SecKeyGeneratePair给出错误-4 (功能或操作未实现)
SecKeyGeneratePair给出错误-4 (功能或操作未实现)
提问于 2019-10-24 11:26:56
我将使用https://code.tutsplus.com/tutorials/creating-digital-signatures-with-swift--cms-29287创建数字签名,并跟随ECDSA部分。
我创建了以下代码:
@available(iOS 9.0, *)
class User
{
public var publicKey : SecKey?
private var privateKey : SecKey?
private var recipient : User?
init(withUserID id : String)
{
if let access = SecAccessControlCreateWithFlags(nil, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, [.privateKeyUsage], nil) //Keep private key on device
{
let privateTagString = "com.example.privateKey." + id
let privateTag = privateTagString.data(using: .utf8)! //Store it as Data, not as a String
let privateKeyParameters : [String : AnyObject] = [kSecAttrIsPermanent as String : true as AnyObject,
kSecAttrAccessControl as String : access as AnyObject,
kSecAttrApplicationTag as String : privateTag as AnyObject,
]
let publicTagString = "com.example.publicKey." + id
let publicTag = publicTagString.data(using: .utf8)! //Data, not String
let publicKeyParameters : [String : AnyObject] = [kSecAttrIsPermanent as String : false as AnyObject,
kSecAttrApplicationTag as String : publicTag as AnyObject,
]
let keyPairParameters : [String : AnyObject] = [kSecAttrKeySizeInBits as String : 256 as AnyObject,
kSecAttrKeyType as String : kSecAttrKeyTypeEC,
kSecPrivateKeyAttrs as String : privateKeyParameters as AnyObject,
kSecAttrTokenID as String : kSecAttrTokenIDSecureEnclave as AnyObject, //Store in Secure Enclave
kSecPublicKeyAttrs as String : publicKeyParameters as AnyObject]
let status = SecKeyGeneratePair(keyPairParameters as CFDictionary, &publicKey, &privateKey)
if status != noErr
{
print("Key generation error \(status)")
}
}
}
}现在每次我得到一个错误-4,我相信这是https://opensource.apple.com/source/Security/Security-55471/sec/Security/SecBase.h.auto.html函数或错误没有实现。
如何创建公钥和私钥?我尝试通过以下方式手动设置公钥和私钥:
let keyBase64 = "MIIEpAIBAAKCAQEA5B7lqLrwVCFNUiCmwMr5Q48iuArOolxb7DAuclGnoZVX0SaJ8mrvCOtd6qY/VeBw227txWEPH7840qX/yGxxqTngdNCuDATqYrrbxFOGV30GZmg6NpZYKShTlsftkhiCsoXW0A7m5MCZUkH2/sNBC8oRHCNDXRlsU5bq/yPaAMt6xlBsUgLt/++INcuw+rx1Rm7LJv0FeukQmlekUOL/DMJXcLXCa05StTbvHPiAHOLej07pThCZoX3XHFpOTQ6379EsjvSZHtNhr67qrtRb8or2rX7wt5NWzXHbhUDlyzEcIBB/7G8ygqWhyZTEIMFiRMWSa3KGYZE3nZe5weC7SQIDAQABAoIBAQCjjxehA+++kmYK5YhKIP3Zl64QAQeo18m8rcsPgkZLj3V4a0Zq/orGfWNIE8zDePnSC1YFuBKM86D9P7IGdOKFsA6kEt9HlNqs0UczG6Pt5KGLGV3rt54cXGKacFyA7HwBHf8oDBc2mnUTymIaxcpEdqwP3aS2Ar1trX5uUrlC6UcZyspBZVYvMlU+uAKL1ZtFxjsv0EzuQQW1HX7b2WPUAoxp/yBC/EBRM9