通过 AppStore 更新后如何测试对钥匙串属性的访问?

发布于 2024-11-01 20:17:38 字数 291 浏览 5 评论 0原文

在《钥匙串服务编程指南》中,它指出了以下内容:

“在 iPhone 上,钥匙串权限取决于用于签署应用程序的配置文件。请确保在不同版本的应用程序中一致使用相同的配置文件。”

我对此没有任何问题,但我想测试一下,如果我在 AppStore 中为我的应用程序提供更新,它仍然能够访问存储在钥匙串中的旧值。我尝试通过使用使用临时分发配置文件签名的版本来更新应用程序来进行测试,该配置文件包含与原始版本相同的捆绑包 ID 和产品名称,但它无法访问钥匙串中的旧值。

向 AppStore 提交更新并希望它能发挥作用是唯一的选择吗?

In the Keychain Services Programming Guide it states the following:

"On iPhone, Keychain rights depend on the provisioning profile used to sign your application. Be sure to consistently use the same provisioning profile across different versions of your application."

Which I have no problem with but I would like to test that if I provide an update to my app in the AppStore that it will still be able to access the old values stored in the keychain. I have tried to test by updating the app with a version signed with an ad-hoc distribution profile that contained the same bundle id and product name as the original but it could not access the old value in the keychain.

Is the only option to submit the update to the AppStore and hope that it will work?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

撑一把青伞 2024-11-08 20:17:38

这是一个好问题。

您可能希望在钥匙串中存储一些数据的主要原因之一是防止恶意用户访问它。这本身就是一个相当枯燥的句子,所以我建议阅读

访问钥匙串数据的另一种方法是创建一个与目标应用程序具有相同应用程序 ID 的恶意应用程序。 Apple 通过要求配置文件相同来确保这条路线的安全。


因此,为了回答您的问题,您只能测试从同一配置文件更新的钥匙串数据,即

  1. 从 Ad hoc 到 Ad hoc
  2. 应用程序商店到应用程序商店。

应用商店到应用商店并不是真正的选择,因为到那时就为时已晚(您的更新将投放市场)。因此,您需要删除应用程序商店应用程序并安装临时版本。然后在钥匙串上重新创建数据,然后更新到最新的临时版本并测试其是否有效。

当然,这需要您拥有当前在应用程序商店中的应用程序的存档临时版本。如果您没有这个,则无法测试更新。

This is a good question.

One of the main reason why you might want to store some data in the keychain is to prevent malicious users from accessing it. This is quite a dry sentence on its own so I recommend reading about how someone might access that data.

Another way to access keychain data would be to create a malicious app with the same app ID as the target app. Apple have secured this route by requiring the provisioning profile to be the same.


So, to answer your question, you can only test the keychain data in update from the same provisioning profile, i.e.

  1. Ad hoc to Ad hoc
  2. App store to app store.

App store to app store is not really an option since it will be too late by then (your update will be on the market). So instead you need to delete your app store app and install an ad hoc version. Then recreate your data on the keychain, then update to the latest ad hoc version and test that it worked.

Of course this requires you to have an archived ad hoc version of the app thats currently on the app store. If you don't have this, then its not possible to test an update.

慕巷 2024-11-08 20:17:38

除非我弄错了,否则要更新应用程序商店中的应用程序,您需要使用相同的配置文件。因此,由于您将使用相同的配置文件,因此您应该有权访问相同的钥匙串项目。

Unless I am mistaken, to update an app in the app store you need to use the same provisioning profile. Therefore, since you will be using the same profile, you should have access to the same keychain items.

土豪 2024-11-08 20:17:38

实际上,重要的不是配置文件,而是应用程序 ID。特别是您在创建应用程序 ID 时设置的捆绑种子 ID。钥匙串访问受其控制。因此,只要您的个人资料使用具有相同 Bundle Seed ID 的应用程序 ID,您就可以继续访问钥匙串中的信息。我有一些应用程序可以执行此操作。

这允许您创建一套应用程序,只要您将它们设置为使用相同的 Bundle Seed ID,这些应用程序都可以访问相同的钥匙串项目。因此,如果您使用轻型版本和专业版本,它们都可以访问相同的钥匙串信息,同时为用户默认值等内容维护单独的捆绑包标识。

It's actually not the provisioning file that matters, but the app ID. Specifically the Bundle Seed ID that you set when creating an App ID. Keychain access is governed by it. So as long as your profile uses an app ID with the same Bundle Seed ID you can continue to access the info in the keychain. I have a few apps that do this.

This allows you to to create a suite of apps that can all access the same keychain items as long as you set them to use the same Bundle Seed ID. So if you do a light and a pro version, they can both access the same keychain info while maintaining separate bundle identifies for things like user defaults.

征﹌骨岁月お 2024-11-08 20:17:38

SFHFKeychainUtils 可能是您不错的选择。
它是访问钥匙串的包装。
更多信息:SFHFKeychainUtils:http://www.ioslib.com/archives/sfhfkeychainutils/

SFHFKeychainUtils may be your good choice.
It's a wrapper to access keychain.
More about: SFHFKeychainUtils :http://www.ioslib.com/archives/sfhfkeychainutils/

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文