Touch ID: 개인 키 보호 Touch ID
SecKind.GenericPassword로 저장
const SecKind KIND = SecKind.GenericPassword;
public static readonly string SERVICE_NAME = "Auth.Touch";
만능 열쇠가 있으면 삭제합니다.
static readonly SecRecord KEYCHAIN_QUERY = new SecRecord (KIND) {
Service = SERVICE_NAME,
UseOperationPrompt = "Authenticate yourself.",
};
public override void Delete ()
{
Evaluate (SecKeyChain.Remove (KEYCHAIN_QUERY));
}
public static void Evaluate(SecStatusCode code){
if (code != SecStatusCode.Success) {
throw new KeyChainException (code);
}
}
진지하게, JOSE JwkSet.
public static SecRecord ToKeyChainItem (
Jose.JwkSet jwkset,
SecAccessControl grant)
{
// if AccessControl is not specified,
// this security record is not protected by TouchID
return new SecRecord (KIND) {
Service = SERVICE_NAME,
Generic = NSData.FromString(jwkset.ToJson()),
UseNoAuthenticationUI = true,
AccessControl=grant,
};
}
static readonly SecAccessControl GRANT = new SecAccessControl (
SecAccessible.WhenPasscodeSetThisDeviceOnly,
SecAccessControlCreateFlags.UserPresence);
public override Jose.JwkSet Create ()
{
try{
this.Delete ();
}catch(KeyChainException ex) {
if (ex.Code != SecStatusCode.ItemNotFound)
throw ex;
}
return this.Add (CreateJwkSet());
}
public Jose.JwkSet Add(Jose.JwkSet jwkset)
{
var kci = ToKeyChainItem(jwkset, GRANT);
Evaluate (SecKeyChain.Add (kci));
return jwkset;
}
public static Jose.JwkSet CreateJwkSet()
{
var jwk = Jose.Jwa.KeyDef.EC.GenerateKey (Jose.Jwa.Ec.CurveEnum.P_521);
jwk.kid = DateTime.Now.ToString (); // for TEST
return new Jose.JwkSet () {
keys = new System.Collections.Generic.List<Jose.Jwk>{ jwk }
};
}
참조
public override Jose.JwkSet Load ()
{
SecStatusCode code;
SecRecord resultData = SecKeyChain.QueryAsRecord (
KEYCHAIN_QUERY, out code);
Evaluate(code);
return ToJwkSet(resultData.Generic);
}
이동
SecKind.케이면 잘 안 돼.
터치 ID를 사용하지 않는 경우 다음 코드 SecKind를 사용합니다.Key로 저장할 수 있지만 터치 ID를 보호하면 Param 오류
SecStatusCode code = SecKeyChain.Add ( new SecRecord ( SecKind.Key ) {
Service = _service_name,
Label = _service_name,
Account = _account_name,
Generic = NSData.FromString ( jwkset.ToJson(), NSStringEncoding.UTF8 ),
Accessible = accessible,
Synchronizable = sync
} );
SecStatusCode code = SecKeyChain.Add ( new SecRecord ( SecKind.Key ) {
Service = _service_name,
Label = _service_name,
Account = _account_name,
Generic = NSData.FromString ( jwkset.ToJson(), NSStringEncoding.UTF8 ),
Accessible = accessible,
Synchronizable = sync
} );
Reference
이 문제에 관하여(Touch ID: 개인 키 보호 Touch ID), 우리는 이곳에서 더 많은 자료를 발견하고 링크를 클릭하여 보았다 https://qiita.com/hidelafoglia/items/eee402c84b4fc751011f텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
우수한 개발자 콘텐츠 발견에 전념 (Collection and Share based on the CC Protocol.)