OSStatus 错误代码 -34018
OSStatus error code -34018
我正在使用 SecItemCopyMatching
访问 iOS 钥匙串。从后台重新启动应用程序后,大约一百次中有 1 次我会立即收到 -34018
结果代码。 The documentation 状态:
The assigned error space for Keychain Services is discontinuous:
–25240 through –25279 and –25290 through –25329. Keychain Item
Services may also return noErr (0) or paramErr (–50), or CSSM result
codes
所以 -34018
似乎是一个 'CSSM result code'。我已按照 suggested link 进行操作,但找不到结果代码。
-34018
结果代码是什么?我怎样才能获得更可靠的钥匙串访问?
- (NSData *)getKeychainData:(NSString *)key
{
NSDictionary *query = @{
(__bridge id)kSecClass:(__bridge id)kSecClassGenericPassword,
(__bridge id)kSecAttrService:SEC_ATTR_SERVICE,
(__bridge id)kSecAttrAccount:key,
(__bridge id)kSecReturnData:@YES
};
CFDataRef result = nil;
OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, (CFTypeRef *)&result);
if(status == errSecItemNotFound) {
return nil;
}
if(status == noErr) {
return CFBridgingRelease(result);
} else {
[self logError:[NSString stringWithFormat:@"SecItemCopyMatching status %d", (int)status] :nil];
return nil;
}
}
经过一些研究,我发现了这个:http://opensource.apple.com/source/Security/Security-55471/sec/Security/SecBasePriv.h
所以 -34018
是 errSecMissingEntitlement
而评论说
Internal error when a required entitlement isn't present.
您在 运行 单元测试时是否遇到过此错误?如果是这样,这可能会有所帮助:
github 上的这个问题表明它似乎只在从 Xcode 进行调试时发生:https://github.com/soffes/sskeychain/issues/97 (also see )
希望其中的一些内容能有所帮助!
这段代码对我有用:
static const UInt8 kKeychainItemIdentifier[] = "com.apple.dts.KeychainUI[=10=]";
- (NSData *)getKeychainData:(NSString *)key
{
NSData *keychainItemID = [NSData dataWithBytes:kKeychainItemIdentifier length:strlen((const char *)kKeychainItemIdentifier)];
NSDictionary *query = @{
(__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword,
(__bridge id)kSecAttrService: SEC_ATTR_SERVICE,
(__bridge id)kSecAttrAccount: key,
(__bridge id)kSecReturnData: (__bridge id)kCFBooleanTrue,
(__bridge id)kSecAttrGeneric: keychainItemID
};
CFDataRef result = NULL;
OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, (CFTypeRef *)&result);
if(status == errSecItemNotFound) {
return nil;
}
if(status == noErr) {
return CFBridgingRelease(result);
} else {
[self logError:[NSString stringWithFormat:@"SecItemCopyMatching status %d", (int)status] :nil];
return nil;
}
}
与 OP 代码的主要区别是在查询中添加了通用属性。 Keychain Item Identifier 是 apple 的默认值。这背后的原因是为了区分可能的不同钥匙串项目。这是使钥匙串项目访问更可靠的一种方法。基本上,换句话说,这可以确保您访问苹果的默认钥匙串。
我一直在研究同样的错误。
它的要点是苹果使用的安全服务是为了与钥匙链通信,在极少数情况下,当用户的设备内存不足时,崩溃并使应用程序无法与钥匙链通信结果是可怕的 -34018.
这并不像某些人声称的那样仅在 运行 到 Xcode 期间发生。
这是关于该问题的最新数据taken from the Apple developer forums by one of the Apple staff:
UPDATE: We have finally been able to reproduce the -34018 error on iOS
8.3. This is the first step in identifying the root cause and then coming up with a fix.
As usual, we can't commit to a release timeframe, but this has
affected many developers and we really want to get this resolved.
Earlier I suggested adding a small delay in
application:didFinishLaunchingWithOptions and
applicationDidBecomeActive: before accessing the keychain as a
workaround. However, that doesn't actually appear to help. That means
that there's no known workaround at this time other than relaunching
the app.
The issue appears to be related to memory pressure, so perhaps being
more aggressive in handling memory warnings may alleviate the problem.
来自另一位 Apple 员工:
- Keychain engineering is well aware of how important this issue is.
- The primary problem has been reproducing the failure here at Apple.
- We're now able to do that (largely thanks to the work you guys have put in filing and following up on your bug reports).
来自另一位 Apple 员工于 2016 年 3 月 22 日:
OK, here’s the latest. This is a complex problem with multiple
possible causes: Some instances of the problem are caused by incorrect
app signing. You can easily distinguish this case because the problem
is 100% reproducible. Some instances of the problem are caused by a
bug in how iOS supports app development (r. 23,991,853). Debugging
this was complicated by the fact that another bug in the OS (r.
23,770,418) masked its effect, meaning the problem only cropped up
when the device was under memory pressure. We believe these problems
were resolved in iOS 9.3. We suspect that there may be yet more causes
of this problem. So, if you see this problem on a user device (one
that hasn’t been talked to by Xcode) that’s running iOS 9.3 or later,
please do file a bug report about it. Try to include the device
system log in your bug report (I realise that can be tricky when
dealing with customer devices; one option is to ask the customer to
install Apple Configurator, which lets them view the system log). And
if you do file a bug, please post your bug number, just for the
record. On behalf of Apple I’d like to thank everyone for their
efforts in helping to track down this rather horrid issue. Share and
Enjoy
不幸的是,没有已知的解决方法,并且该问题在 9.3.2 Beta 1 (13F51a)
中仍未修复
在尝试了堆栈溢出中的许多修复之后,事情仍然对我不起作用。
有效的是在 Xcode 中切换钥匙串共享功能。构建并 运行 并立即运行。
我正在使用 SecItemCopyMatching
访问 iOS 钥匙串。从后台重新启动应用程序后,大约一百次中有 1 次我会立即收到 -34018
结果代码。 The documentation 状态:
The assigned error space for Keychain Services is discontinuous: –25240 through –25279 and –25290 through –25329. Keychain Item Services may also return noErr (0) or paramErr (–50), or CSSM result codes
所以 -34018
似乎是一个 'CSSM result code'。我已按照 suggested link 进行操作,但找不到结果代码。
-34018
结果代码是什么?我怎样才能获得更可靠的钥匙串访问?
