain中后搓扯，這些信息不會隨著app的卸載而丟失检痰，除非開發(fā)人員在app中手動刪除敏感信息，否則锨推，這些信息將會一直保存在keychain中铅歼。

在使用keychain時，我們首先要將security.framework引入到工程中换可。由于使用時不支持arc椎椰，所以我們在arc環(huán)境中需要針對相關(guān)文件啟用mrc模式。

首先沾鳄，我們構(gòu)造一個工具類慨飘，通過這個類來操作keychain。

#import<foundation foundation.h="">

#import<security security.h="">

@interfaceKeyChain : NSObject

// save username and password to keychain

+ (void)save:(NSString *)service data:(id)data;

// take out username and passwore from keychain

+ (id)load:(NSString *)service;

// delete username and password from keychain

+ (void)delete:(NSString *)service;

@end

在實現(xiàn)文件中译荞，我們這樣寫：

#import"KeyChain.h"

@implementationKeyChain

/**

*該類需要工作在mrc模式下瓤的，acr的項目按照如下步驟操作

*選中工程->TARGETS->相應(yīng)的target然后選中右側(cè)的“Build Phases”，向下就找到“Compile Sources”了吞歼。然后在相應(yīng)的文件后面添加:-fno-objc-arc參數(shù)

*

**/

+ (NSMutableDictionary *)getKeychainQuery:(NSString *)service {

return[NSMutableDictionary dictionaryWithObjectsAndKeys:

(id)kSecClassGenericPassword,(id)kSecClass,

service, (id)kSecAttrService,

service, (id)kSecAttrAccount,

(id)kSecAttrAccessibleAfterFirstUnlock,(id)kSecAttrAccessible,

nil];

}

#pragma mark 寫入

+ (void)save:(NSString *)service data:(id)data {

//Get search dictionary

NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];

//Delete old item before add new item

SecItemDelete((CFDictionaryRef)keychainQuery);

//Add new object to search dictionary(Attention:the data format)

[keychainQuery setObject:[NSKeyedArchiver archivedDataWithRootObject:data] forKey:(id)kSecValueData];

//Add item to keychain with the search dictionary

SecItemAdd((CFDictionaryRef)keychainQuery, NULL);

}

#pragma mark 讀取

+ (id)load:(NSString *)service {

id ret = nil;

NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];

//Configure the search setting

//Since in our simple case we are expecting only a single attribute to be returned (the password) we can set the attribute kSecReturnData to kCFBooleanTrue

[keychainQuery setObject:(id)kCFBooleanTrue forKey:(id)kSecReturnData];

[keychainQuery setObject:(id)kSecMatchLimitOne forKey:(id)kSecMatchLimit];

CFDataRef keyData = NULL;

if(SecItemCopyMatching((CFDictionaryRef)keychainQuery, (CFTypeRef *)&keyData) == noErr) {

@try{

ret = [NSKeyedUnarchiver unarchiveObjectWithData:(NSData *)keyData];

}@catch(NSException *e) {

NSLog(@"Unarchive of %@ failed: %@", service, e);

}@finally{

}

}

if(keyData)

CFRelease(keyData);

returnret;

}

#pragma mark 刪除

+ (void)delete:(NSString *)service {

NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];

SecItemDelete((CFDictionaryRef)keychainQuery);

}

@end

修改工程的相關(guān)放在在代碼注釋中已經(jīng)寫清楚了圈膏。

下邊是使用這個類

首先，我們定義幾個字符串類型的標(biāo)識符

NSString *constKEY_USERNAME_PASSWORD = @"com.company.app.usernamepassword";

NSString *constKEY_USERNAME = @"com.company.app.username";

NSString *constKEY_PASSWORD = @"com.company.app.password";

之后篙骡，我們創(chuàng)建一個字典稽坤，并將用戶名和密碼放入字典中

NSMutableDictionary *userNamePasswordKVPairs = [NSMutableDictionary dictionary];

[userNamePasswordKVPairs setObject:@"userName"forKey:KEY_USERNAME];

[userNamePasswordKVPairs setObject:@"password"forKey:KEY_PASSWORD];

下邊引用工具類的各個方法，分別進(jìn)行用戶名和密碼的添加糯俗、讀取尿褪、刪除操作

// A、將用戶名和密碼寫入keychain

[KeyChain save:KEY_USERNAME_PASSWORD data:userNamePasswordKVPairs];

// B叶骨、從keychain中讀取用戶名和密碼

NSMutableDictionary *readUsernamePassword = (NSMutableDictionary *)[KeyChain load:KEY_USERNAME_PASSWORD];

NSString *userName = [readUsernamePassword objectForKey:KEY_USERNAME];

NSString *password = [readUsernamePassword objectForKey:KEY_PASSWORD];

NSLog(@"username = %@", userName);

NSLog(@"password = %@", password);

// C茫多、將用戶名和密碼從keychain中刪除

[KeyChain delete:KEY_USERNAME_PASSWORD];

keychain的用法還有很多，我們在這里只是簡單的將用戶名和密碼保存在keychain忽刽，而不是數(shù)據(jù)庫或nsuserdefaults中天揖，以增加安全性夺欲。