Ios 使用SecKeyEncrypt和Secure Enclave时出错_Ios_Security_Public Key Encryption_Private Key

Ios 使用SecKeyEncrypt和Secure Enclave时出错

ios security

Ios 使用SecKeyEncrypt和Secure Enclave时出错,ios,security,public-key-encryption,private-key,Ios,Security,Public Key Encryption,Private Key,我正在尝试使用ksecattertokenidsecurencave来使用函数生成密钥对。但当尝试使用函数加密数据时 SecKeyEncrypt(publicKey,padding,(const uint8_t *)[symmetricKey bytes],keyBufferSize,cipherBuffer,&cipherBufferSize); 获取错误代码-50，它显示一个参数错误。有人能告诉我我错过了什么吗下面是我的函数，它们生成密钥对并尝试加密数据 - (void)g

我正在尝试使用ksecattertokenidsecurencave来使用函数生成密钥对。但当尝试使用函数加密数据时

SecKeyEncrypt(publicKey,padding,(const uint8_t *)[symmetricKey bytes],keyBufferSize,cipherBuffer,&cipherBufferSize);

获取错误代码-50，它显示一个参数错误。有人能告诉我我错过了什么吗

下面是我的函数，它们生成密钥对并尝试加密数据

- (void)generateKeyPair{
  OSStatus sanityCheck = noErr;

NSData *privateTag = [[NSData alloc] initWithBytes:privateKeyIdentifier length:sizeof(privateKeyIdentifier)];
NSData *publicTag = [[NSData alloc] initWithBytes:publicKeyIdentifier length:sizeof(publicKeyIdentifier)];


// Container dictionaries.
NSMutableDictionary * privateKeyAttr = [[NSMutableDictionary alloc] init];
NSMutableDictionary * publicKeyAttr = [[NSMutableDictionary alloc] init];
NSMutableDictionary * keyPairAttr = [[NSMutableDictionary alloc] init];


CFErrorRef error = NULL;
// Should be the secret invalidated when passcode is removed? If not then use `kSecAttrAccessibleWhenUnlocked`.
SecAccessControlRef sacObject = SecAccessControlCreateWithFlags(
                                                                kCFAllocatorDefault,
                                                                kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly,
                                                                kSecAccessControlTouchIDAny | kSecAccessControlPrivateKeyUsage,
                                                                &error
                                                                );

if (error != errSecSuccess) {
    NSLog(@"Generate key error: %@\n", error);
}
[privateKeyAttr setObject:(__bridge id)sacObject forKey:(id)kSecAttrAccessControl];

[keyPairAttr setObject:[NSNumber numberWithUnsignedInteger:256] forKey:(id)kSecAttrKeySizeInBits];
[keyPairAttr setObject:(id)kSecAttrTokenIDSecureEnclave forKey:(id)kSecAttrTokenID];
[keyPairAttr setObject:(id)kSecAttrKeyTypeECSECPrimeRandom forKey:(id)kSecAttrKeyType];

// Set the private key dictionary.
[privateKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecAttrIsPermanent];
[privateKeyAttr setObject:privateTag forKey:(id)kSecAttrApplicationTag];
// See SecKey.h to set other flag values.

// Set the public key dictionary.
[publicKeyAttr setObject:[NSNumber numberWithBool:NO] forKey:(id)kSecAttrIsPermanent];
[publicKeyAttr setObject:publicTag forKey:(id)kSecAttrApplicationTag];
// See SecKey.h to set other flag values.

// Set attributes to top level dictionary.
[keyPairAttr setObject:privateKeyAttr forKey:(id)kSecPrivateKeyAttrs];
[keyPairAttr setObject:publicKeyAttr forKey:(id)kSecPublicKeyAttrs];

// SecKeyGeneratePair returns the SecKeyRefs just for educational purposes.
sanityCheck = SecKeyGeneratePair((CFDictionaryRef)keyPairAttr, &publicKeyRef, &privateKeyRef);
LOGGING_FACILITY( sanityCheck == noErr && publicKeyRef != NULL && privateKeyRef != NULL, @"Something really bad went wrong with generating the key pair." );


//Encypt
NSString *stringData = @"Hello Testing";
NSLog(@"encryptedData Data = %@",stringData);
NSData *encryptedData = [self wrapSymmetricKey:[stringData dataUsingEncoding:NSUTF8StringEncoding] keyRef:publicKeyRef];

}


- (NSData *)wrapSymmetricKey:(NSData *)symmetricKey keyRef:(SecKeyRef)publicKey {
OSStatus sanityCheck = noErr;
size_t cipherBufferSize = 0;
size_t keyBufferSize = 0;

LOGGING_FACILITY( symmetricKey != nil, @"Symmetric key parameter is nil." );
LOGGING_FACILITY( publicKey != nil, @"Key parameter is nil." );

NSData * cipher = nil;
uint8_t * cipherBuffer = NULL;

// Calculate the buffer sizes.
cipherBufferSize = SecKeyGetBlockSize(publicKey);
keyBufferSize = [symmetricKey length];

// Allocate some buffer space. I don't trust calloc.
cipherBuffer = malloc(cipherBufferSize * sizeof(uint8_t) );
memset((void *)cipherBuffer, 0x0, cipherBufferSize * sizeof(uint8_t));
SecPadding          padding = kSecPaddingNone;
// Encrypt using the public key.
sanityCheck = SecKeyEncrypt(    publicKey,
                            padding,
                            (const uint8_t *)[symmetricKey bytes],
                            keyBufferSize,
                            cipherBuffer,
                            &cipherBufferSize
                            );

LOGGING_FACILITY1( sanityCheck == noErr, @"Error encrypting, OSStatus == %d.", sanityCheck );

// Build up cipher text blob.
cipher = [NSData dataWithBytes:(const void *)cipherBuffer length:(NSUInteger)cipherBufferSize];

if (cipherBuffer) free(cipherBuffer);

return cipher;
}

请提供详细的代码错误代码-50（errSecParam），因为您的密码文本长度错误。@sumit，您可以尝试使用该函数