Ios SecKeyCreateSignature使用privateKey提供错误访问
尝试使用xcode SecKeyCreateSignature创建签名时,我收到了错误的访问权限 这与webview中的生物特征注册一起流动。当用户点击注册页面时,设备将向webview发送设备Id和公钥 要生成我拥有的密钥Ios SecKeyCreateSignature使用privateKey提供错误访问,ios,swift,iphone,xcode,sign,Ios,Swift,Iphone,Xcode,Sign,尝试使用xcode SecKeyCreateSignature创建签名时,我收到了错误的访问权限 这与webview中的生物特征注册一起流动。当用户点击注册页面时,设备将向webview发送设备Id和公钥 要生成我拥有的密钥 private let tag = "com.CustomTagName.private", deviceId = UIDevice.current.identifierForVendor!.uuidString, privateKey
private let tag = "com.CustomTagName.private",
deviceId = UIDevice.current.identifierForVendor!.uuidString,
privateKeyAttr: [NSObject: NSObject] = [
kSecAttrIsPermanent:true as NSObject,
kSecAttrApplicationTag: "com.CustomTagName.private".data(using: .utf8)! as NSObject,
kSecClass: kSecClassKey,
kSecAttrType: kSecAttrKeyTypeRSA,
kSecAttrKeySizeInBits : 2048 as NSObject,
kSecReturnData: kCFBooleanTrue
],
privateKey : SecKey?,
privateKeyStr = ""
;
...
private func generateKeys() throws {
var err: Unmanaged<CFError>?
do {
guard let prk = SecKeyCreateRandomKey(privateKeyAttr as CFDictionary, &err) else {
throw err!.takeRetainedValue() as Error
}
// After creating a random private key It appears we have to unwrap it...?
guard let unWrappedKey = SecKeyCopyExternalRepresentation(prk, &err) as Data? else {
throw err!.takeRetainedValue() as Error
}
self.privateKeyStr = unWrappedKey.base64EncodedString()
self.privateKey = prk;
} catch {
}
}
如果我要打电话给SecKeyCreateSignature,我没有问题。但是在用户需要登录之前,我不会调用签名。所以我用
let message = "HereIAm";
let statusPrivateKey = SecItemCopyMatching(privateKeyAttr as CFDictionary, &resultPrivateKey)
if statusPrivateKey != noErr || resultPrivateKey == nil{
fatalError("Error getting private key")
}
self.privateKey = resultPrivateKey as! SecKey?;
self.privateKeyStr = (privateKey as! Data).base64EncodedString()
// Bad Access Error Here \\
guard let signFingerPrint = SecKeyCreateSignature(privateKey!, SecKeyAlgorithm.rsaSignatureMessagePKCS1v15SHA512, message.data(using: .utf8)! as CFData, &err) else {
fatalError("Signing error")
}
我注意到SecKey不需要使用SecKeyCopyExternalRepresentation来展开
当数据相同时,我不理解to Sec键的区别。
如何检索私钥以创建签名?我找到了答案。。。有点,在我的私家车里
kSecReturnData: kCFBooleanTrue
应该是
kSecReturnRef: kCFBooleanTrue
在我的例子中,我返回数据作为类型,但我需要返回原始引用的类型
kSecReturnRef: kCFBooleanTrue