keyChain存储与keychain数据被iCloud备份

+ (NSMutableDictionary *)getKeychainQuery:(NSString *)service {

return [NSMutableDictionary dictionaryWithObjectsAndKeys:

(id)kSecClassGenericPassword,(id)kSecClass,

service, (id)kSecAttrService,

service, (id)kSecAttrAccount,

(id)kSecAttrAccessibleAfterFirstUnlock,(id)kSecAttrAccessible,

nil];

}

+ (void)save:(NSString *)service data:(id)data {

//Get search dictionary

NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];

//Delete old item before add new item

SecItemDelete((CFDictionaryRef)keychainQuery);

//Add new object to search dictionary(Attention:the data format)

[keychainQuery setObject:[NSKeyedArchiver archivedDataWithRootObject:data] forKey:(id)kSecValueData];

//Add item to keychain with the search dictionary

SecItemAdd((CFDictionaryRef)keychainQuery, NULL);

}

+ (id)load:(NSString *)service {

id ret = nil;

NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];

//Configure the search setting

//Since in our simple case we are expecting only a single attribute to be returned (the password) we can set the attribute kSecReturnData to kCFBooleanTrue

[keychainQuery setObject:(id)kCFBooleanTrue forKey:(id)kSecReturnData];

[keychainQuery setObject:(id)kSecMatchLimitOne forKey:(id)kSecMatchLimit];

CFDataRef keyData = NULL;

if (SecItemCopyMatching((CFDictionaryRef)keychainQuery, (CFTypeRef *)&keyData) == noErr) {

@try {

ret = [NSKeyedUnarchiver unarchiveObjectWithData:(__bridge NSData *)keyData];

} @catch (NSException *e) {

NSLog(@"Unarchive of %@ failed: %@", service, e);

} @finally {

}

}

if (keyData)

CFRelease(keyData);

return ret;

}

+ (void)delete:(NSString *)service {

NSMutableDictionary *keychainQuery = [self getKeychainQuery:service];

SecItemDelete((CFDictionaryRef)keychainQuery);

}

---

上面的加号方法，写在一个新类中，（SPDBKeyChain）

调方法：

1.存：

NSMutableDictionary *key_chain = [NSMutableDictionary dictionary];

[key_chain setObject:forKey:];

[SPDBKeyChain save:@"FingerPrintData" data:key_chain];

2.取:

NSMutableDictionary *key_chain = (NSMutableDictionary *)[SPDBKeyChain load:@"FingerPrintData"];

NSString *string = [usernamepasswordKVPairs objectForKey:@"FingerPrintData"];

NSLog(@"string---%@",string);

3.删：

[SPDBKeyChain delete:@"FingerPrintData"];

---

keychain备份

iOS的Keychain由系统管理并且进行加密，Keychain内的信息会随着iPhone的数据一起备份。但是kSecAttrAccessible 属性被设置为后缀是ThisDeviceOnly的数据会被以硬件相关的密钥(key)加密。并且不会随着备份移动至其他设备。

Keychain从iOS7.0开始也支持iCloud备份。把kSecAttrSynchronizable属性设置为@YES，这样后Keychain就能被iCloud备份并且跨设备分享。

不过在添加kSecAttrSynchronizable属性后，这条属性会被作为每条Keychain Item的主要的Key之一，所以在搜索，更新，删除的时候如果查询字典内没有这一条属性，item就匹配不到。