keychain

来自于:AC模块工作室立即使用

add delete purge check 错误码

概述

iOS 沙盒机制

每个 iOS 程序都有一个独立的文件系统(存储空间),而且只能在对应的文件系统中进行操作,此区域被称为沙盒。应用必须待在自己的沙盒里,其他应用不能访问该沙盒(通过shareAction模块分享除外)。当然该应用也不能访问其它应用的沙盒(某些系统资源除外,如系统相册等,编译之前需申请访问权限)。

沙盒中的目录

  • Documents (fs://协议对应的路径的根目录)保存应用程序的重要数据文件和用户数据文件等。用户数据基本上都放在这个位置(例如从网上下载的图片或音乐文件),该文件夹在应用程序更新时会自动备份,在连接iTunes时也可以自动同步备份其中的数据。

  • Library/Caches:(cache://协议对应的路径的根目录)保存应用程序使用时产生的支持文件和缓存文件(保存应用程序再次启动过程中需要的信息),还有日志文件最好也放在这个目录。iTunes 同步时不会备份该目录并且可能被其他工具清理掉其中的数据。

iOS 上的钥匙串

在iOS 上整个系统只有一个 keychain,每个程序都可以往 keychain 中记录数据,而且只能读取到自己程序记录在 keychain 中的数据。APP 卸载后 keychain 中的数据依然保留。即便重启、更新升级系统 keychain 中的数据也不会被清楚。除非卸载 APP 后在系统设置里还原系统,keychain 中的数据才会被抹掉。

共享钥匙串

前面提到了每个 APP 只允许访问自己在 keychain 中记录的数据,那么是不是就没有别的办法访问其他 APP 存在 keychain 的数据了?​   苹果提供了一个方法允许同一个发商的多个 APP 访问各 APP 之间公用的钥匙串,即在调 add 添加数据的时候指定 AccessGroup,即访问组。一个 APP 可以同时属于多个分组。

共享钥匙串,需要配置 entitlements文件。有关 entitlements文件 文件的说明参考论坛

配置示例如下:

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  3. <plist version="1.0">
  4. <dict>
  5. <key>keychain-access-groups</key>
  6. <array>
  7. <string>$(AppIdentifierPrefix)8DYK634***.com.apicloud.openSDK</string>
  8. <string>$(AppIdentifierPrefix)8DYK63463V.com.apicloud.applepay</string>
  9. </array>
  10. </dict>
  11. </plist>

注意:8DYK634* 是你开发者ID,com.apicloud.openSDK是你的应用包名(bundle id)。

Android配置自定义模块

android此模块封装的android账号系统,多个应用使用同一个需要通过自定义模块设置accountType应用之间会共享账号,需要设置自己独一无二的accountType 否则可能与其他项目设置的账号混乱。需要通过自定义模块设置accountType,方法如下:

下载 keychainAppendix 模块 zip 包并解压,打开keychainAppendix\res_keychain\res\xml\authenticator.xml文件修改accountType属性,即更换“com.apicloud.keychain”字符串,替换为自定义任何字符串,一般设置为该项目包名。然后重新压缩整个模块包为 zip 包文件上传自定义模块,云编译时勾选该模块。

模块简述

本模块封装了对iOS上钥匙串的相关操作。通过使用本模块开发者可以对钥匙串进行增删改查四个操作,既为本模块提供的四个接口:add、delete、purge、check。

add

往钥匙串添加数据

add({params},callback(ret,err))

params

username:

  • 类型:字符串
  • 描述:用户名

serviceName:

  • 类型:字符串
  • 描述:服务器名(android为通过自定义模块设置的accountType固定值)

password:

  • 类型:字符串
  • 描述:密码

updateExisting:

  • 类型:布尔类型
  • 描述:(可选项)若已存在,是否覆盖(仅iOS支持,android不可覆盖)
  • 默认:true

callback(ret,err)

ret:

  • 类型:JSON 对象
  • 内部字段:
  1. {
  2. status: //布尔类型;是否添加成功,true|false
  3. }

err:

  • 类型:JSON 对象
  • 内部字段:
  1. {
  2. code: //数字类型;错误码,取值范围参考附录错误码(仅iOS支持)
  3. msg:'', //字符串类型;错误提示(仅android支持)
  4. }

示例代码

  1. var keychain = api.require('keychain');
  2. keychain.add(function(ret) {
  3. if (ret.status) {
  4. alert('添加成功!');
  5. }
  6. });

可用性

iOS 系统,android系统

可提供的 1.0.0 及更高版本

delete

往钥匙串删除数据

delete({params},callback(ret,err))

params

username:

  • 类型:字符串
  • 描述:用户名

serviceName:

  • 类型:字符串
  • 描述:服务器名(android为通过自定义模块设置的accountType固定值)

callback(ret,err)

ret:

  • 类型:JSON 对象
  • 内部字段:
  1. {
  2. status: //布尔类型;是否删除成功,true|false
  3. }

err:

  • 类型:JSON 对象
  • 内部字段:
  1. {
  2. code: //数字类型;错误码,取值范围参考附录错误码(仅iOS支持)
  3. msg:'', //字符串类型;错误提示(仅android支持)
  4. }

