在具有相同团队 ID 的应用程序组之间共享钥匙串访问
[英]share keychain access between group of apps with same team id
问题描述
I would be having a master application and n number of children apps, want them to share keychain,
我会有一个主应用程序和 n 个子应用程序,希望他们共享钥匙串,
In entitlements.plist all the children apps would be having their own bundle identifier在 entitlements.plist 中,所有子应用程序都将拥有自己的捆绑标识符
The keychain-group-access that i use to add and fetch details from all the apps is PM7456S8QE.com.mango.GenericKeychain我用来从所有应用程序添加和获取详细信息的钥匙串组访问是 PM7456S8QE.com.mango.GenericKeychain
In all the applications the keychain-group-access syntax is like在所有应用程序中,keychain-group-access 语法就像
PM7456S8QE.com.mango.app1 PM7456S8QE.com.mango.app2 PM7456S8QE.com.mango.app1 PM7456S8QE.com.mango.app2
All the apps would be using same certificate for signing and even the mobile provision file is same所有应用程序都将使用相同的证书进行签名,甚至移动配置文件也相同
would i be able add and fetch details from keychain as all the apps have same team id ?由于所有应用程序都具有相同的团队 ID,我能否从钥匙串中添加和获取详细信息?
1 个解决方案
解决方案1
1 2020-09-03 17:21:12
Old question but it still deserves an answer:老问题,但它仍然值得回答:
Multiple apps on iOS can only share keychain items if they belong to the same app group or to the same keychain access group. iOS 上的多个应用程序只能共享属于同一个应用程序组或同一个钥匙串访问组的钥匙串项目。 Therefor your apps must have a keychain access group or app group entitlement and whenever two apps list the same group names there, they can also share keychain items.因此,您的应用程序必须具有钥匙串访问组或应用程序组权利,并且每当两个应用程序在其中列出相同的组名称时,它们也可以共享钥匙串项目。
The difference between keychain access groups and app groups is that keychain access groups only allow apps to share keychain items, yet nothing else is shared.钥匙串访问组和应用程序组之间的区别在于钥匙串访问组只允许应用程序共享钥匙串项目,而不共享其他任何内容。 App group also allow your apps to share settings and data files and allow interactions between these apps that would otherwise not be allowed.应用程序组还允许您的应用程序共享设置和数据文件,并允许这些应用程序之间原本不允许的交互。
Note that an app can belong to any number of keychain access and app groups at the same time.请注意,一个应用程序可以同时属于任意数量的钥匙串访问和应用程序组。 The only limitation is that all groups it belongs to must be groups of the same development team.唯一的限制是它所属的所有组必须是同一开发团队的组。 Sharing across development teams is not possible.跨开发团队共享是不可能的。
Apple has good documentations side about this topic that explains this kind of sharing in all detail: Apple 有关于这个主题的很好的文档方面,它详细解释了这种共享:
https://developer.apple.com/documentation/security/keychain_services/keychain_items/sharing_access_to_keychain_items_among_a_collection_of_apps https://developer.apple.com/documentation/security/keychain_services/keychain_items/sharing_access_to_keychain_items_among_a_collection_of_apps
The same rules apply to macOS, however macOS also has an alternative access control systems for keychain items that are not synchronizable and don't request to use the new keychain API introduced with iOS.相同的规则适用于 macOS,但是 macOS 还为不可同步且不请求使用 iOS 引入的新钥匙串 API 的钥匙串项目提供替代访问控制系统。 In that case other sharing options are available but none of that applies to iOS.在这种情况下,可以使用其他共享选项,但这些选项都不适用于 iOS。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.