1 Keychain Services钥匙链服务

Securely store small chunks of data on behalf of the user.
为用户安全地存储少量数据.

2 Overview概述

Computer users often have small secrets that they need to store securely. For example, most people manage numerous online accounts. Remembering a complex, unique password for each is impossible, but writing them down is both insecure and tedious. Users typically respond to this situation by recycling simple passwords across many accounts, which is also insecure.
电脑用户经常需要安全地存储一些少量的私密信息.比如,大多数人管理者很多线上账号.要记住每一个复杂,唯一的密码是不可能的,而把他们都用笔记下来又是不安全和乏味的.用户通常通过在多个帐户中循环使用简单密码来应对这种情况，这也是不安全的。

The keychain services API helps you solve this problem by giving your app a mechanism to store small bits of user data in an encrypted database called a keychain. When you securely remember the password for them, you free the user to choose a complicated one.
钥匙链服务API将帮助你解决这些难题,它提供了一种机制存储用户数据,将这些数据存放在一个叫做钥匙链的加密的数据库中.当我们能够安全地为用户记住密码时,我们就可以让用户自由地选择一个复杂的密码.

The keychain is not limited to passwords, as shown in Figure 1. You can store other secrets that the user explicitly cares about, such as credit card information or even short notes. You can also store items that the user needs but may not be aware of. For example, the cryptographic keys and certificates that you manage with Certificate, Key, and Trust Services enable the user to engage in secure communications and to establish trust with other users and devices. You use the keychain to store these items as well.
如图1所示,钥匙链并不仅仅能够存储密码.还可以存储其他用户会明确关心的私密信息,比如信用卡信息或者少量笔记.我们也可以存储用户会使用但是并不在意的信息.比如,在证书、密钥和信任服务中我们需要管理的私钥和证书,这些信息可以让用户参与安全通信并与其他用户和设备建立信任。我们同样也可以使用钥匙链来存储这些项目.

图1-在钥匙链中存储用户的私密信息

3 Topics主题

3.1 API Components API组件

• Keychain Items 钥匙链项目
  Embed confidential information in items that you store in a keychain.
  将机密信息以钥匙链项目的方式存储在钥匙链中.

• Keychains 钥匙链
  Create and manage entire keychains in macOS.
  在MacOS中创建和管理完整的钥匙链.

• Access Control Lists 访问控制列表
  Control which apps have access to keychain items in macOS.
  在macOS中控制哪些应用拥有权限访问钥匙链项目

4 See Also参考

4.1 Secure Data 安全数据

• Preventing Insecure Network Connections防止非安全网络连接
  Enforce secure network links in your app by relying on App Transport Security.
  通过在应用中依赖AppTransportSecurity来强制使用安全的网络链接。