ios - SecKeyCreateSignature 使用 privateKey 提供错误访问权限

Question

尝试使用 xcode SecKeyCreateSignature 创建签名时收到错误访问。
这与 web View 中的生物特征注册一起流动。当用户点击注册页面时，设备会向 webview 发送设备 ID 和公钥。
要生成我拥有的 key ...

private let tag = "com.CustomTagName.private",
    deviceId = UIDevice.current.identifierForVendor!.uuidString,

    privateKeyAttr: [NSObject: NSObject] = [
        kSecAttrIsPermanent:true as NSObject,
        kSecAttrApplicationTag: "com.CustomTagName.private".data(using: .utf8)! as NSObject,
        kSecClass: kSecClassKey,
        kSecAttrType: kSecAttrKeyTypeRSA,
        kSecAttrKeySizeInBits : 2048 as NSObject,
        kSecReturnData: kCFBooleanTrue
    ],
    privateKey : SecKey?,
    privateKeyStr = ""
;

...

private func generateKeys() throws {
    var err: Unmanaged<CFError>?
    
    do {
        guard let prk = SecKeyCreateRandomKey(privateKeyAttr as CFDictionary, &err) else {
            throw err!.takeRetainedValue() as Error
        }

        // After creating a random private key It appears we have to unwrap it...?
        guard let unWrappedKey = SecKeyCopyExternalRepresentation(prk, &err) as Data? else {
            throw err!.takeRetainedValue() as Error
        }

        self.privateKeyStr = unWrappedKey.base64EncodedString()
        self.privateKey = prk;

    } catch {

    }
}

从这里我使用

let publicKey = SecKeyCopyPublicKey(self.privateKey!);

如果我要调用 SecKeyCreateSignature 我没有问题。但是在用户需要登录之前，我不会调用签名。所以我使用...检索 key

let message = "HereIAm";
let statusPrivateKey = SecItemCopyMatching(privateKeyAttr as CFDictionary, &resultPrivateKey)

if statusPrivateKey != noErr || resultPrivateKey == nil{
    fatalError("Error getting private key")
}

self.privateKey = resultPrivateKey as! SecKey?;
self.privateKeyStr = (privateKey as! Data).base64EncodedString()

// Bad Access Error Here \\
guard let signFingerPrint = SecKeyCreateSignature(privateKey!, SecKeyAlgorithm.rsaSignatureMessagePKCS1v15SHA512, message.data(using: .utf8)! as CFData, &err) else {
    fatalError("Signing error")
}

我确实注意到 SecKey 不需要用 SecKeyCopyExternalRepresentation 解包。
当数据相同时，我不明白 to Sec Keys 的区别。
如何检索可以创建签名的私钥？

Answer 1

我找到了答案......有点，在我的私有(private)Attrs 我有

kSecReturnData: kCFBooleanTrue

并且应该是

kSecReturnRef: kCFBooleanTrue

在我的情况下，我将 Data 作为类型返回，但我需要返回原始引用的类型。