示例代码

  1. var keychain = api.require('keychain');
  2. keychain.delete(function(ret) {
  3. if (ret.status) {
  4. alert('删除成功!');
  5. }
  6. });

可用性

iOS 系统,android系统

可提供的 1.0.0 及更高版本

purge

清空钥匙串中的某条数据(仅iOS支持)

purge({params},callback(ret,err))

params

serviceName:

  • 类型:字符串
  • 描述:服务器名

callback(ret,err)

ret:

  • 类型:JSON 对象
  • 内部字段:
  1. {
  2. status: //布尔类型;是否清除成功,true|false
  3. }

err:

  • 类型:JSON 对象
  • 内部字段:
  1. {
  2. code: //数字类型;错误码,取值范围参考附录错误码
  3. }

示例代码

  1. var keychain = api.require('keychain');
  2. keychain.purge(function(ret) {
  3. if (ret.status) {
  4. alert('清除成功!');
  5. }
  6. });

可用性

iOS 系统

可提供的 1.0.0 及更高版本

check

查询钥匙串中的数据

check({params},callback(ret,err))

params

username:

  • 类型:字符串
  • 描述:用户名

serviceName:

  • 类型:字符串
  • 描述:服务器名(android为通过自定义模块设置的accountType固定值)

callback(ret,err)

ret:

  • 类型:JSON 对象
  • 内部字段:
  1. {
  2. status: true, //布尔类型;是否添加成功,true|false
  3. password:'' //字符串类型;获取的密码
  4. }

err:

  • 类型:JSON 对象
  • 内部字段:
  1. {
  2. code:, //数字类型;错误码,取值范围参考附录错误码(仅iOS支持)
  3. msg:'', //字符串类型;错误提示(仅android支持)
  4. }

示例代码

  1. var keychain = api.require('keychain');
  2. keychain.check(function(ret) {
  3. if (ret.status) {
  4. alert('添加成功!');
  5. }
  6. });

