iOS/swift : SecItemCopyMatching yields errSecParam (-50) status for access control of biometryCurrentSet

标签 ios swift keychain

我目前正在尝试让我的应用程序的用户能够使用生物识别身份验证从钥匙串(keychain)中添加和检索数据。将项目添加到钥匙串(keychain)时,对 SecItemAdd 的调用返回成功状态,但是当通过 SecItemCopyMatching 从钥匙串(keychain)检索项目时,我得到 -50 OSStatus (errSecParam),这表明我的一个参数是错误的。

调试时,我从查询中删除了 kSecAttrAccessControlkSecAttrAccessible 参数,从而消除了错误。但是,现在我遇到了一个不同的问题,即系统在没有首先提示用户的情况下从钥匙串(keychain)中检索值。

导致 errSecParam (-50) 结果或没有身份验证提示的代码:

let query: [String: Any] = [
    kSecClass as String: kSecClassGenericPassword,
    kSecAttrService as String: "MyApp",
    kSecAttrAccount as String: "BiometricLogin",
    // removing this key from the SecItemCopyMatching query gets rid of the error but results in no authentication prompt
    kSecAttrAccessible as String: kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
    kSecReturnAttributes as String: kCFBooleanTrue,
    kSecReturnData as String: kCFBooleanTrue,
    // removing this key from the SecItemCopyMatching query gets rid of the error but results in no authentication prompt
    kSecAttrAccessControl as String: SecAccessControlCreateWithFlags(kCFAllocatorDefault, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, .biometryCurrentSet, nil)!,
    kSecUseAuthenticationUI as String: kSecUseAuthenticationUIAllow,
    kSecUseOperationPrompt as String: "Authenticate with Biometrics"
]

let addQuery = query.merging([(kSecValueData as String, "Hi".data(encoding: .utf8)!)], uniquingKeysWith: { $1 })
let status = SecItemAdd(query as CFDictionary, nil)
print(status) // prints 0, success

let retrieveQuery = query
var queryResult: AnyObject?
let status = SecItemCopyMatching(retrieveQuery as CFDictionary, &queryResult)
print(status) // prints -50 if both kSecAttrAccessible and kSecAttrAccessControl are in the query, and prints 0 if either of those attributes are removed but the result is no authentication prompt

所以我的问题是:如何让用户收到身份验证提示以从钥匙串(keychain)中检索数据?重申一下,我正在使用 kSecClassGenericPasswordkSecAttrAccessibleWhenUnlockedThisDeviceOnly.biometryCurrentSet

最佳答案 

kSecAttrAccessible as String: kSecAttrAccessibleWhenUnlockedThisDeviceOnly,

导致问题的是上述 key 。这需要删除,因为它已经作为

的一部分添加 
SecAccessControlCreateWithFlags(kCFAllocatorDefault, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, .biometryCurrentSet, nil)!

关于iOS/swift : SecItemCopyMatching yields errSecParam (-50) status for access control of biometryCurrentSet,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57424564/

上一篇:ios - 将 JWTDecode 添加到现有的 iOS 项目,找不到框架

下一篇:swift - 用户无需验证电子邮件即可登录(Swift、Firebase)

相关文章:

ios - 应用程序传输钥匙串(keychain)丢失 : Solutions to users logging out

ios - SecRequestSharedWebCredential 凭据包含 'Passwords not saved' ?

ios - 如何在 Swift iOS 中将字母从一个文本字段拖放到另一个文本字段

ios - libGDX iOS 主页按钮杀死游戏

快速倒数计时器 - 显示剩余的天数小时秒数

swift - 在 NSView 中绘制 2 个图像

javascript - 我可以从 iPhone 上的网络应用程序 (javascript) 访问钥匙串(keychain)吗?

ios - UIColor patternImage 与 UIActivityViewController barTintColor 冲突

ios - CALayer:在图层内容上维护cornerRadius

swift - setLocalizedDateFormatFromTemplate 删除 -

©2024 IT工具网  联系我们