堆栈内存溢出
  简体   繁体   English

如何将 SecKey 从应用程序钥匙串移动到共享钥匙串组

[英]How to move SecKey , from app keychain to shared keychain group

 原文  2020-10-07 13:21:08       ios/ swift/ keychain

问题描述

I'm generating the private key in my iOS app for secure communication between server and app.我正在我的 iOS 应用程序中生成私钥,用于服务器和应用程序之间的安全通信。 The private key is being stored in the keychain.私钥存储在钥匙串中。 In the new version of the app, I want to use the shared keychain group because of notification extensions.在新版本的应用程序中,由于通知扩展,我想使用共享钥匙串组。 How do is transfer the private key that was stored in the app keychain to the shared group keychain.如何将存储在应用程序钥匙串中的私钥传输到共享组钥匙串。 Below is the code I m using to generate the private key下面是我用来生成私钥的代码

func createPrivateKey(withLabel label: String) throws -> SecKey {
    let privateKeyAttrs: [String: Any] = [
        kSecAttrIsPermanent as String: true,
        kSecAttrApplicationLabel as String: label,
        kSecAttrAccessible as String: kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly,
    ]

    let attributes: [String: Any] = [
        kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
        kSecAttrKeySizeInBits as String: 2048,
        kSecPrivateKeyAttrs as String: privateKeyAttrs,
    ]

    var error: Unmanaged<CFError>?
    guard let privateKey = SecKeyCreateRandomKey(attributes as CFDictionary, &error) else {
        // swiftlint:disable:next force_unwrapping
        throw error!.takeRetainedValue() as Error
    }
    return privateKey
}

1 个解决方案

解决方案1
 1 已采纳  2020-10-09 21:59:06

You'll have to specify the access group on creation, or update the existing keys with the new access groups.您必须在创建时指定访问组,或使用新访问组更新现有密钥。 After you've done that, you should setup the entitlements correctly, so that apps and extensions you create can access the correct keychain access group.完成后,您应该正确设置权利,以便您创建的应用程序和扩展程序可以访问正确的钥匙串访问组。 Read with care, as there is only a thin line between app groups and keychain sharing group.仔细阅读,因为应用程序组和钥匙串共享组之间只有一条细线。 Make sure you set up the correct one ( documentation here ).确保您设置了正确的( 此处为文档)。

As for your query至于你的查询

let accessGroup = "<# Your Team ID #>.com.example.SharedItems"
let attributes: [String: Any] = [
    kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
    kSecAttrKeySizeInBits as String: 2048,
    kSecAttrAccessGroup as String: accessGroup,
    kSecPrivateKeyAttrs as String: privateKeyAttrs
]

That should create the query for creating keys for the access group you specify.这应该会创建用于为您指定的访问组创建密钥的查询。 I suppose you can figure out the update query yourself.我想您可以自己找出更新查询。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从钥匙串中检索 SecKey - Retrieve SecKey from Keychain 我们可以从共享同一应用程序组的应用程序启用钥匙串共享之前访问保存的钥匙串项目吗? - Can we access keychain items that are saved before enabling keychain sharing from app sharing same app group? 未设置访问权限组时共享的钥匙串项目 - Keychain item shared when access group is not set 如何在特定钥匙串访问组中保存/获取访问令牌 - How to save/get an access token to/from a specific keychain access group Appcelerator iOS 应用程序:如何从共享扩展中读取钥匙串值? - Appcelerator iOS app: how to read Keychain value from Share Extension? 共享钥匙串中的私人数据 - Private data in shared keychain 如何从我的应用程序内的iPhone钥匙串列出证书? - How to list certificates from the iPhone keychain inside my app? 系统更新后从应用程序访问钥匙串 - access to keychain from app after system update 应用商店中的钥匙串和更新出现问题 - issue with keychain and updates from app store 如何在钥匙串中保存应用内购买状态 - How to Save In App Purchase state in Keychain
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM