首页 > 代码库 > 共享keychain数据

共享keychain数据

共享keychain数据

  当往keychain中插入数据时,默认的 kSecAttrAccessGroup 就是App自身的BundleID。

官方文档

  You can add a keychain-access-groups entitlement to the application and, in the entitlement property list file, specify an array of keychain access groups to which the application belongs.

  可以在entitlements文件中指定keychain-access-groups属性。此属性下定义了一组字符串标识。

  If you add such a property-list file to the application bundle, then the access group corresponding to the application-identifier entitlement is treated as the last element in the access groups array.

  如果添加了keychain-access-group选项,那原有的app BundleID会被加入到最后一项。

  If you do not include the kSecAttrAccessGroup key in the attributes dictionary when you call the SecItemAdd function to add an item to the keychain, the function uses the first access group in the array by default.

  如果没有指定kSecAttrAccessGroup键,SecItemAdd函数默认使用第一个group值。

  If there is no kSecAttrAccessGroup key in the attributes dictionary and there is no keychain-access-groups entitlement in the application bundle, then the access group of a newly created item is the value of the application-identifier entitlement.

  如果没有指定kSecAttrAccessGroup键,也没有设置keychain-acess-group选项,则使用App BundleID作为kSecAttrAccessGroup的值

其它要求

   When you want to create an app that can share keychain access with an existing app you need to make sure that you use the bundle seed ID of the existing app. You do this when you create the new App ID in the iPhone Provisioning Portal. Instead of generating a new value you select the existing value from the list of all your previous bundle seed IDs.

  若要共享keychain数据,两个App的bundle seed id必须相同。

  The keychain access group can be named pretty much anything you want as long as it starts with the bundle seed ID.

  keychain-acess-group必须以同样的bundle seed id开头。

参考:http://useyourloaf.com/blog/2010/04/03/keychain-group-access.html