通过 AppStore 更新后如何测试对钥匙串属性的访问? [英] How do I test access to a keychain property after update via the AppStore?
问题描述
在钥匙串服务编程指南中,它说明了以下内容:
In the Keychain Services Programming Guide it states the following:
在 iPhone 上,钥匙串权限取决于用于签署您的应用程序的配置文件.请确保在您的应用程序的不同版本中始终使用相同的配置文件."
"On iPhone, Keychain rights depend on the provisioning profile used to sign your application. Be sure to consistently use the same provisioning profile across different versions of your application."
我没有问题,但我想测试一下,如果我在 AppStore 中为我的应用程序提供更新,它仍然能够访问存储在钥匙串中的旧值.我尝试通过更新应用程序来进行测试,该版本使用临时分发配置文件签名,该配置文件包含与原始版本相同的捆绑 ID 和产品名称,但无法访问钥匙串中的旧值.
Which I have no problem with but I would like to test that if I provide an update to my app in the AppStore that it will still be able to access the old values stored in the keychain. I have tried to test by updating the app with a version signed with an ad-hoc distribution profile that contained the same bundle id and product name as the original but it could not access the old value in the keychain.
是否是将更新提交到 AppStore 并希望它会起作用的唯一选择?
Is the only option to submit the update to the AppStore and hope that it will work?
推荐答案
这是个好问题.
您可能想要在钥匙串中存储一些数据的主要原因之一是为了防止恶意用户访问它.这本身就是一个很枯燥的句子,所以我建议阅读 关于某人可能如何访问该数据.
One of the main reason why you might want to store some data in the keychain is to prevent malicious users from accessing it. This is quite a dry sentence on its own so I recommend reading about how someone might access that data.
另一种访问钥匙串数据的方法是创建一个与目标应用程序具有相同应用程序 ID 的恶意应用程序.Apple 已通过要求配置文件相同来确保这条路线.
Another way to access keychain data would be to create a malicious app with the same app ID as the target app. Apple have secured this route by requiring the provisioning profile to be the same.
因此,为了回答您的问题,您只能测试来自同一配置文件的更新中的钥匙串数据,即
So, to answer your question, you can only test the keychain data in update from the same provisioning profile, i.e.
- 临时到临时
- 应用商店到应用商店.
应用程序商店到应用程序商店并不是真正的选择,因为到那时为时已晚(您的更新将在市场上).因此,您需要删除您的应用商店应用并安装临时版本.然后在钥匙串上重新创建您的数据,然后更新到最新的临时版本并测试它是否有效.
App store to app store is not really an option since it will be too late by then (your update will be on the market). So instead you need to delete your app store app and install an ad hoc version. Then recreate your data on the keychain, then update to the latest ad hoc version and test that it worked.
当然,这需要您拥有当前在应用商店中的应用的存档临时版本.如果您没有这个,则无法测试更新.
Of course this requires you to have an archived ad hoc version of the app thats currently on the app store. If you don't have this, then its not possible to test an update.
这篇关于通过 AppStore 更新后如何测试对钥匙串属性的访问?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