K8WbG9i7NB4FTFHAdTMt/EZLGUESizFgrai6lp3s96Apz5GvncRUI+UVP/7zbUaFYdRMW5lrcR8+PL9NACkL2rnQuLoyLKWZWPPlD3WEE9EzY4bH6FAoGBAPu8hL8goEbWMFDZuox04Ouy6EpXR8BDTq8ut6hmad6wpFgZD15Xu7pYEbbsPntdYODKDDAIJCBsiBgf2emL50BpiQkzMPhxyMsN5Pzry9Ys+AzPkJcQ7g+/Wbto9lCC+JmgxtGQ7JIibo1QH7BTsuK9+k72HnZne6oIfaYKbBZfAoGBAOf7/D2Q7NiNcEgxpZRn06+mnkHMb8PfCKfJf/BFf5WKXSkDBZ3XhWSPnZyQnE3gW3lzJjzUwHS+YDk8A0Xl2piAHa/d5O/8eoijB8wa6UGVDBIXqUnfM3Udfry78rM71FOpbzV3H48G7u4CUJMGwOpEqF0TfgtQr4uf8OurdH9XAoGAbdNhVsE1K7Jmgd97s6uKNUpobYaGlyrGOUd4eM+1gKIwEP9d5RsBm9qwX83RtKCYk3mSt6HVoQ+4kE3VFD8lNMTWNF1REBMUNwJo1K9KzrXvwicMPdv1AInK7ChuzdFWBDBQjT1c+KRs9tnt+U+Ky8F2Ytydjaq4GQZ7SuVhIqECgYBMsS+IovrJ9KhkFZWp5FFFRo4XLqDcXkWcQq87HZ66L03xGwCmV/PPdPMkKWKjFELpebnwbl1Zuv5QrZhfaUfFFsW5uF/RPuS7ezo+rb7jYYTmDlB3DYUTeLbHalMoEeV16xPK1yDlxeMDaFx+3sK0MBKBAsqurvP58txQ7RPMbQKBgQCzRcURopG0DF4VF4+xQJS8FpTcnQsQnO/2MJR35npA2iUb+ffs+0lgEdeWs4W46kvaF1iVEPbr6She+aKROzE9Bs25ZCgGLv97oUxDQo0IPvURX7ucN+xOUU1hw9oQDVdGKl1JZh93fn+bjtMTe+26asGLmM0r9YQX1P8qaw3KOg=="
let keyData = Data(base64Encoded: keyBase64)!
let key = SecKeyCreateWithData(keyData as NSData, [
kSecAttrKeyType: kSecAttrKeyTypeRSA,
kSecAttrKeyClass: kSecAttrKeyClassPrivate,
] as NSDictionary, nil)!
print(key) 但是这并没有什么实际意义,因为SecKeyGeneratePair应该生成密钥对!
回答 1
Stack Overflow用户
回答已采纳
发布于 2019-11-05 04:49:39
错误状态有多种含义,不仅是errSecUnimplemented,还有errSecUnsupportedAlgorithm和errSecUnsupportedOperation,然而,在这种情况下,它很可能是errSecUnimplemented。
这样做的原因是您试图从安全飞地检索私钥,这是“不可能的”。安全飞地的部分安全性在于它不会向您公开私钥。这就是它抛出一个errSecUnimplemented错误的原因。
因此,如果你想使用Secure Enclave,我建议你多看看苹果提供的security documentation。
我可以向您提供以下解决方案:
let someUserID = "111222333444"
if let access = SecAccessControlCreateWithFlags(nil, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, [.privateKeyUsage], nil) {
let privateTagString = "com.example.privateKey." + someUserID
let privateTag = privateTagString.data(using: .utf8)!
let keyPairSettings: [String: Any] = [
String(kSecAttrKeyType): kSecAttrKeyTypeEC,
String(kSecAttrKeySizeInBits): 256,
String(kSecPrivateKeyAttrs): [
String(kSecAttrApplicationTag): privateTag,
String(kSecAttrIsPermanent): true,
String(kSecAttrAccessControl): access
]
]
var publicKey: SecKey?
var privateKey: SecKey?
let status = SecKeyGeneratePair(keyPairSettings as CFDictionary, &publicKey, &privateKey)
if status != errSecSuccess {
print("An error occured: \(status)")
} else {
print("Created keys!")
}
}这将在KeyChain中存储私钥。希望这能有所帮助!
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/58533714
复制相关文章
相似问题
腾讯云开发者
