0

我使用以下代码片段在安全飞地内生成了密钥,

func generateKeyPair(accessControl: SecAccessControl) throws -> (`public`: SecureEnclaveKeyReference, `private`: SecureEnclaveKeyReference) {

        let privateKeyParams: [String: Any] = [
            kSecAttrLabel as String: privateLabel,
            kSecAttrIsPermanent as String: true,
            kSecAttrAccessControl as String: accessControl,
        ]
        let params: [String: Any] =
        [
            kSecAttrKeyType as String: attrKeyTypeEllipticCurve,
            kSecAttrKeySizeInBits as String: 256,
            kSecAttrTokenID as String: kSecAttrTokenIDSecureEnclave,
            kSecPrivateKeyAttrs as String: privateKeyParams
        ]
        var publicKey, privateKey: SecKey?

        let status = SecKeyGeneratePair(params as CFDictionary, &publicKey, &privateKey)

        guard status == errSecSuccess else {

            throw SecureEnclaveHelperError(message: "Could not generate keypair", osStatus: status)
        }

        return (public: SecureEnclaveKeyReference(publicKey!), private: SecureEnclaveKeyReference(privateKey!))
    }

卸载应用程序后密钥仍然存在,有没有办法从安全飞地中删除密钥?

先感谢您 :)

4

1 回答 1

1

从设备中删除应用程序时,没有执行代码的触发器。对钥匙串的访问取决于用于签署应用程序的配置文件。因此,没有其他应用程序能够访问钥匙串中的此信息。

https://stackoverflow.com/a/5711090/7350472

如果您想从 Secure Enclave 中删除密钥,您可以调用:

SecItemDelete(query as CFDictionary)

https://developer.apple.com/documentation/security/1395547-secitemdelete

于 2019-03-20T12:54:53.013 回答