可用性

iOS 系统,android系统

可提供的 1.0.0 及更高版本

错误码

  1. {
  2. errSecSuccess = 0, /* No error. */
  3. errSecUnimplemented = -4, /* Function or operation not implemented. */
  4. errSecDiskFull = -34, /* The disk is full. */
  5. errSecDskFull = -34,
  6. errSecIO = -36, /* I/O error. */
  7. errSecOpWr = -49, /* File already open with write permission. */
  8. errSecParam = -50, /* One or more parameters passed to a function were not valid. */
  9. errSecWrPerm = -61, /* Write permissions error. */
  10. errSecAllocate = -108, /* Failed to allocate memory. */
  11. errSecUserCanceled = -128, /* User canceled the operation. */
  12. errSecBadReq = -909, /* Bad parameter or invalid state for operation. */
  13. errSecInternalComponent = -2070,
  14. errSecCoreFoundationUnknown = -4960,
  15. errSecMissingEntitlement = -34018, /* A required entitlement isn't present. */
  16. errSecNotAvailable = -25291, /* No keychain is available. You may need to restart your computer. */
  17. errSecReadOnly = -25292, /* This keychain cannot be modified. */
  18. errSecAuthFailed = -25293, /* The user name or passphrase you entered is not correct. */
  19. errSecNoSuchKeychain = -25294, /* The specified keychain could not be found. */
  20. errSecInvalidKeychain = -25295, /* The specified keychain is not a valid keychain file. */
  21. errSecDuplicateKeychain = -25296, /* A keychain with the same name already exists. */
  22. errSecDuplicateCallback = -25297, /* The specified callback function is already installed. */
  23. errSecInvalidCallback = -25298, /* The specified callback function is not valid. */
  24. errSecDuplicateItem = -25299, /* The specified item already exists in the keychain. */
  25. errSecItemNotFound = -25300, /* The specified item could not be found in the keychain. */
  26. errSecBufferTooSmall = -25301, /* There is not enough memory available to use the specified item. */
  27. errSecDataTooLarge = -25302, /* This item contains information which is too large or in a format that cannot be displayed. */
  28. errSecNoSuchAttr = -25303, /* The specified attribute does not exist. */
  29. errSecInvalidItemRef = -25304, /* The specified item is no longer valid. It may have been deleted from the keychain. */
  30. errSecInvalidSearchRef = -25305, /* Unable to search the current keychain. */
  31. errSecNoSuchClass = -25306, /* The specified item does not appear to be a valid keychain item. */
  32. errSecNoDefaultKeychain = -25307, /* A default keychain could not be found. */
  33. errSecInteractionNotAllowed = -25308, /* User interaction is not allowed. */
  34. errSecReadOnlyAttr = -25309, /* The specified attribute could not be modified. */
  35. errSecWrongSecVersion = -25310, /* This keychain was created by a different version of the system software and cannot be opened. */
  36. errSecKeySizeNotAllowed = -25311, /* This item specifies a key size which is too large or too small. */
  37. errSecNoStorageModule = -25312, /* A required component (data storage module) could not be loaded. You may need to restart your computer. */
  38. errSecNoCertificateModule = -25313, /* A required component (certificate module) could not be loaded. You may need to restart your computer. */
  39. errSecNoPolicyModule = -25314, /* A required component (policy module) could not be loaded. You may need to restart your computer. */
  40. errSecInteractionRequired = -25315, /* User interaction is required, but is currently not allowed. */
  41. errSecDataNotAvailable = -25316, /* The contents of this item cannot be retrieved. */
  42. errSecDataNotModifiable = -25317, /* The contents of this item cannot be modified. */
  43. errSecCreateChainFailed = -25318, /* One or more certificates required to validate this certificate cannot be found. */
  44. errSecInvalidPrefsDomain = -25319, /* The specified preferences domain is not valid. */
  45. errSecInDarkWake = -25320, /* In dark wake, no UI possible */
  46. errSecACLNotSimple = -25240, /* The specified access control list is not in standard (simple) form. */
  47. errSecPolicyNotFound = -25241, /* The specified policy cannot be found. */
  48. errSecInvalidTrustSetting = -25242, /* The specified trust setting is invalid. */
  49. errSecNoAccessForItem = -25243, /* The specified item has no access control. */
  50. errSecInvalidOwnerEdit = -25244, /* Invalid attempt to change the owner of this item. */
  51. errSecTrustNotAvailable = -25245, /* No trust results are available. */
  52. errSecUnsupportedFormat = -25256, /* Import/Export format unsupported. */
  53. errSecUnknownFormat = -25257, /* Unknown format in import. */
  54. errSecKeyIsSensitive = -25258, /* Key material must be wrapped for export. */
  55. errSecMultiplePrivKeys = -25259, /* An attempt was made to import multiple private keys. */
  56. errSecPassphraseRequired = -25260, /* Passphrase is required for import/export. */
  57. errSecInvalidPasswordRef = -25261, /* The password reference was invalid. */
  58. errSecInvalidTrustSettings = -25262, /* The Trust Settings Record was corrupted. */
  59. errSecNoTrustSettings = -25263, /* No Trust Settings were found. */
  60. errSecPkcs12VerifyFailure = -25264, /* MAC verification failed during PKCS12 import (wrong password?) */
  61. errSecNotSigner = -26267, /* A certificate was not signed by its proposed parent. */
  62. errSecDecode = -26275, /* Unable to decode the provided data. */
