Error -50 adding private key with SecItemAdd

I am able to create a private key, but I always get a status of `-50` when I try adding the key to the keychain using `SecItemAdd`. Here is the code I am running in an iOS playground:


```

let randomOptions: [String: Any] = [kSecAttrKeyType as String: kSecAttrKeyTypeEC,

kSecAttrKeySizeInBits as String: 256,

]

let randomPrivateKey = SecKeyCreateRandomKey(randomOptions as CFDictionary, &error)

let addquery: [String: Any] = [kSecClass as String: kSecClassKey,

kSecAttrApplicationTag as String: tag,

kSecValueRef as String: randomPrivateKey!,

]


let status = SecItemAdd(addquery as CFDictionary, nil)

```


The debug description in the playground for `randomPrivateKey` is `<SecKeyRef curve type: kSecECCurveSecp256r1, algorithm id: 3, key type: ECPrivateKey, version: 4, block size: 256 bits, addr: 0x7fbaac5057a0>`, which makes it look like the private key is being created successfully. But no matter what I try as a private key, `SecItemAdd` always returns `-50`.


The instructions here seem to imply that this approach _should_ work. What am I doing wrong?

Up vote post of mharper Down vote post of mharper
2.3k views
Posted by
mharper
Reply
Add a Comment

Replies

I’m not sure what’s going on in your specific case but I took your code, plugged it into a test project, minimally tweaked it to get it to build, and it worked for me.

Here’s the code I ended up with:

var error: Unmanaged<CFError>? = nil

let randomPrivateKey = SecKeyCreateRandomKey([
    kSecAttrKeyType: kSecAttrKeyTypeEC,
    kSecAttrKeySizeInBits: 256,
] as CFDictionary, &error)!

let tag = UUID().uuidString

let status = SecItemAdd([
    kSecClass: kSecClassKey,
    kSecAttrApplicationTag: tag,
    kSecValueRef: randomPrivateKey,
] as CFDictionary, nil)

NSLog("%d", status)

This was Xcode 9.4 running on the iOS 11.4 simulator.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thanks for trying it out for me, Quinn. Is it possible that I can't keychain from a playground for some reason?

Posted by
mharper
Up vote reply of mharper Down vote reply of mharper
Add a Comment

Is it possible that I can't keychain from a playground for some reason?

That’s most likely the cause. The keychain APIs require the ‘application identifier’ entitlement (the actual entitlement name varies by platform) and that often causes problems in non-standard environments (for example, there were problems back in the iOS 10 timeframe where keychain APIs failed in the iOS Simulator itself).

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Hi When you generate a private key it works. How about you adding a private/public key received form external source.

When tried I always get -50 error code


ie I received a public key as a string from an external source and i need to encrypt the data, so I need to add it to key chain.


I use the below code to add the public key recieved from server to the keychain. but when i call the SecItemAdd method i receive -50 as status


Code Snippet

let tag = "com.myproject.publickey".data(using: .utf8)!

let addquery: [String: Any] = [kSecClass as String: kSecClassKey,

kSecAttrApplicationTag as String: tag,

kSecValueRef as String: key]


let status = SecItemAdd(query as CFDictionary, nil)



Kindly let us know how to add the public key recived form extrnal source to key chain for encryption.

Posted by
anilkbalakrishnan
Up vote reply of anilkbalakrishnan Down vote reply of anilkbalakrishnan
Add a Comment