尝试更新访问属性时,我从SecItemUpdate获取errSecParam。
这是我现有的密钥创建代码:
func createKey(tag: String) {
var error: Unmanaged<CFError>?
var flags: SecAccessControlCreateFlags = []
flags.insert(.privateKeyUsage)
if let access = SecAccessControlCreateWithFlags(
kCFAllocatorDefault,
kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
flags,
&error) {
let attributes: [CFString: Any] = [
kSecAttrKeyClass: kSecAttrKeyClassPrivate,
kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
kSecAttrKeySizeInBits: 256,
kSecAttrTokenID: kSecAttrTokenIDSecureEnclave,
kSecPrivateKeyAttrs: [
kSecAttrIsPermanent: true,
kSecAttrApplicationTag: tag,
kSecAttrAccessControl: access
]
]
if let privateKey = SecKeyCreateRandomKey(attributes as CFDictionary, &error) {
self.key = privateKey
} else {
debugPrint("error")
}
} else {
debugPrint("error")
}
}
我正在尝试创建一个应用程序更新,该更新将添加一个新的访问属性“ .biometryAny”,但是SecItemUpdate返回-50。
这是我尝试更新的方式:
func updateKey(tag: String) {
var error: Unmanaged<CFError>?
var flags: SecAccessControlCreateFlags = []
flags.insert(.privateKeyUsage)
flags.insert(.biometryAny) // New access attributes
if let access = SecAccessControlCreateWithFlags(
kCFAllocatorDefault,
kSecAttrAccessibleWhenUnlockedThisDeviceOnly,
flags,
&error) {
let attributes: [CFString: Any] = [
kSecAttrKeyClass: kSecAttrKeyClassPrivate,
kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
kSecAttrKeySizeInBits: 256,
kSecAttrTokenID: kSecAttrTokenIDSecureEnclave,
kSecPrivateKeyAttrs: [
kSecAttrIsPermanent: true,
kSecAttrApplicationTag: tag,
kSecAttrAccessControl: access
]
]
let status = SecItemUpdate(query(tag: tag), attributes as CFDictionary)
debugPrint(status)
} else {
debugPrint("error")
}
}
private func query(tag: String) -> CFDictionary {
return [
kSecClass: kSecClassKey,
kSecAttrApplicationTag: tag,
kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
kSecReturnRef: true,
kSecMatchLimit as String: kSecMatchLimitOne,
] as CFDictionary
}
关于更新代码有什么问题的任何想法吗?