- (NSData *)getKeychainData:(NSString *)key
{
NSDictionary *query = @{
(__bridge id)kSecClass:(__bridge id)kSecClassGenericPassword,
(__bridge id)kSecAttrService:SEC_ATTR_SERVICE,
(__bridge id)kSecAttrAccount:key,
(__bridge id)kSecReturnData:@YES
};
CFDataRef result = nil;
OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, (CFTypeRef *)&result);
if(status == errSecItemNotFound) {
return nil;
}
if(status == noErr) {
return CFBridgingRelease(result);
} else {
[self logError:[NSString stringWithFormat:@"SecItemCopyMatching status %d", (int)status] :nil];
return nil;
}
}
经过一些研究,我发现了这个:http://opensource.apple.com/source/Security/Security-55471/sec/Security/SecBasePriv.h
所以 -34018
是 errSecMissingEntitlement
而评论说
Internal error when a required entitlement isn't present.
您在 运行 单元测试时是否遇到过此错误?如果是这样,这可能会有所帮助:
github 上的这个问题表明它似乎只在从 Xcode 进行调试时发生:https://github.com/soffes/sskeychain/issues/97 (also see )
希望其中的一些内容能有所帮助!
这段代码对我有用:
static const UInt8 kKeychainItemIdentifier[] = "com.apple.dts.KeychainUI[=10=]";
- (NSData *)getKeychainData:(NSString *)key
{
NSData *keychainItemID = [NSData dataWithBytes:kKeychainItemIdentifier length:strlen((const char *)kKeychainItemIdentifier)];
NSDictionary *query = @{
(__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword,
(__bridge id)kSecAttrService: SEC_ATTR_SERVICE,
(__bridge id)kSecAttrAccount: key,
(__bridge id)kSecReturnData: (__bridge id)kCFBooleanTrue,
(__bridge id)kSecAttrGeneric: keychainItemID
};
CFDataRef result = NULL;
OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, (CFTypeRef *)&result);
if(status == errSecItemNotFound) {
return nil;
}
if(status == noErr) {
return CFBridgingRelease(result);
} else {
[self logError:[NSString stringWithFormat:@"SecItemCopyMatching status %d", (int)status] :nil];
return nil;
}
}
与 OP 代码的主要区别是在查询中添加了通用属性。 Keychain Item Identifier 是 apple 的默认值。这背后的原因是为了区分可能的不同钥匙串项目。这是使钥匙串项目访问更可靠的一种方法。基本上,换句话说,这可以确保您访问苹果的默认钥匙串。
我一直在研究同样的错误。
它的要点是苹果使用的安全服务是为了与钥匙链通信,在极少数情况下,当用户的设备内存不足时,崩溃并使应用程序无法与钥匙链通信结果是可怕的 -34018.
这并不像某些人声称的那样仅在 运行 到 Xcode 期间发生。
这是关于该问题的最新数据taken from the Apple developer forums by one of the Apple staff:
UPDATE: We have finally been able to reproduce the -34018 error on iOS 8.3. This is the first step in identifying the root cause and then coming up with a fix.
As usual, we can't commit to a release timeframe, but this has affected many developers and we really want to get this resolved.
Earlier I suggested adding a small delay in application:didFinishLaunchingWithOptions and applicationDidBecomeActive: before accessing the keychain as a workaround. However, that doesn't actually appear to help. That means that there's no known workaround at this time other than relaunching the app.
The issue appears to be related to memory pressure, so perhaps being more aggressive in handling memory warnings may alleviate the problem.
来自另一位 Apple 员工:
- Keychain engineering is well aware of how important this issue is.
- The primary problem has been reproducing the failure here at Apple.
- We're now able to do that (largely thanks to the work you guys have put in filing and following up on your bug reports).
来自另一位 Apple 员工于 2016 年 3 月 22 日:
OK, here’s the latest. This is a complex problem with multiple possible causes: Some instances of the problem are caused by incorrect app signing. You can easily distinguish this case because the problem is 100% reproducible. Some instances of the problem are caused by a bug in how iOS supports app development (r. 23,991,853). Debugging this was complicated by the fact that another bug in the OS (r. 23,770,418) masked its effect, meaning the problem only cropped up when the device was under memory pressure. We believe these problems were resolved in iOS 9.3. We suspect that there may be yet more causes of this problem. So, if you see this problem on a user device (one that hasn’t been talked to by Xcode) that’s running iOS 9.3 or later, please do file a bug report about it. Try to include the device system log in your bug report (I realise that can be tricky when dealing with customer devices; one option is to ask the customer to install Apple Configurator, which lets them view the system log). And if you do file a bug, please post your bug number, just for the record. On behalf of Apple I’d like to thank everyone for their efforts in helping to track down this rather horrid issue. Share and Enjoy
不幸的是,没有已知的解决方法,并且该问题在 9.3.2 Beta 1 (13F51a)
中仍未修复在尝试了堆栈溢出中的许多修复之后,事情仍然对我不起作用。
有效的是在 Xcode 中切换钥匙串共享功能。构建并 运行 并立即运行。