1

尝试添加第二个证书时失败并显示 -25299(该项目已存在。)。他们有不同的 kSecAttrLabel。在尝试删除之前,它也会失败,代码为 -25300(找不到该项目。)。

也许有人知道这段代码有什么问题?我错过了一些属性吗?

if let cer1 = "cert1".dataUsingEncoding(NSUTF8StringEncoding),
   let cer2 = "cert2".dataUsingEncoding(NSUTF8StringEncoding) {
       addCertificate(cer1, label: "TestCertificate_1")
       addCertificate(cer2, label: "TestCertificate_2")
}

    func addCertificate(certificate: NSData, label: String) {
        let query = [
            String(kSecClass) : kSecClassCertificate,
            String(kSecAttrLabel) : label,
            String(kSecValueData) : certificate
        ]
        var status = SecItemDelete(query)
        if status != noErr {
            print("Error deleting cer from keychain. Error: \(status)")
        }

        status = SecItemAdd(query, nil)

        if status != noErr {
            print("Error adding cer to keychain. Error: \(status)")
        }
    }

// Output:
// Error deleting cer from keychain. Error: -25300 (The item cannot be found.)
// Error deleting cer from keychain. Error: -25300 (The item cannot be found.)
// Error adding cer to keychain. Error: -25299 (The item already exists.)
4

1 回答 1

1

对于 kSecClassCertificate 类的钥匙串项,主键是 kSecAttrCertificateType、kSecAttrIssuer 和 kSecAttrSerialNumber 的组合。

let query = [
            String(kSecClass) : kSecClassCertificate,
            String(kSecAttrLabel) : label,
            String(kSecValueData) : certificate,
            String(kSecAttrSerialNumber) : serialNumber
        ]
于 2015-10-20T14:56:04.320 回答