尝试将RSA私钥添加到macOS上的密钥链失败,错误为-25303 errSecNoSuchAttr
尝试将RSA私钥添加到macOS上的密钥链失败,错误为-25303 errSecNoSuchAttr
提问于 2021-02-02 00:39:53
我正在尝试将现有的私钥添加到macOS密钥链,该私钥来自.pem编码的证书。但在尝试执行以下操作时,它会返回状态-25303 errSecNoSuchAttr
std::vector<unsigned char> private_key_data = .. private data loaded ..
NSString *keychain_label = "private-key.keychain.label";
NSData *keychain_label_data = [keychain_label dataUsingEncoding:NSUTF8StringEncoding];
OSStatus status = errSecBadReq;
// store private key
NSData *private_key_data = [[NSData alloc] initWithBytes:private_key_data.data() length:private_key_data.size()];
NSDictionary *private_key_entry_query = @{
(__bridge id) kSecClass : (__bridge id) kSecClassKey,
(__bridge id) kSecAttrKeyType : (__bridge id) kSecAttrKeyTypeRSA,
(__bridge id) kSecAttrApplicationTag : keychain_label_data,
(__bridge id) kSecAttrKeyClass : (id)kSecAttrKeyClassPrivate,
(__bridge id) kSecValueData : private_key_data,
(__bridge id) kSecAttrKeySizeInBits : [NSNumber numberWithUnsignedInteger:2048],
(__bridge id) kSecAttrEffectiveKeySize : [NSNumber numberWithUnsignedInteger:2048],
(__bridge id) kSecAttrCanDerive : (__bridge id) kCFBooleanFalse,
(__bridge id) kSecAttrCanEncrypt : (__bridge id) kCFBooleanTrue,
(__bridge id) kSecAttrCanDecrypt : (__bridge id) kCFBooleanFalse,
(__bridge id) kSecAttrCanVerify : (__bridge id) kCFBooleanTrue,
(__bridge id) kSecAttrCanSign : (__bridge id) kCFBooleanFalse,
(__bridge id) kSecAttrCanWrap : (__bridge id) kCFBooleanTrue,
(__bridge id) kSecAttrCanUnwrap : (__bridge id) kCFBooleanFalse
};
status = SecItemAdd((__bridge CFDictionaryRef)private_key_entry_query, nullptr);
if (status != errSecSuccess)
{
return false;
}我试着尝试不同的属性,但没有用。我是不是遗漏了什么?
回答 1
Stack Overflow用户
回答已采纳
发布于 2021-04-19 19:27:59
这并不是我想要的答案,但我无法在保留查询键的选项的同时使用SecItemAdd解决问题,所以最终我求助于SecItemImport来解决问题。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/65996584
复制相关文章
相似问题
腾讯云开发者
