以编程方式检测 iOS 密码是否启用
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/21337563/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Programmatically detect whether iOS passcode is enabled or not
提问by Eric
Rather than build a passcode directly into my app and potentially require the user to enter a passcode twice (once for the device and again for my app); I thought I might out-clever myself and do something along the lines of:
而不是直接在我的应用程序中构建密码,并可能要求用户输入密码两次(一次用于设备,一次用于我的应用程序);我想我可能会比自己聪明,并按照以下方式做一些事情:
if (device has passcode)
continue into my app
else
make user enter my app passcode
I don't want to set the device passcode, I don't want to force a screen lock, not encrypting anything - all I really want is an API just to detect if a device passcode is in effect. Something like:
我不想设置设备密码,我不想强制屏幕锁定,不加密任何东西 - 我真正想要的只是一个 API 来检测设备密码是否有效。就像是:
BOOL notReally = [UIDevice isUserSlightlyMoreSecureBecauseTheySetDeviceLockOn];
or maybe if I'm feeling lucky:
或者如果我感到幸运:
BOOL isPasscodeEnabled = [UIDevice isPasscodeEnabled];
BOOL isSimplePasscode = [UIDevice isSimplePasscode];
NSInteger minutes = [UIDevice requirePasscodeAfter];
I'm guessing not based on this question (but is a few years old) "programmatically check for iPhone's Passcode in settings bundle" or this might be the answer; "Lock Unlock events iphone" which isn't exactly what I want but might work "after the fact".
我猜不是基于这个问题(而是几年前的)“在设置包中以编程方式检查 iPhone 的密码”或者这可能是答案;“ Lock Unlock events iphone”这不是我想要的,但可能“事后”工作。
回答by sschale
For iOS 9+ you can detect it using the new LocalAuthenticationclass, and it works on Simulator as well as devices:
对于 iOS 9+,您可以使用新LocalAuthentication类检测它,它适用于模拟器和设备:
import LocalAuthentication
private func devicePasscodeSet() -> Bool {
//checks to see if devices (not apps) passcode has been set
return LAContext().canEvaluatePolicy(.deviceOwnerAuthentication, error: nil)
}
回答by liamnichols
Update
更新
As of iOS 9, you can achieve this using the LocalAuthentication.framework. If targeting iOS 9+ read the comments hereor look at this answer.
从 iOS 9 开始,您可以使用LocalAuthentication.framework. 如果针对 iOS 9+,请阅读此处的评论或查看此答案。
If you still need to target iOS 8 then continue reading :)
如果您仍然需要针对 iOS 8,请继续阅读 :)
Starting in iOS8, you can!
I've put together a simple category to easily check the status: https://github.com/liamnichols/UIDevice-PasscodeStatus
从iOS8开始,你可以!
我整理了一个简单的类别来轻松检查状态:https: //github.com/liamnichols/UIDevice-PasscodeStatus
How it Works
这个怎么运作
This category works by using the new accessControl features added to the Security.Framework in iOS 8.
It attempts to add an item to the keychain using the kSecAttrAccessibleWhenPasscodeSetThisDeviceOnlyprotection level.
此类别通过使用添加到 iOS 8 中的 Security.Framework 的新 accessControl 功能来工作。它尝试使用kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly保护级别将项目添加到钥匙串。
The documentation states the following:
文档说明如下:
Item data can only be accessed while the device is unlocked. This class is only available if a passcode is set on the device. This is recommended for items that only need to be accessible while the application is in the foreground. Items with this attribute will never migrate to a new device, so after a backup is restored to a new device, these items will be missing. No items can be stored in this class on devices without a passcode.Disabling the device passcode will cause all items in this class to be deleted.
物品数据只能在设备解锁时访问。此类仅在设备上设置了密码时可用。建议仅在应用程序处于前台时才需要访问的项目。具有此属性的项目永远不会迁移到新设备,因此在将备份恢复到新设备后,这些项目将丢失。在没有密码的设备上,不能在此类中存储任何项目。禁用设备密码将导致该类中的所有项目被删除。
Because of this, an error is returned when you attempt to add or read an item in the keychain with this level of accessControl. If we see this error, the passcodeStatusreturns as LNPasscodeStatusDisabled.
If we can successfully read or write to the keychain with this level of accessControl then we return LNPasscodeStatusEnabled.
因此,当您尝试使用此访问控制级别添加或读取钥匙串中的项目时,将返回错误。如果我们看到此错误,则passcodeStatus返回为LNPasscodeStatusDisabled. 如果我们可以使用此级别的 accessControl 成功读取或写入钥匙串,则返回LNPasscodeStatusEnabled.
If the device is unsupported or an unrelated error with the keychain is returned, we return LNPasscodeStatusUnknown.
如果设备不受支持或返回与钥匙串无关的错误,我们将返回LNPasscodeStatusUnknown。
回答by Jim
I'm not aware of any way of getting this information directly, however I think you can probably achieve the result you are after by using side-effects of Apple's support for disk encryption. See Protecting Data Using On-Disk Encryptionfor details.
我不知道有什么方法可以直接获取此信息,但是我认为您可以通过使用 Apple 支持磁盘加密的副作用来实现您所追求的结果。有关详细信息,请参阅使用磁盘加密保护数据。
However this is a hack rather than designed behaviour, and there are some corner-cases it won't be aware of. I'd recommend making this feature something that's explicitly under the control of the user rather than something you enable with heuristics.
然而,这是一种黑客行为而不是设计行为,并且存在一些它不会意识到的极端情况。我建议将此功能设置为明确受用户控制的内容,而不是您通过启发式启用的内容。
