Fatal编程技术网
  • ios5/
  • Ios5 如何将NSString公钥保存在密钥链中,然后获取其SecKeyRef?

Ios5 如何将NSString公钥保存在密钥链中,然后获取其SecKeyRef?

ios5

Ios5 如何将NSString公钥保存在密钥链中,然后获取其SecKeyRef?,ios5,nsstring,keychain,Ios5,Nsstring,Keychain,我有一个NSString,应该是公钥。我想将它存储在keychain中,然后获取它的SecKeyRef,以便在其他与安全相关的函数中使用它,如SecKeyEncrypt等 对于存储,我使用SecItemAdd,假设我也有公钥的标识符。我试着得到一个持久的ref,然后用它得到一个SecKeyRef和SecItemCopyMatching。我使用以下两个函数。在将key字符串传递给putKey之前,我将其转换为NSData SecItemAdd成功返回一个持久密钥引用 但是SecItemCopyMa

我有一个NSString,应该是公钥。我想将它存储在keychain中,然后获取它的SecKeyRef,以便在其他与安全相关的函数中使用它,如SecKeyEncrypt等

对于存储,我使用SecItemAdd,假设我也有公钥的标识符。我试着得到一个持久的ref,然后用它得到一个SecKeyRef和SecItemCopyMatching。我使用以下两个函数。在将key字符串传递给putKey之前,我将其转换为NSData

SecItemAdd成功返回一个持久密钥引用

但是SecItemCopyMatching返回0x0。有人知道为什么吗?看看苹果的。要将公钥添加到钥匙链,必须剥去附加在其上的标头。苹果的例子说明了这一点,代码很容易重用。

查看苹果的。要将公钥添加到钥匙链,必须剥去附加在其上的标头。苹果的例子说明了这一点,代码很容易重用

-(SecKeyRef)putKey:(NSData *)key withIdentifier:(NSString *)identifier 
{
    OSStatus status = noErr;
    SecKeyRef keyRef = nil;
    CFTypeRef persKey = nil;

    NSData * identifierTag = [[NSData alloc] initWithBytes:(const void *)[identifier UTF8String] length:[identifier length]];
    NSMutableDictionary *queryKey = [[NSMutableDictionary alloc] init];

    [queryKey setObject:(__bridge id)kSecClassKey forKey:(__bridge id)kSecClass];
    [queryKey setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
    [queryKey setObject:identifierTag forKey:(__bridge id)kSecAttrApplicationTag];
    [queryKey setObject:key forKey:(__bridge id)kSecValueData];
    [queryKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnPersistentRef];

    status = SecItemAdd((__bridge CFDictionaryRef)queryKey, (CFTypeRef *)&persKey);

    if (status == errSecDuplicateItem) NSLog(@"Key %@ already exists in the KeyStore, OSStatus = %ld.", identifier, status);
    else if (status != noErr) NSLog(@"Error putting key %@ in KeyStore, OSStatus = %ld.", identifier, status);

    keyRef = [self getKeyRefWithPersistentKeyRef:persKey];

    return keyRef;
}

- (SecKeyRef)getKeyRefWithPersistentKeyRef:(CFTypeRef)persistentRef
{
    OSStatus sanityCheck = noErr;
    SecKeyRef keyRef = NULL;

    if (persistentRef == NULL) NSLog(@"persistentRef object cannot be NULL.");

    NSMutableDictionary * queryKey = [[NSMutableDictionary alloc] init];

    // Set the SecKeyRef query dictionary.
    [queryKey setObject:(__bridge id)persistentRef forKey:(__bridge id)kSecValuePersistentRef];
    [queryKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef];

    // Get the key reference.
    sanityCheck = SecItemCopyMatching((__bridge CFDictionaryRef)queryKey, (CFTypeRef *)&keyRef);

    return keyRef;
 }