2

使用 Cryptokit 在 Mac OS 的钥匙串中存储密钥时出现错误。我正在使用 p256 算法创建密钥对。我得到的错误如下。

-34018
Playground execution terminated: An error was thrown and was not caught:
▿ Unable to store item:
  - message : "Unable to store item:"

我正在使用的 Swift 代码如下所示。

import Cocoa
import Foundation
import CryptoKit
import Security

/// An error we can throw when something goes wrong.
struct KeyStoreError: Error, CustomStringConvertible {
    var message: String

    init(_ message: String) {
        self.message = message
    }

    public var description: String {
        return message
    }
}

/*
extension OSStatus {

    /// A human readable message for the status.
    var message: String {
        return (SecCopyErrorMessageString(self, nil) as String?) ?? String(self)
    }
}
*/

/// The interface needed for SecKey conversion.
protocol SecKeyConvertible: CustomStringConvertible {
    /// Creates a key from an X9.63 representation.
    init<Bytes>(x963Representation: Bytes) throws where Bytes: ContiguousBytes

    /// An X9.63 representation of the key.
    var x963Representation: Data { get }
}

extension SecKeyConvertible {
    /// A string version of the key for visual inspection.
    /// IMPORTANT: Never log the actual key data.
    public var description: String {
        return self.x963Representation.withUnsafeBytes { bytes in
            return "Key representation contains \(bytes.count) bytes."
        }
    }
}
// Assert that the NIST keys are convertible.
extension P256.Signing.PrivateKey: SecKeyConvertible {}
extension P256.KeyAgreement.PrivateKey: SecKeyConvertible {}
let keyValue = P256.Signing.PrivateKey();
func storeKey<T: SecKeyConvertible>(_ key: T, label: String) throws {

     // Describe the key.
     let attributes = [kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
                       kSecAttrKeyClass: kSecAttrKeyClassPrivate] as [String: Any]

     // Get a SecKey representation.
     guard let secKey = SecKeyCreateWithData(key.x963Representation as CFData,
                                             attributes as CFDictionary,
                                             nil)
         else {
             throw KeyStoreError("Unable to create SecKey representation.")
     }

     // Describe the add operation.
     let query = [kSecClass: kSecClassKey,
                  kSecAttrApplicationLabel: label,
                  kSecAttrAccessible: kSecAttrAccessibleWhenUnlocked,
                  kSecUseDataProtectionKeychain: true,
                  kSecValueRef: secKey] as [String: Any]

     // Add the key to the keychain.
     let status = SecItemAdd(query as CFDictionary, nil)
     guard status == errSecSuccess else {
         throw KeyStoreError("Unable to store item:")
     }
}

storeKey(keyValue, label:"test.sample.com")

我在 Mac OS 10.15(Beta)中使用 Xcode 创建了这个。我的 Xcode 版本是 11。

在此先感谢您的帮助

4

1 回答 1

0

我正在尝试测试我正在开发的加密框架......并且每当我尝试存储密钥时都会出现该错误。我构建了一个包含框架的测试应用程序,将框架的测试添加到应用程序测试中,但仍然遇到问题......

我向应用程序添加了钥匙串共享权限,这个问题就消失了。我没有添加任何组,只是添加了功能。

于 2019-12-26T00:48:50.870 回答