我写了下面的代码,从我的应用程序中添加了一个通用密码。SecKeychainAddGenericPassword((通过设计将应用程序添加为密钥链中的受信任应用程序。我想从受信任的应用程序列表中删除我的应用程序。我打电话给SecKeychainItemSetAccess((来做这件事,但我仍然看到我的应用程序被列为受信任的应用程序。
addgenericpassword(const std::string& service,const std::string& account,
const std::string& password) {
SecKeychainItemRef item_ref;
OSStatus status = SecKeychainAddGenericPassword(NULL,
service.length(),
service.data(),
account.length(),
account.data(),
password.length(),
password.data(),
&item_ref);
//Creating an secAccess object that has an empty trusted application list
//https://developer.apple.com/documentation/security/1393522-secaccesscreate?language=objc
CFArrayRef applicationList=CFArrayCreate (NULL,NULL,0,NULL);
SecAccessRef accessref;
CFStringRef description=CFStringCreateWithCString(NULL, "Generic description", kCFStringEncodingASCII);
status = SecAccessCreate(description,applicationList,&accessref);
//Set the access of a keychain item "item_ref".
status = SecKeychainItemSetAccess(item_ref,accessref);
CFRelease(item_ref);
CFRelease(accessref);
CFRelease(applicationList);
CFRelease(description);
return 0;
}
更新:已更改描述以匹配服务名称。仍然没有运气
CFStringRef description=CFStringCreateWithCString(NULL, service.data(), kCFStringEncodingASCII);
我已经能够获得我想要的功能。不过,我不确定这是否是正确的方法。
SecAccessRef accessref;
SecKeychainItemCopyAccess(item_ref, &accessref);
CFArrayRef aclList;
SecAccessCopyACLList(accessref, &aclList);
CFIndex count = CFArrayGetCount(aclList);
//Array with 0 Applications / Empty Array . Not the same as passing NULL
CFArrayRef zero_applications = CFArrayCreate(NULL, NULL, 0, NULL);
for (int i = 0; i < count; i++) {
SecACLRef acl = (SecACLRef) CFArrayGetValueAtIndex(aclList, i);
CFArrayRef applicationList;
CFStringRef description;
CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR promptSelector;
SecACLCopySimpleContents(acl, &applicationList, &description,
&promptSelector);
if (applicationList == NULL) {
continue;
}
CFIndex appCount = CFArrayGetCount(applicationList);
for (int j = 0; j < appCount; j++) {
status= SecACLSetContents(acl, zero_applications, description, 1);
break;
}
CFRelease(applicationList);
CFRelease(description);
}
// Set the modified copy to the item now
status = SecKeychainItemSetAccess(item_ref, accessref);