 |
There are four types of keychain items: certificates, AppleShare passwords, Internet passwords, and generic passwords. Keychain items are any item in the keychain database. You can think of a keychain item as simply a chunk of data with attached information that identifies attributes of the item, including its type, its creation date, and so forth. The data and attributes in a keychain item are encrypted.
You can store and retrieve AppleShare passwords by calling the functions KCAddAppleSharePassword and KCFindAppleSharePassword . You can store Internet passwords by calling the functions KCAddInternetPassword and KCAddInternetPasswordWithPath, and retrieve them by calling the functions KCFindInternetPassword and KCFindInternetPasswordWithPath . Generic passwords are stored by the function KCAddGenericPassword and retrieved by the function KCFindGenericPassword. You can select and retrieve certificates by calling the functions KCChooseCertificate and KCFindX509Certificates.
Listing 4-1 demonstrates how your application could use these high-level Keychain Manager functions to store password data. Note that an explicit call to the function KCUnlock to unlock the keychain is not required.
As illustrated, you should call the function KeychainManagerAvailable before calling the rest of the API to determine whether the Keychain Manager is available. Your application must call the Memory Manager function
MaxApplZone
to utilize the maximum memory available.
Listing 4-1 Calling the Keychain Manager to store password data
OSStatus StorePasswordInKeychain (ConstStr255Param password) { OSStatus status; if (!KeychainManagerAvailable ()) // is it there? return ((OSStatus) MY_ERROR); KCItemRef item; status = KCAddGenericPassword ( "\pMy_App_Pwd", // service name "\pBill Braskey", // account name password[0], // length of password &password[1], // pointer to password data &item); return (status); }
