security-framework

问题 I am using Apple's Security Framework. I am able to sign and then successfully verify all on OS X, but when I try to use SecKeyRawVerify on iOS it fails with -9809 error. I've played with various PKCS padding options and many other attributes but I'm just not able to get this to verify correctly. Note that the code below probably has leaks all over the place, just trying to get this to function properly first. OS X Signing code: NSData* signData(NSData* plainData, SecKeyRef privateKey) {

问题 I need to update the kSecAttrAccessible of a keychain entry. I don't need to update the actual data, just the accessibility attribute. First I try to find the item to make sure that my query dictionary is good: sanityCheck = SecItemCopyMatching((__bridge CFDictionaryRef)(queryPrivateKey), (void *)&privateKeyRef); This line successfully finds me the item I am looking for (return code is 0). I then update the kSecAttrAccessible attribute using the same query: if (sanityCheck == noErr &&

问题 I am storing passwords into the iOS keychain and later retrieving them to implement a "remember me" (auto-login) feature on my app. I implemented my own wrapper around the Security.framework functions ( SecItemCopyMatching() , etc.), and it was working like a charm up until iOS 12. Now I am testing that my app doesn't break with the upcoming iOS 13, and lo and behold: SecItemCopyMatching() always returns .errSecItemNotFound ...even though I have previously stored the data I am querying. My

问题 I'm creating a keychain and then I'm adding an item with predefined trusted aplication list to it: SecKeychainCreate([keychainPath UTF8String], (UInt32)strlen(keychainPass), keychainPass, FALSE, NULL, &someKeychain); OSStatus someStatus = SecKeychainItemCreateFromContent(kSecGenericPasswordItemClass, &list, len, encryptedPass, someKeychain, accessRef, &someKeychainItem); When I open the newly created keychain with Keychain Access application, I can see my application on the trusted app list:

问题 Im attempting to implement an RSA encryption algorithm into my iOS app, but when I attempt to generate a public and private key pair, the function returns me the errSecUnimplemented error. I am using the 5.1 SDK and targeting 5.1 at the moment. Can I not use this function, or did I set up something wrong in attempting to generate the pair? Here is my code for the key generation: SecKeyRef publicKey, privateKey; CFDictionaryRef parameters; const void* keys[] = {kSecAttrKeyType,

问题 I am using digital certificates to sign data files in my App. The code fragment below fails when the call to SecKeyRawVerify returns with -9809. This is running on an iPhone. I can't even identify exactly what this error code means The prior Security Framework calls to load and create the SecTrustRef from which the public key is obtained seem fine - no errors. The only slight issue is that the call to SecTrustEvaluate returns a kSecTrustResultUnspecified , but I assume that is because the

问题 We have a Launch Daemon which (necessarily, for various reasons) runs as root, and which communicates with a server component via the network. It needs to authenticate with the service, so when it first obtains the password, we save it to the system keychain. On subsequent launches, the idea is to retrieve the password from the keychain and use it to authenticate with the network service. This has been working fine, but on macOS 10.12 the existing code stopped working, and we've been entirely

问题 Apple's documentation for OS X talks about using SecItemImport to obtain a SecKeyRef . The function signature looks like this: OSStatus SecItemImport ( CFDataRef importedData, CFStringRef fileNameOrExtension, SecExternalFormat *inputFormat, SecExternalItemType *itemType, SecItemImportExportFlags flags, const SecItemImportExportKeyParameters *keyParams, SecKeychainRef importKeychain, CFArrayRef *outItems ); The following code will attempt to load a PKCS12 byte array that contains a single RSA

问题 My iOS app is handling x509 certificates + keys (DER encoded) at runtime. The only way I am able to successfully import them into the keychain is to use PKCS12 using the function: SecPKCS12Import() I have been trying hard to get it running using only SecItemAdd() . I used that function for the DER encoded certificate and again for the DER encoded key. But even though the call return with success, querying the keychain afterwards didn't yield a SecIdentityRef . So I ended up using the OpenSSL

问题 So the OS X Keychain has three pieces of information: ServiceName (the name of my app) Username Password I obviously always know the ServiceName. Is there a way to find any saved Username(s) for that ServiceName? (Finding the password is easy once you know the Username.) I would much prefer to use a nice Cocoa wrapper such as EMKeychain to do this. But EMKeychain requires the UserName to get any keychain item! + (EMGenericKeychainItem *)genericKeychainItemForService:(NSString *