正如我们所知,secure Enclave 是 Apple A7 中制造的协处理器,它在 A7 及更高版本中可用,但它在 iOS 9 中公开使用,kSecAttrTokenIDSecureEnclave但我们如何检查某些设备是否支持安全 enclave?谢谢
问问题
1899 次
2 回答
6
我没有找到,所以我自己检查了:
+ (BOOL) isDeviceOkForSecureEnclave
{
double OSVersionNumber = floor(NSFoundationVersionNumber);
UIUserInterfaceIdiom deviceType = [[UIDevice currentDevice] userInterfaceIdiom];
BOOL isOSForSecureEnclave = OSVersionNumber > NSFoundationVersionNumber_iOS_8_4 ? YES:NO;
//iOS 9 and up are ready for SE
BOOL isDeviceModelForSecureEnclave = NO;
switch (deviceType) {
case UIUserInterfaceIdiomPhone:
//iPhone
isDeviceModelForSecureEnclave = [self isPhoneForSE];
break;
case UIUserInterfaceIdiomPad:
//iPad
isDeviceModelForSecureEnclave = [self isPadForSE];
break;
default:
isDeviceModelForSecureEnclave = false;
break;
}
return (isOSForSecureEnclave && isDeviceModelForSecureEnclave) ? YES:NO;
}
/**
The arrays are models that we know not having SE in hardware, so if the current device is on the list it means it dosent have SE
*/
+ (BOOL) isPhoneForSE
{
NSString *thisPlatform = [self platform];
NSArray * oldModels = [NSArray arrayWithObjects:
@"x86_64",
@"iPhone1,1",
@"iPhone1,2",
@"iPhone2,1",
@"iPhone3,1",
@"iPhone3,3",
@"iPhone4,1",
@"iPhone5,1",
@"iPhone5,2",
@"iPhone5,3",
@"iPhone5,4", nil];
BOOL isInList = [oldModels containsObject: thisPlatform];
return !isInList;
}
+ (BOOL) isPadForSE
{
//iPad Mini 2 is the earliest with SE // "iPad4,4"
NSString *thisPlatform = [self platform];
NSArray * oldModels = [NSArray arrayWithObjects:
@"x86_64",
@"@iPad",
@"@iPad1,0",
@"@iPad1,1",
@"iPad2,1",
@"iPad2,2",
@"iPad2,3",
@"iPad2,4",
@"iPad2,5",
@"iPad2,6",
@"iPad2,7",
@"iPad3,1",
@"iPad3,2",
@"iPad3,3",
@"iPad3,4",
@"iPad3,5",
@"iPad3,6",nil];
BOOL isInList = [oldModels containsObject: thisPlatform];
return !isInList;
}
+ (NSString *)platform
{
size_t size;
sysctlbyname("hw.machine", NULL, &size, NULL, 0);
char *machine = malloc(size);
sysctlbyname("hw.machine", machine, &size, NULL, 0);
NSString *platform = [NSString stringWithUTF8String:machine];
free(machine);
return platform;
}
@end
检查触控 ID
- (BOOL)canAuthenticateByTouchId {
if ([LAContext class]) {
return [[[LAContext alloc] init] canEvaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics error:nil];
}
return YES;
}
于 2017-04-27T11:05:38.727 回答
4
上面的解决方案没有问题,但它看起来像 hack,所以我在Swift 4中添加了另一个解决方案。
检查 Secure Enclave 可用性
enum Device {
//To check that device has secure enclave or not
public static var hasSecureEnclave: Bool {
return !isSimulator && hasBiometrics
}
//To Check that this is this simulator
public static var isSimulator: Bool {
return TARGET_OS_SIMULATOR == 1
}
//Check that this device has Biometrics features available
private static var hasBiometrics: Bool {
//Local Authentication Context
let localAuthContext = LAContext()
var error: NSError?
/// Policies can have certain requirements which, when not satisfied, would always cause
/// the policy evaluation to fail - e.g. a passcode set, a fingerprint
/// enrolled with Touch ID or a face set up with Face ID. This method allows easy checking
/// for such conditions.
var isValidPolicy = localAuthContext.canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error)
guard isValidPolicy == true else {
if #available(iOS 11, *) {
if error!.code != LAError.biometryNotAvailable.rawValue {
isValidPolicy = true
} else{
isValidPolicy = false
}
}
else {
if error!.code != LAError.touchIDNotAvailable.rawValue {
isValidPolicy = true
}else{
isValidPolicy = false
}
}
return isValidPolicy
}
return isValidPolicy
}
}
检查 touch id 是否可用
let hasTouchID = LAContext().canEvaluatePolicy(.deviceOwnerAuthenticationWithBiometrics, error: &error)
if(hasTouchID || (error?.code != LAError.touchIDNotAvailable.rawValue)) {
print("Touch Id Available in device")
}
如果您想要 Objective C 中的解决方案,请参考此链接。 Objective C 中的解决方案。
于 2018-03-16T10:28:42.920 回答