將私鑰添加到iOS鑰匙串

Question

我想將私鑰添加到iOS鑰匙串中。證書（公鑰）工作正常，但私鑰拒絕...我完全困惑爲什麼下面的代碼不起作用。

首先我檢查如果當前密鑰（=，所述鑰匙鏈的情況下，密鑰是鍵/值存儲）是鑰匙串「自由」。然後我要添加私鑰。

CFStringRef labelstring = CFStringCreateWithCString(NULL, [key cStringUsingEncoding:NSUTF8StringEncoding], kCFStringEncodingUTF8); 

NSArray* keys = [NSArray arrayWithObjects:(__bridge id)kSecClass,kSecAttrLabel,kSecReturnData,kSecAttrAccessible,nil]; 
NSArray* values = [NSArray arrayWithObjects:(__bridge id)kSecClassKey,labelstring,kCFBooleanTrue,kSecAttrAccessibleWhenUnlocked,nil]; 
NSMutableDictionary* searchdict = [NSMutableDictionary dictionaryWithObjects:values forKeys:keys]; 

CFRelease(labelstring); 

NSMutableDictionary *query = searchdict; 


CFTypeRef item = NULL; 
OSStatus error = SecItemCopyMatching((__bridge_retained CFDictionaryRef) query, &item); 

if (error) 
{ 
    NSLog(@"Error: %ld (statuscode)", error); 
} 

if(error != errSecItemNotFound) 
{ 
    SecItemDelete((__bridge_retained CFDictionaryRef) query); 
} 

[query setObject:(id)data forKey:(__bridge id)kSecValueData]; 

OSStatus status = SecItemAdd((__bridge_retained CFDictionaryRef) query, &item); 

if(status) 
{ 
    NSLog(@"Keychain error occured: %ld (statuscode)", status); 
    return NO; 
} 

調試輸出如下：

2012-07-26 15:33:03.772 App[15529:1b03] Error: -25300 (statuscode) 
2012-07-26 15:33:11.195 App[15529:1b03] Keychain error occured: -25299 (statuscode) 

第一錯誤代碼-25300表示errSecItemNotFound。所以這個鍵沒有存儲值。然後，當我嘗試將私鑰添加到鑰匙串時，我得到-25299這意味着errSecDuplicateItem。我不明白。這是爲什麼發生？

有沒有人有一個線索或暗示對此有何看法？

蘋果的錯誤代碼：提前

errSecSuccess    = 0,  /* No error. */ 
errSecUnimplemented   = -4,  /* Function or operation not implemented. */ 
errSecParam     = -50,  /* One or more parameters passed to a function where not valid. */ 
errSecAllocate    = -108, /* Failed to allocate memory. */ 
errSecNotAvailable   = -25291, /* No keychain is available. You may need to restart your computer. */ 
errSecDuplicateItem   = -25299, /* The specified item already exists in the keychain. */ 
errSecItemNotFound   = -25300, /* The specified item could not be found in the keychain. */ 
errSecInteractionNotAllowed = -25308, /* User interaction is not allowed. */ 
errSecDecode     = -26275, /* Unable to decode the provided data. */ 
errSecAuthFailed    = -25293, /* The user name or passphrase you entered is not correct. */ 

謝謝！

更新＃1：我已經想通了，它僅適用於第一次。即使數據和密鑰不同，在第一次存儲到鑰匙串後，我無法存儲其他密鑰。

Answer 1

下面的代碼爲我工作：

NSMutableDictionary *query = [[NSMutableDictionary alloc] init]; 
[query setObject:(id)kSecClassKey forKey:(id)kSecClass]; 
[query setObject:(id)kSecAttrAccessibleWhenUnlocked forKey:(id)kSecAttrAccessible]; 
[query setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecReturnData]; 

//adding access key 
[query setObject:(id)key forKey:(id)kSecAttrApplicationTag]; 


//removing item if it exists 
SecItemDelete((CFDictionaryRef)query); 

//setting data (private key) 
[query setObject:(id)data forKey:(id)kSecValueData]; 

CFTypeRef persistKey; OSStatus status = SecItemAdd((CFDictionaryRef)query, &persistKey); 

if(status) { 
    NSLog(@"Keychain error occured: %ld (statuscode)", status); 
    return NO; 
} 

Answer 2

很抱歉，但我永遠無法調試代碼。 Apple提供了一些示例代碼（KeychainItemWrapper），它允許您保存一個字符串（我記得）。它在處理鑰匙鏈方面有很大的幫助。 Web上有一個要求是該類的修改版本，但保存和恢復字典（作爲數據對象存檔，這是Apple代碼對字符串的作用）。這可讓您將多個項目保存到鑰匙串的一個界面中。要點是這裏Keychain for NSDictionary/data