  63. errSecServiceNotAvailable = -67585, /* The required service is not available. */
  64. errSecInsufficientClientID = -67586, /* The client ID is not correct. */
  65. errSecDeviceReset = -67587, /* A device reset has occurred. */
  66. errSecDeviceFailed = -67588, /* A device failure has occurred. */
  67. errSecAppleAddAppACLSubject = -67589, /* Adding an application ACL subject failed. */
  68. errSecApplePublicKeyIncomplete = -67590, /* The public key is incomplete. */
  69. errSecAppleSignatureMismatch = -67591, /* A signature mismatch has occurred. */
  70. errSecAppleInvalidKeyStartDate = -67592, /* The specified key has an invalid start date. */
  71. errSecAppleInvalidKeyEndDate = -67593, /* The specified key has an invalid end date. */
  72. errSecConversionError = -67594, /* A conversion error has occurred. */
  73. errSecAppleSSLv2Rollback = -67595, /* A SSLv2 rollback error has occurred. */
  74. errSecQuotaExceeded = -67596, /* The quota was exceeded. */
  75. errSecFileTooBig = -67597, /* The file is too big. */
  76. errSecInvalidDatabaseBlob = -67598, /* The specified database has an invalid blob. */
  77. errSecInvalidKeyBlob = -67599, /* The specified database has an invalid key blob. */
  78. errSecIncompatibleDatabaseBlob = -67600, /* The specified database has an incompatible blob. */
  79. errSecIncompatibleKeyBlob = -67601, /* The specified database has an incompatible key blob. */
  80. errSecHostNameMismatch = -67602, /* A host name mismatch has occurred. */
  81. errSecUnknownCriticalExtensionFlag = -67603, /* There is an unknown critical extension flag. */
  82. errSecNoBasicConstraints = -67604, /* No basic constraints were found. */
  83. errSecNoBasicConstraintsCA = -67605, /* No basic CA constraints were found. */
  84. errSecInvalidAuthorityKeyID = -67606, /* The authority key ID is not valid. */
  85. errSecInvalidSubjectKeyID = -67607, /* The subject key ID is not valid. */
  86. errSecInvalidKeyUsageForPolicy = -67608, /* The key usage is not valid for the specified policy. */
  87. errSecInvalidExtendedKeyUsage = -67609, /* The extended key usage is not valid. */
  88. errSecInvalidIDLinkage = -67610, /* The ID linkage is not valid. */
  89. errSecPathLengthConstraintExceeded = -67611, /* The path length constraint was exceeded. */
  90. errSecInvalidRoot = -67612, /* The root or anchor certificate is not valid. */
  91. errSecCRLExpired = -67613, /* The CRL has expired. */
  92. errSecCRLNotValidYet = -67614, /* The CRL is not yet valid. */
  93. errSecCRLNotFound = -67615, /* The CRL was not found. */
  94. errSecCRLServerDown = -67616, /* The CRL server is down. */
  95. errSecCRLBadURI = -67617, /* The CRL has a bad Uniform Resource Identifier. */
  96. errSecUnknownCertExtension = -67618, /* An unknown certificate extension was encountered. */
  97. errSecUnknownCRLExtension = -67619, /* An unknown CRL extension was encountered. */
  98. errSecCRLNotTrusted = -67620, /* The CRL is not trusted. */
  99. errSecCRLPolicyFailed = -67621, /* The CRL policy failed. */
  100. errSecIDPFailure = -67622, /* The issuing distribution point was not valid. */
  101. errSecSMIMEEmailAddressesNotFound = -67623, /* An email address mismatch was encountered. */
  102. errSecSMIMEBadExtendedKeyUsage = -67624, /* The appropriate extended key usage for SMIME was not found. */
  103. errSecSMIMEBadKeyUsage = -67625, /* The key usage is not compatible with SMIME. */
  104. errSecSMIMEKeyUsageNotCritical = -67626, /* The key usage extension is not marked as critical. */
  105. errSecSMIMENoEmailAddress = -67627, /* No email address was found in the certificate. */
  106. errSecSMIMESubjAltNameNotCritical = -67628, /* The subject alternative name extension is not marked as critical. */
  107. errSecSSLBadExtendedKeyUsage = -67629, /* The appropriate extended key usage for SSL was not found. */
  108. errSecOCSPBadResponse = -67630, /* The OCSP response was incorrect or could not be parsed. */
  109. errSecOCSPBadRequest = -67631, /* The OCSP request was incorrect or could not be parsed. */
  110. errSecOCSPUnavailable = -67632, /* OCSP service is unavailable. */
  111. errSecOCSPStatusUnrecognized = -67633, /* The OCSP server did not recognize this certificate. */
  112. errSecEndOfData = -67634, /* An end-of-data was detected. */
  113. errSecIncompleteCertRevocationCheck = -67635, /* An incomplete certificate revocation check occurred. */
  114. errSecNetworkFailure = -67636, /* A network failure occurred. */
  115. errSecOCSPNotTrustedToAnchor = -67637, /* The OCSP response was not trusted to a root or anchor certificate. */
  116. errSecRecordModified = -67638, /* The record was modified. */
  117. errSecOCSPSignatureError = -67639, /* The OCSP response had an invalid signature. */
  118. errSecOCSPNoSigner = -67640, /* The OCSP response had no signer. */
  119. errSecOCSPResponderMalformedReq = -67641, /* The OCSP responder was given a malformed request. */
  120. errSecOCSPResponderInternalError = -67642, /* The OCSP responder encountered an internal error. */
  121. errSecOCSPResponderTryLater = -67643, /* The OCSP responder is busy, try again later. */
  122. errSecOCSPResponderSignatureRequired = -67644, /* The OCSP responder requires a signature. */
  123. errSecOCSPResponderUnauthorized = -67645, /* The OCSP responder rejected this request as unauthorized. */
  124. errSecOCSPResponseNonceMismatch = -67646, /* The OCSP response nonce did not match the request. */
