以編程方式在 OS X 鑰匙串中存儲對稱密鑰
[英]Storing a symmetric key in OS X keychain programmatically
問題描述
我有一個對稱密鑰,我想將其存儲在 OS X 鑰匙串中。 存儲密碼和用戶名工作正常,因此我更改了我的代碼以存儲我稍后希望由我的應用程序使用的對稱密鑰。 我使用了以下代碼作為響應:
指定的屬性不存在。
這是我的代碼:
// Identifier for symmetric key
static const uint8_t keyIdentfier[] = "net.eurobertics.TestKey";
NSData *tag = [[NSData alloc] initWithBytes:keyIdentfier length:sizeof(keyIdentfier)];
// Simple keygen algo - JUST FOR EXAMPLE DO NOT USE!
NSMutableData *key = [NSMutableData dataWithLength:8];
SecRandomCopyBytes(kSecRandomDefault, 8, key.mutableBytes);
NSString *base64key = [key base64EncodedStringWithOptions:NSDataBase64Encoding64CharacterLineLength];
// Dictionary for keychain - insert a symmetric key with following attributes
NSMutableDictionary *dict = [[NSMutableDictionary alloc] init];
[dict setObject:(id)kSecClassKey forKey:(id)kSecClass];
[dict setObject:tag forKey:(id)kSecAttrApplicationTag];
[dict setObject:[NSNumber numberWithUnsignedInteger:CSSM_ALGID_AES] forKey:(id)kSecAttrKeyType];
[dict setObject:[NSNumber numberWithUnsignedInteger:(unsigned int)(kCCKeySizeAES128 << 3)] forKey:(id)kSecAttrKeySizeInBits];
[dict setObject:[NSNumber numberWithUnsignedInteger:(unsigned int)(kCCKeySizeAES128 << 3)] forKey:(id)kSecAttrEffectiveKeySize];
[dict setObject:(id)kCFBooleanTrue forKey:(id)kSecAttrCanEncrypt];
[dict setObject:(id)kCFBooleanTrue forKey:(id)kSecAttrCanDecrypt];
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanSign];
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanVerify];
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanWrap];
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanUnwrap];
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanDerive];
[dict setObject:key forKey:(id)kSecValueData];
// Insert key into keychain based on dictionary attributes above
OSStatus osstatus = SecItemAdd((__bridge CFDictionaryRef)dict, NULL);
// Set responsefield
[[self responseField] setStringValue:[NSString stringWithFormat:@"Key: %@\n\nStatus: %@", base64key, SecCopyErrorMessageString(osstatus, NULL)]];
我知道SecItemAdd主要用於 iOS,但我想稍后將我的應用程序移植到 iOS,因此我希望更加兼容。 將密鑰存儲在默認(通常是登錄)鑰匙串中對我來說絕對沒問題,因為我的應用程序會定期使用該密鑰。
1 個解決方案
解決方案1
0 2014-03-18 08:26:01
使用kSecAttrAccessible將RSA公鑰存儲到iOS鑰匙串中
[英]Storing RSA public key into iOS keychain using kSecAttrAccessible
在Mac OS X上創建“Web Form Password”類型的Keychain Item
[英]Creating Keychain Item with type 'Web Form Password' on Mac OS X
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.