iOS rsa加密与解密

Posted ZY_Liang

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了iOS rsa加密与解密相关的知识,希望对你有一定的参考价值。

转自 --响铃  IOS rsa加密与解密

 

ras加密需要两组秘钥,一组公共秘钥,一组私有秘钥。

生成命令:

openssl req -x509 -out public_key.der -outform der -new -newkey rsa:2048 -keyout private_key.pem

public_key.der为公共秘钥文件,private_key.pem为私有秘钥文件。

生成ios可引用的私有秘钥文件.pfx:

1. OpenSSL rsa -in private_key.pem -out private_key.key

2. OpenSSL req -new -key private_key.key -out private_key.crt

3. OpenSSL x509 -req -days 3650 -in private_key.crt -signkey private_key.key -out rsaCert.crt

4. OpenSSL x509 -outform der -in rsaCert.crt -out rsaCert.der

5. OpenSSL pkcs12 -export -out private_key.pfx -inkey private_key.key -in rsaCert.crt

private_key.pfx即为生成的文件

 

公共秘钥的引用:

- (SecKeyRef)getPublicKey

{

    SecCertificateRef myCertificate = nil;

    NSString *path = [[NSBundle mainBundle] pathForResource:@"public_key" ofType:@"der"];

    NSData *certificateData = [NSData dataWithContentsOfFile:path];

    myCertificate = SecCertificateCreateWithData(kCFAllocatorDefault, (__bridgeCFDataRef)certificateData);

    SecPolicyRef myPolicy = SecPolicyCreateBasicX509();

    SecTrustRef myTrust;

    OSStatus status = SecTrustCreateWithCertificates(myCertificate,myPolicy,&myTrust);

    SecTrustResultType trustResult;

    if (status == noErr) {

        status = SecTrustEvaluate(myTrust, &trustResult);

    }

    return SecTrustCopyPublicKey(myTrust);

 

}

 

私有秘钥的引用

- (SecKeyRef)getPrivateKey

{

    NSString *publicKeyPath = [[NSBundle mainBundle] pathForResource:@"private_key"ofType:@"pfx"];

    NSData *pfxkeyData = [[NSData alloc]initWithContentsOfFile:publicKeyPath];

    

    NSMutableDictionary * options = [[NSMutableDictionary alloc] init];

    [options setObject:@"password" forKey:(__bridge id)kSecImportExportPassphrase];

    

    CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);

    

    OSStatus securityError = SecPKCS12Import((__bridge CFDataRef) pfxkeyData,

                                             (__bridge CFDictionaryRef)options, &items);

    

    CFDictionaryRef identityDict = CFArrayGetValueAtIndex(items, 0);

    SecIdentityRef identityApp =

    (SecIdentityRef)CFDictionaryGetValue(identityDict,

                                         kSecImportItemIdentity);

    

    assert(securityError == noErr);

    SecKeyRef privateKeyRef;

    SecIdentityCopyPrivateKey(identityApp, &privateKeyRef);

    

    return privateKeyRef;

 

}

 

公钥加密:

- (NSData*)rsaEncryptWithData:(NSData*)data usingKey:(SecKeyRef)key{

    

    size_t cipherBufferSize = SecKeyGetBlockSize(key);

    uint8_t *cipherBuffer = malloc(cipherBufferSize * sizeof(uint8_t));

    memset((void *)cipherBuffer, 0*0, cipherBufferSize);

    

    NSData *plainTextBytes = data;

    size_t blockSize = cipherBufferSize - 11;

    size_t blockCount = (size_t)ceil([plainTextBytes length] / (double)blockSize);

    NSMutableData *encryptedData = [NSMutableData dataWithCapacity:0];

    

    for (int i=0; i<blockCount; i++) {

        

        int bufferSize = MIN(blockSize,[plainTextBytes length] - i * blockSize);

        NSData *buffer = [plainTextBytes subdataWithRange:NSMakeRange(i * blockSize, bufferSize)];

        

        OSStatus status = SecKeyEncrypt(key,

                                        kSecPaddingPKCS1,

                                        (const uint8_t *)[buffer bytes],

                                        [buffer length],

                                        cipherBuffer,

                                        &cipherBufferSize);

        

        if (status == noErr){

            NSData *encryptedBytes = [NSData dataWithBytes:(const void *)cipherBuffer length:cipherBufferSize];

            [encryptedData appendData:encryptedBytes];

            

        }else{

            

            if (cipherBuffer) {

                free(cipherBuffer);

            }

            return nil;

        }

    }

    if (cipherBuffer) free(cipherBuffer);

    return encryptedData;

 

}

 

私钥解密:

- (NSData*)rsaDecryptWithData:(NSData*)data usingKey:(SecKeyRef)key{

    NSData *wrappedSymmetricKey = data;

    

    size_t cipherBufferSize = SecKeyGetBlockSize(key);

    size_t keyBufferSize = [wrappedSymmetricKey length];

    

    NSMutableData *bits = [NSMutableData dataWithLength:keyBufferSize];

    OSStatus sanityCheck = SecKeyDecrypt(key,

                                         kSecPaddingPKCS1,

                                         (const uint8_t *) [wrappedSymmetricKey bytes],

                                         cipherBufferSize,

                                         [bits mutableBytes],

                                         &keyBufferSize);

    NSAssert(sanityCheck == noErr, @"Error decrypting, OSStatus == %ld.", sanityCheck);

    

    [bits setLength:keyBufferSize];

    

    return bits;

 

}

 

加密解密网上有写好的ras.m,可以参考:

http://code4app.com/ios/RSA-Encrypt-and-Decrypt/5061d6476803faf86c000001

以上是关于iOS rsa加密与解密的主要内容,如果未能解决你的问题,请参考以下文章

java rsa私钥加密

Python使用rsa模块实现非对称加密与解密

android md5加密与rsa加解密实现代码

Java对称与非对称加密解密,AES与RSA

C# RSA 加密/解密与传输

iOS常用加密之RSA加密解密