  125. errSecCodeSigningBadCertChainLength = -67647, /* Code signing encountered an incorrect certificate chain length. */
  126. errSecCodeSigningNoBasicConstraints = -67648, /* Code signing found no basic constraints. */
  127. errSecCodeSigningBadPathLengthConstraint = -67649, /* Code signing encountered an incorrect path length constraint. */
  128. errSecCodeSigningNoExtendedKeyUsage = -67650, /* Code signing found no extended key usage. */
  129. errSecCodeSigningDevelopment = -67651, /* Code signing indicated use of a development-only certificate. */
  130. errSecResourceSignBadCertChainLength = -67652, /* Resource signing has encountered an incorrect certificate chain length. */
  131. errSecResourceSignBadExtKeyUsage = -67653, /* Resource signing has encountered an error in the extended key usage. */
  132. errSecTrustSettingDeny = -67654, /* The trust setting for this policy was set to Deny. */
  133. errSecInvalidSubjectName = -67655, /* An invalid certificate subject name was encountered. */
  134. errSecUnknownQualifiedCertStatement = -67656, /* An unknown qualified certificate statement was encountered. */
  135. errSecMobileMeRequestQueued = -67657,
  136. errSecMobileMeRequestRedirected = -67658,
  137. errSecMobileMeServerError = -67659,
  138. errSecMobileMeServerNotAvailable = -67660,
  139. errSecMobileMeServerAlreadyExists = -67661,
  140. errSecMobileMeServerServiceErr = -67662,
  141. errSecMobileMeRequestAlreadyPending = -67663,
  142. errSecMobileMeNoRequestPending = -67664,
  143. errSecMobileMeCSRVerifyFailure = -67665,
  144. errSecMobileMeFailedConsistencyCheck = -67666,
  145. errSecNotInitialized = -67667, /* A function was called without initializing CSSM. */
  146. errSecInvalidHandleUsage = -67668, /* The CSSM handle does not match with the service type. */
  147. errSecPVCReferentNotFound = -67669, /* A reference to the calling module was not found in the list of authorized callers. */
  148. errSecFunctionIntegrityFail = -67670, /* A function address was not within the verified module. */
  149. errSecInternalError = -67671, /* An internal error has occurred. */
  150. errSecMemoryError = -67672, /* A memory error has occurred. */
  151. errSecInvalidData = -67673, /* Invalid data was encountered. */
  152. errSecMDSError = -67674, /* A Module Directory Service error has occurred. */
  153. errSecInvalidPointer = -67675, /* An invalid pointer was encountered. */
  154. errSecSelfCheckFailed = -67676, /* Self-check has failed. */
  155. errSecFunctionFailed = -67677, /* A function has failed. */
  156. errSecModuleManifestVerifyFailed = -67678, /* A module manifest verification failure has occurred. */
  157. errSecInvalidGUID = -67679, /* An invalid GUID was encountered. */
  158. errSecInvalidHandle = -67680, /* An invalid handle was encountered. */
  159. errSecInvalidDBList = -67681, /* An invalid DB list was encountered. */
  160. errSecInvalidPassthroughID = -67682, /* An invalid passthrough ID was encountered. */
  161. errSecInvalidNetworkAddress = -67683, /* An invalid network address was encountered. */
  162. errSecCRLAlreadySigned = -67684, /* The certificate revocation list is already signed. */
  163. errSecInvalidNumberOfFields = -67685, /* An invalid number of fields were encountered. */
  164. errSecVerificationFailure = -67686, /* A verification failure occurred. */
  165. errSecUnknownTag = -67687, /* An unknown tag was encountered. */
  166. errSecInvalidSignature = -67688, /* An invalid signature was encountered. */
  167. errSecInvalidName = -67689, /* An invalid name was encountered. */
  168. errSecInvalidCertificateRef = -67690, /* An invalid certificate reference was encountered. */
  169. errSecInvalidCertificateGroup = -67691, /* An invalid certificate group was encountered. */
  170. errSecTagNotFound = -67692, /* The specified tag was not found. */
  171. errSecInvalidQuery = -67693, /* The specified query was not valid. */
  172. errSecInvalidValue = -67694, /* An invalid value was detected. */
  173. errSecCallbackFailed = -67695, /* A callback has failed. */
  174. errSecACLDeleteFailed = -67696, /* An ACL delete operation has failed. */
  175. errSecACLReplaceFailed = -67697, /* An ACL replace operation has failed. */
  176. errSecACLAddFailed = -67698, /* An ACL add operation has failed. */
  177. errSecACLChangeFailed = -67699, /* An ACL change operation has failed. */
  178. errSecInvalidAccessCredentials = -67700, /* Invalid access credentials were encountered. */
  179. errSecInvalidRecord = -67701, /* An invalid record was encountered. */
  180. errSecInvalidACL = -67702, /* An invalid ACL was encountered. */
  181. errSecInvalidSampleValue = -67703, /* An invalid sample value was encountered. */
  182. errSecIncompatibleVersion = -67704, /* An incompatible version was encountered. */
  183. errSecPrivilegeNotGranted = -67705, /* The privilege was not granted. */
  184. errSecInvalidScope = -67706, /* An invalid scope was encountered. */
  185. errSecPVCAlreadyConfigured = -67707, /* The PVC is already configured. */
  186. errSecInvalidPVC = -67708, /* An invalid PVC was encountered. */
  187. errSecEMMLoadFailed = -67709, /* The EMM load has failed. */
  188. errSecEMMUnloadFailed = -67710, /* The EMM unload has failed. */
  189. errSecAddinLoadFailed = -67711, /* The add-in load operation has failed. */
  190. errSecInvalidKeyRef = -67712, /* An invalid key was encountered. */
