我试图在 KeyChain 中存储两个私钥和公钥,当我尝试这样做时,我的结果有值(value)返回 0,我假设这意味着它被存储了,但是当我试图返回解密一条消息时,我是将它取回 nil 那么是否有办法检查 key 是否基于存储的 SecItemCopyMatching?但我在创建它们时没有收到任何错误
let tagName = "PrivateKeyTag"
let privkey = "key"
let privkeyData = Data(privkey!.utf8)
let privateFilter: [String : Any] = [
(kSecClass as String) : kSecClassKey,
(kSecAttrKeyType as String) : kSecAttrKeyTypeRSA,
(kSecAttrApplicationTag as String) : tagName,
(kSecValueData as String) : privkeyData,
(kSecAttrKeyClass as String) : kSecAttrKeyClassPrivate,
// kSecAttrKeySizeInBits as String: 2048,
(kSecReturnPersistentRef as String): true,
] as [String : Any]
let result = SecItemAdd(privateFilter as CFDictionary, nil)
if ((result != noErr) && (result != errSecDuplicateItem)) {
NSLog("Cannot add key to keychain, status \(result).")
}
let getquery: [String: Any] = [kSecClass as String: kSecClassKey,
kSecAttrApplicationTag as String: tag,
kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
]
var item: CFTypeRef?
let status = SecItemCopyMatching(getquery as CFDictionary, &item)
guard status == errSecSuccess else {
print("key not found")
return
}
let key = item as! SecKey
最佳答案
当您创建加密 key 时,您可以将参数 kSecAttrIsPermanent 设置为 true,这将自动将 key 存储在默认钥匙串(keychain)中。这将稍微清理您的代码,这样您就不必再处理 SecItemAdd() 和所有错误处理。因此,这是一种更简单的方法来完成您想要做的事情。
创建键和查询键
let tag = "com.example.keys.mykey".data(using: .utf8)!
let attributes: [String: Any] =
[kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
kSecAttrKeySizeInBits as String: 2048,
kSecPrivateKeyAttrs as String:
[kSecAttrIsPermanent as String: true,
kSecAttrApplicationTag as String: tag]
]
let privateKey = SecKeyCreateRandomKey(attributes as CFDictionary, nil)
let query: [String: Any] = [kSecClass as String: kSecClassKey,
kSecAttrApplicationTag as String: tag,
kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
kSecReturnRef as String: true]
var item: CFTypeRef?
let status2 = SecItemCopyMatching(query as CFDictionary, &item)
guard status2 == errSecSuccess else { print("error1"); return }
let key = item as! SecKey
我相信运行此代码将完成您在问题中提供的代码中尝试执行的操作。我尝试运行您提供的代码,我使用的 Xcode 和 swift 版本给出了编译器错误。
如果您运行此答案中的代码,您会注意到没有错误打印到控制台,表明已在默认钥匙串(keychain)中成功找到 key 。
关于ios - 如何检查 key 是否存储在 Swift 的 KeyChain 中,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56356364/