1. 首页
  2. 问答
  3. 以编程方式在OS X钥匙串中存储对称密钥

以编程方式在OS X钥匙串中存储对称密钥

2014-02-27 139 views
1

我有一个对称密钥,我想存储在OS X钥匙串中。 存储密码和用户名是完美的,所以我改变我的代码 存储一个对称密钥,我想稍后使用我的应用程序。 我用下面的代码给我作为回应:以编程方式在OS X钥匙串中存储对称密钥

指定的属性不存在。

这里是我的代码:

// Identifier for symmetric key 
static const uint8_t keyIdentfier[] = "net.eurobertics.TestKey"; 
NSData *tag = [[NSData alloc] initWithBytes:keyIdentfier length:sizeof(keyIdentfier)]; 

// Simple keygen algo - JUST FOR EXAMPLE DO NOT USE! 
NSMutableData *key = [NSMutableData dataWithLength:8]; 
SecRandomCopyBytes(kSecRandomDefault, 8, key.mutableBytes); 
NSString *base64key = [key base64EncodedStringWithOptions:NSDataBase64Encoding64CharacterLineLength]; 

// Dictionary for keychain - insert a symmetric key with following attributes 
NSMutableDictionary *dict = [[NSMutableDictionary alloc] init]; 
[dict setObject:(id)kSecClassKey forKey:(id)kSecClass]; 
[dict setObject:tag forKey:(id)kSecAttrApplicationTag]; 
[dict setObject:[NSNumber numberWithUnsignedInteger:CSSM_ALGID_AES] forKey:(id)kSecAttrKeyType]; 
[dict setObject:[NSNumber numberWithUnsignedInteger:(unsigned int)(kCCKeySizeAES128 << 3)] forKey:(id)kSecAttrKeySizeInBits]; 
[dict setObject:[NSNumber numberWithUnsignedInteger:(unsigned int)(kCCKeySizeAES128 << 3)] forKey:(id)kSecAttrEffectiveKeySize]; 
[dict setObject:(id)kCFBooleanTrue forKey:(id)kSecAttrCanEncrypt]; 
[dict setObject:(id)kCFBooleanTrue forKey:(id)kSecAttrCanDecrypt]; 
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanSign]; 
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanVerify]; 
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanWrap]; 
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanUnwrap]; 
[dict setObject:(id)kCFBooleanFalse forKey:(id)kSecAttrCanDerive]; 
[dict setObject:key forKey:(id)kSecValueData]; 

// Insert key into keychain based on dictionary attributes above 
OSStatus osstatus = SecItemAdd((__bridge CFDictionaryRef)dict, NULL); 

// Set responsefield 
[[self responseField] setStringValue:[NSString stringWithFormat:@"Key: %@\n\nStatus: %@", base64key, SecCopyErrorMessageString(osstatus, NULL)]];

我知道SecItemAdd主要是针对iOS的,但我想我的端口后应用到iOS所以 我想更兼容。将密钥存储在默认(通常是登录)钥匙串 对我来说绝对可以,因为我将通过我的应用程序定期使用密钥。

来源

2014-02-27 Eurobertics

回答

相关问题

 相关问题