我们有一个存储敏感数据的应用程序.我们已启用文件保护,但只有在用户设置了密码时才会生效.如果用户没有设置密码,我们需要显示警告,告诉用户这样做,然后不要加载应用程序的其余部分.
基本上我们处于这个问题的确切情况,我的问题正是他们的问题.但是接受的答案是"启用文件保护",这不是这个问题的答案,也不是这个问题的答案; 我已经启用了文件保护,它没有告诉我他们是否设置了密码.
那么有可能检查,如果是,如何检查?理想情况下,我们想检查用户是设置了长密码还是简单密码,如果他们只设置了一个简单密码,我们会警告他们设置一个合适的密码.
iOS 9对此问题有正式答案:
LAContext *myContext = [[LAContext alloc] init];
NSError *authError = nil;
if ([myContext canEvaluatePolicy:LAPolicyDeviceOwnerAuthentication error:&authError])
{
// Device has either passcode enable (or passcode and touchID)
}
else
{
// Device does not have a passcode
// authError can be checked for more infos (is of type LAError)
}
注意:LAPolicyDeviceOwnerAuthentication是仅在iOS 9中可用的常量.iOS 8提供了LAPolicyDeviceOwnerAuthenticationWithBiometrics.它可用于实现一些结果,但这些不能回答您的问题.
在 iOS 8 中,现在有一种方法可以检查用户是否设置了密码。这段代码在 iOS 7 上会崩溃。
Objective-C:
-(BOOL) deviceHasPasscode {
NSData* secret = [@"Device has passcode set?" dataUsingEncoding:NSUTF8StringEncoding];
NSDictionary *attributes = @{ (__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword, (__bridge id)kSecAttrService: @"LocalDeviceServices", (__bridge id)kSecAttrAccount: @"NoAccount", (__bridge id)kSecValueData: secret, (__bridge id)kSecAttrAccessible: (__bridge id)kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly };
OSStatus status = SecItemAdd((__bridge CFDictionaryRef)attributes, NULL);
if (status == errSecSuccess) { // item added okay, passcode has been set
SecItemDelete((__bridge CFDictionaryRef)attributes);
return true;
}
return false;
}
迅速:
func deviceHasPasscode() -> Bool {
let secret = "Device has passcode set?".dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)
let attributes = [kSecClass as String:kSecClassGenericPassword, kSecAttrService as String:"LocalDeviceServices", kSecAttrAccount as String:"NoAccount", kSecValueData as String:secret!, kSecAttrAccessible as String:kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly]
let status = SecItemAdd(attributes, nil)
if status == 0 {
SecItemDelete(attributes)
return true
}
return false
}