  191. errSecInvalidKeyHierarchy = -67713, /* An invalid key hierarchy was encountered. */
  192. errSecAddinUnloadFailed = -67714, /* The add-in unload operation has failed. */
  193. errSecLibraryReferenceNotFound = -67715, /* A library reference was not found. */
  194. errSecInvalidAddinFunctionTable = -67716, /* An invalid add-in function table was encountered. */
  195. errSecInvalidServiceMask = -67717, /* An invalid service mask was encountered. */
  196. errSecModuleNotLoaded = -67718, /* A module was not loaded. */
  197. errSecInvalidSubServiceID = -67719, /* An invalid subservice ID was encountered. */
  198. errSecAttributeNotInContext = -67720, /* An attribute was not in the context. */
  199. errSecModuleManagerInitializeFailed = -67721, /* A module failed to initialize. */
  200. errSecModuleManagerNotFound = -67722, /* A module was not found. */
  201. errSecEventNotificationCallbackNotFound = -67723, /* An event notification callback was not found. */
  202. errSecInputLengthError = -67724, /* An input length error was encountered. */
  203. errSecOutputLengthError = -67725, /* An output length error was encountered. */
  204. errSecPrivilegeNotSupported = -67726, /* The privilege is not supported. */
  205. errSecDeviceError = -67727, /* A device error was encountered. */
  206. errSecAttachHandleBusy = -67728, /* The CSP handle was busy. */
  207. errSecNotLoggedIn = -67729, /* You are not logged in. */
  208. errSecAlgorithmMismatch = -67730, /* An algorithm mismatch was encountered. */
  209. errSecKeyUsageIncorrect = -67731, /* The key usage is incorrect. */
  210. errSecKeyBlobTypeIncorrect = -67732, /* The key blob type is incorrect. */
  211. errSecKeyHeaderInconsistent = -67733, /* The key header is inconsistent. */
  212. errSecUnsupportedKeyFormat = -67734, /* The key header format is not supported. */
  213. errSecUnsupportedKeySize = -67735, /* The key size is not supported. */
  214. errSecInvalidKeyUsageMask = -67736, /* The key usage mask is not valid. */
  215. errSecUnsupportedKeyUsageMask = -67737, /* The key usage mask is not supported. */
  216. errSecInvalidKeyAttributeMask = -67738, /* The key attribute mask is not valid. */
  217. errSecUnsupportedKeyAttributeMask = -67739, /* The key attribute mask is not supported. */
  218. errSecInvalidKeyLabel = -67740, /* The key label is not valid. */
  219. errSecUnsupportedKeyLabel = -67741, /* The key label is not supported. */
  220. errSecInvalidKeyFormat = -67742, /* The key format is not valid. */
  221. errSecUnsupportedVectorOfBuffers = -67743, /* The vector of buffers is not supported. */
  222. errSecInvalidInputVector = -67744, /* The input vector is not valid. */
  223. errSecInvalidOutputVector = -67745, /* The output vector is not valid. */
  224. errSecInvalidContext = -67746, /* An invalid context was encountered. */
  225. errSecInvalidAlgorithm = -67747, /* An invalid algorithm was encountered. */
  226. errSecInvalidAttributeKey = -67748, /* A key attribute was not valid. */
  227. errSecMissingAttributeKey = -67749, /* A key attribute was missing. */
  228. errSecInvalidAttributeInitVector = -67750, /* An init vector attribute was not valid. */
  229. errSecMissingAttributeInitVector = -67751, /* An init vector attribute was missing. */
  230. errSecInvalidAttributeSalt = -67752, /* A salt attribute was not valid. */
  231. errSecMissingAttributeSalt = -67753, /* A salt attribute was missing. */
  232. errSecInvalidAttributePadding = -67754, /* A padding attribute was not valid. */
  233. errSecMissingAttributePadding = -67755, /* A padding attribute was missing. */
  234. errSecInvalidAttributeRandom = -67756, /* A random number attribute was not valid. */
  235. errSecMissingAttributeRandom = -67757, /* A random number attribute was missing. */
  236. errSecInvalidAttributeSeed = -67758, /* A seed attribute was not valid. */
  237. errSecMissingAttributeSeed = -67759, /* A seed attribute was missing. */
  238. errSecInvalidAttributePassphrase = -67760, /* A passphrase attribute was not valid. */
  239. errSecMissingAttributePassphrase = -67761, /* A passphrase attribute was missing. */
  240. errSecInvalidAttributeKeyLength = -67762, /* A key length attribute was not valid. */
  241. errSecMissingAttributeKeyLength = -67763, /* A key length attribute was missing. */
  242. errSecInvalidAttributeBlockSize = -67764, /* A block size attribute was not valid. */
  243. errSecMissingAttributeBlockSize = -67765, /* A block size attribute was missing. */
  244. errSecInvalidAttributeOutputSize = -67766, /* An output size attribute was not valid. */
  245. errSecMissingAttributeOutputSize = -67767, /* An output size attribute was missing. */
  246. errSecInvalidAttributeRounds = -67768, /* The number of rounds attribute was not valid. */
  247. errSecMissingAttributeRounds = -67769, /* The number of rounds attribute was missing. */
  248. errSecInvalidAlgorithmParms = -67770, /* An algorithm parameters attribute was not valid. */
  249. errSecMissingAlgorithmParms = -67771, /* An algorithm parameters attribute was missing. */
  250. errSecInvalidAttributeLabel = -67772, /* A label attribute was not valid. */
  251. errSecMissingAttributeLabel = -67773, /* A label attribute was missing. */
  252. errSecInvalidAttributeKeyType = -67774, /* A key type attribute was not valid. */
  253. errSecMissingAttributeKeyType = -67775, /* A key type attribute was missing. */
