Chinaunix首页 | 论坛 | 博客
  • 博客访问: 533609
  • 博文数量: 78
  • 博客积分: 1913
  • 博客等级: 上尉
  • 技术积分: 829
  • 用 户 组: 普通用户
  • 注册时间: 2008-03-14 21:29
文章分类

全部博文(78)

文章存档

2011年(27)

2010年(26)

2009年(20)

2008年(5)

我的朋友

分类:

2010-12-31 14:56:44

之前用applescript总是不能成功,只能删除掉login.keychain里的项目,却不能删除system.keychain里面的.提示没有写权限.即使把system.keychain这个文件的权限改成777也不行.后来在stackoverflow上找到了方法!

这里只是传入用户名.当然最好是加入一些特定信息来唯一标识这个要删除的item.这里也会同时删除掉所有其它keychain文件里的item.最好指定arrayRef为system.keychain.

BOOL deleteItemOfSystemKeychain(NSArray *accountList)
{
OSStatus retVal;
SecKeychainRef systemKeychainRef;
SecKeychainItemRef kcItem;
AuthorizationRef authRef;
AuthorizationItem right = { "system.keychain.modify", 0, NULL, 0 };
AuthorizationRights rightSet = { 1, &right };

/* Create authorization to access the system.keychain */
retVal = AuthorizationCreate(&rightSet, kAuthorizationEmptyEnvironment, kAuthorizationFlagExtendRights | kAuthorizationFlagInteractionAllowed, &authRef);

if (retVal != errSecSuccess) {
    NSLog(@"Failed to get right to modify system keychain %@", SecCopyErrorMessageString(retVal, NULL));
    return FALSE;
}

SecKeychainSetUserInteractionAllowed(TRUE);
retVal = SecKeychainOpen("/Library/Keychains/System.keychain", &systemKeychainRef);
if (retVal != errSecSuccess) {
    NSLog(@"Failed to open System keychain %@", SecCopyErrorMessageString(retVal, NULL));
    return FALSE;
}

retVal = SecKeychainUnlock(systemKeychainRef, 0, NULL, FALSE);
    if (retVal != errSecSuccess) {
    NSLog(@"Failed to unlock System keychain %@", SecCopyErrorMessageString(retVal, NULL));
    return FALSE;
}

// retVal = SecKeychainSetSearchList(CFArrayRef searchList);


/* Search the item we wanna to delete */
CFArrayRef arrayRef;
SecKeychainCopySearchList(&arrayRef);
SecKeychainSetSearchList(arrayRef);
CFRelease(arrayRef);

SecKeychainSearchRef searchRef;
SecKeychainSearchCreateFromAttributes(NULL,
                                      kSecGenericPasswordItemClass,
                                      NULL,
                                      &searchRef);

while (errSecItemNotFound != SecKeychainSearchCopyNext(searchRef, &kcItem))
{
    static int iCount = 1;
    SecKeychainAttributeInfo *info;
    SecKeychainAttributeInfoForItemID(systemKeychainRef,
                                      CSSM_DL_DB_RECORD_GENERIC_PASSWORD,
                                      &info);
    SecKeychainAttributeList *attributes;
    SecKeychainItemCopyAttributesAndData(kcItem, info, NULL, &attributes, 0, NULL);


    for (int i = 0; i < attributes->count; i ++)
    {
        SecKeychainAttribute attr = attributes->attr[i];

        char attr_tag[5] = {0};
        attr_tag[0] = ((char *)&attr.tag)[3];
        attr_tag[1] = ((char *)&attr.tag)[2];
        attr_tag[2] = ((char *)&attr.tag)[1];
        attr_tag[3] = ((char *)&attr.tag)[0];

        NSString *attrTag = [NSString stringWithCString:attr_tag encoding:NSUTF8StringEncoding];
        NSString *attrValue = [[[NSString alloc] initWithData:[NSData dataWithBytes:attr.data
                                                                             length:attr.length]
                                                     encoding:NSUTF8StringEncoding] autorelease];

        if ([attrTag isEqualToString:@"acct"])
        {
            NSLog(@"Check Item %d:%@:%@", iCount++, attrTag, attrValue);
            for (NSString *str in accountList)
            {
                if ([attrValue isEqualToString:str])
                {
                    NSLog(@"delete %@...", str);
                    retVal = SecKeychainItemDelete(kcItem);
                    if (retVal != errSecSuccess)
                    {
                        NSLog(@"delete %@ failed...", str);
                    }
                }
            }
        }
    }
}

return TRUE;
}


阅读(5675) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~