  254. errSecInvalidAttributeMode = -67776, /* A mode attribute was not valid. */
  255. errSecMissingAttributeMode = -67777, /* A mode attribute was missing. */
  256. errSecInvalidAttributeEffectiveBits = -67778, /* An effective bits attribute was not valid. */
  257. errSecMissingAttributeEffectiveBits = -67779, /* An effective bits attribute was missing. */
  258. errSecInvalidAttributeStartDate = -67780, /* A start date attribute was not valid. */
  259. errSecMissingAttributeStartDate = -67781, /* A start date attribute was missing. */
  260. errSecInvalidAttributeEndDate = -67782, /* An end date attribute was not valid. */
  261. errSecMissingAttributeEndDate = -67783, /* An end date attribute was missing. */
  262. errSecInvalidAttributeVersion = -67784, /* A version attribute was not valid. */
  263. errSecMissingAttributeVersion = -67785, /* A version attribute was missing. */
  264. errSecInvalidAttributePrime = -67786, /* A prime attribute was not valid. */
  265. errSecMissingAttributePrime = -67787, /* A prime attribute was missing. */
  266. errSecInvalidAttributeBase = -67788, /* A base attribute was not valid. */
  267. errSecMissingAttributeBase = -67789, /* A base attribute was missing. */
  268. errSecInvalidAttributeSubprime = -67790, /* A subprime attribute was not valid. */
  269. errSecMissingAttributeSubprime = -67791, /* A subprime attribute was missing. */
  270. errSecInvalidAttributeIterationCount = -67792, /* An iteration count attribute was not valid. */
  271. errSecMissingAttributeIterationCount = -67793, /* An iteration count attribute was missing. */
  272. errSecInvalidAttributeDLDBHandle = -67794, /* A database handle attribute was not valid. */
  273. errSecMissingAttributeDLDBHandle = -67795, /* A database handle attribute was missing. */
  274. errSecInvalidAttributeAccessCredentials = -67796, /* An access credentials attribute was not valid. */
  275. errSecMissingAttributeAccessCredentials = -67797, /* An access credentials attribute was missing. */
  276. errSecInvalidAttributePublicKeyFormat = -67798, /* A public key format attribute was not valid. */
  277. errSecMissingAttributePublicKeyFormat = -67799, /* A public key format attribute was missing. */
  278. errSecInvalidAttributePrivateKeyFormat = -67800, /* A private key format attribute was not valid. */
  279. errSecMissingAttributePrivateKeyFormat = -67801, /* A private key format attribute was missing. */
  280. errSecInvalidAttributeSymmetricKeyFormat = -67802, /* A symmetric key format attribute was not valid. */
  281. errSecMissingAttributeSymmetricKeyFormat = -67803, /* A symmetric key format attribute was missing. */
  282. errSecInvalidAttributeWrappedKeyFormat = -67804, /* A wrapped key format attribute was not valid. */
  283. errSecMissingAttributeWrappedKeyFormat = -67805, /* A wrapped key format attribute was missing. */
  284. errSecStagedOperationInProgress = -67806, /* A staged operation is in progress. */
  285. errSecStagedOperationNotStarted = -67807, /* A staged operation was not started. */
  286. errSecVerifyFailed = -67808, /* A cryptographic verification failure has occurred. */
  287. errSecQuerySizeUnknown = -67809, /* The query size is unknown. */
  288. errSecBlockSizeMismatch = -67810, /* A block size mismatch occurred. */
  289. errSecPublicKeyInconsistent = -67811, /* The public key was inconsistent. */
  290. errSecDeviceVerifyFailed = -67812, /* A device verification failure has occurred. */
  291. errSecInvalidLoginName = -67813, /* An invalid login name was detected. */
  292. errSecAlreadyLoggedIn = -67814, /* The user is already logged in. */
  293. errSecInvalidDigestAlgorithm = -67815, /* An invalid digest algorithm was detected. */
  294. errSecInvalidCRLGroup = -67816, /* An invalid CRL group was detected. */
  295. errSecCertificateCannotOperate = -67817, /* The certificate cannot operate. */
  296. errSecCertificateExpired = -67818, /* An expired certificate was detected. */
  297. errSecCertificateNotValidYet = -67819, /* The certificate is not yet valid. */
  298. errSecCertificateRevoked = -67820, /* The certificate was revoked. */
  299. errSecCertificateSuspended = -67821, /* The certificate was suspended. */
  300. errSecInsufficientCredentials = -67822, /* Insufficient credentials were detected. */
  301. errSecInvalidAction = -67823, /* The action was not valid. */
  302. errSecInvalidAuthority = -67824, /* The authority was not valid. */
  303. errSecVerifyActionFailed = -67825, /* A verify action has failed. */
  304. errSecInvalidCertAuthority = -67826, /* The certificate authority was not valid. */
  305. errSecInvaldCRLAuthority = -67827, /* The CRL authority was not valid. */
  306. errSecInvalidCRLEncoding = -67828, /* The CRL encoding was not valid. */
  307. errSecInvalidCRLType = -67829, /* The CRL type was not valid. */
  308. errSecInvalidCRL = -67830, /* The CRL was not valid. */
  309. errSecInvalidFormType = -67831, /* The form type was not valid. */
  310. errSecInvalidID = -67832, /* The ID was not valid. */
  311. errSecInvalidIdentifier = -67833, /* The identifier was not valid. */
  312. errSecInvalidIndex = -67834, /* The index was not valid. */
  313. errSecInvalidPolicyIdentifiers = -67835, /* The policy identifiers are not valid. */
  314. errSecInvalidTimeString = -67836, /* The time specified was not valid. */
  315. errSecInvalidReason = -67837, /* The trust policy reason was not valid. */
  316. errSecInvalidRequestInputs = -67838, /* The request inputs are not valid. */
  317. errSecInvalidResponseVector = -67839, /* The response vector was not valid. */
  318. errSecInvalidStopOnPolicy = -67840, /* The stop-on policy was not valid. */
  319. errSecInvalidTuple = -67841, /* The tuple was not valid. */
  320. errSecMultipleValuesUnsupported = -67842, /* Multiple values are not supported. */
  321. errSecNotTrusted = -67843, /* The certificate was not trusted. */
  322. errSecNoDefaultAuthority = -67844, /* No default authority was detected. */
  323. errSecRejectedForm = -67845, /* The trust policy had a rejected form. */
  324. errSecRequestLost = -67846, /* The request was lost. */
  325. errSecRequestRejected = -67847, /* The request was rejected. */
  326. errSecUnsupportedAddressType = -67848, /* The address type is not supported. */
  327. errSecUnsupportedService = -67849, /* The service is not supported. */
  328. errSecInvalidTupleGroup = -67850, /* The tuple group was not valid. */
  329. errSecInvalidBaseACLs = -67851, /* The base ACLs are not valid. */
  330. errSecInvalidTupleCredendtials = -67852, /* The tuple credentials are not valid. */
  331. errSecInvalidEncoding = -67853, /* The encoding was not valid. */
  332. errSecInvalidValidityPeriod = -67854, /* The validity period was not valid. */
  333. errSecInvalidRequestor = -67855, /* The requestor was not valid. */
  334. errSecRequestDescriptor = -67856, /* The request descriptor was not valid. */
  335. errSecInvalidBundleInfo = -67857, /* The bundle information was not valid. */
  336. errSecInvalidCRLIndex = -67858, /* The CRL index was not valid. */
  337. errSecNoFieldValues = -67859, /* No field values were detected. */
  338. errSecUnsupportedFieldFormat = -67860, /* The field format is not supported. */
  339. errSecUnsupportedIndexInfo = -67861, /* The index information is not supported. */
  340. errSecUnsupportedLocality = -67862, /* The locality is not supported. */
  341. errSecUnsupportedNumAttributes = -67863, /* The number of attributes is not supported. */
  342. errSecUnsupportedNumIndexes = -67864, /* The number of indexes is not supported. */
  343. errSecUnsupportedNumRecordTypes = -67865, /* The number of record types is not supported. */
  344. errSecFieldSpecifiedMultiple = -67866, /* Too many fields were specified. */
  345. errSecIncompatibleFieldFormat = -67867, /* The field format was incompatible. */
  346. errSecInvalidParsingModule = -67868, /* The parsing module was not valid. */
  347. errSecDatabaseLocked = -67869, /* The database is locked. */
  348. errSecDatastoreIsOpen = -67870, /* The data store is open. */
  349. errSecMissingValue = -67871, /* A missing value was detected. */
  350. errSecUnsupportedQueryLimits = -67872, /* The query limits are not supported. */
  351. errSecUnsupportedNumSelectionPreds = -67873, /* The number of selection predicates is not supported. */
  352. errSecUnsupportedOperator = -67874, /* The operator is not supported. */
  353. errSecInvalidDBLocation = -67875, /* The database location is not valid. */
  354. errSecInvalidAccessRequest = -67876, /* The access request is not valid. */
  355. errSecInvalidIndexInfo = -67877, /* The index information is not valid. */
  356. errSecInvalidNewOwner = -67878, /* The new owner is not valid. */
  357. errSecInvalidModifyMode = -67879, /* The modify mode is not valid. */
  358. errSecMissingRequiredExtension = -67880, /* A required certificate extension is missing. */
  359. errSecExtendedKeyUsageNotCritical = -67881, /* The extended key usage extension was not marked critical. */
  360. errSecTimestampMissing = -67882, /* A timestamp was expected but was not found. */
  361. errSecTimestampInvalid = -67883, /* The timestamp was not valid. */
  362. errSecTimestampNotTrusted = -67884, /* The timestamp was not trusted. */
  363. errSecTimestampServiceNotAvailable = -67885, /* The timestamp service is not available. */
  364. errSecTimestampBadAlg = -67886, /* An unrecognized or unsupported Algorithm Identifier in timestamp. */
  365. errSecTimestampBadRequest = -67887, /* The timestamp transaction is not permitted or supported. */
  366. errSecTimestampBadDataFormat = -67888, /* The timestamp data submitted has the wrong format. */
  367. errSecTimestampTimeNotAvailable = -67889, /* The time source for the Timestamp Authority is not available. */
  368. errSecTimestampUnacceptedPolicy = -67890, /* The requested policy is not supported by the Timestamp Authority. */
  369. errSecTimestampUnacceptedExtension = -67891, /* The requested extension is not supported by the Timestamp Authority. */
  370. errSecTimestampAddInfoNotAvailable = -67892, /* The additional information requested is not available. */
  371. errSecTimestampSystemFailure = -67893, /* The timestamp request cannot be handled due to system failure. */
  372. errSecSigningTimeMissing = -67894, /* A signing time was expected but was not found. */
  373. errSecTimestampRejection = -67895, /* A timestamp transaction was rejected. */
  374. errSecTimestampWaiting = -67896, /* A timestamp transaction is waiting. */
  375. errSecTimestampRevocationWarning = -67897, /* A timestamp authority revocation warning was issued. */
  376. errSecTimestampRevocationNotification = -67898, /* A timestamp authority revocation notification was issued. */
  377. }