Dev*_*s50 2 security encryption cryptography rsa ios
我正在尝试使用iOS上的安全框架使用RSA加密一些数据.我想加密一个简单的base64编码字符串,如下所示:
NSData *data = [[NSData alloc] initWithBase64EncodedString:@"aGFsbG8=" options:0x0];
NSData *encrypted = [pair encrypt:data];
该pair变量保存对使用前成功生成的私钥和公钥的引用SecKeyGeneratePair.
加密函数如下所示:
- (NSData *)encrypt:(NSData *)data {
void *buffer = malloc([self blockSize] * sizeof(uint8_t));
memset(buffer, 0x0, [self blockSize]);
size_t ciphertextBufferLength = [data length];
OSStatus res = SecKeyEncrypt([self keyRef], 0x1, [data bytes], [data length], &buffer[0], &ciphertextBufferLength);
NSLog(@"Result of encryption: %d", res);
return [NSData dataWithBytesNoCopy:buffer length:[self blockSize] freeWhenDone:YES];
}
实施[self blockSize]非常简单:
- (unsigned long)blockSize {
return SecKeyGetBlockSize(keyRef);
}
我用以下函数生成我的键:
- (BOOL)generateNewKeyPairOfSize:(unsigned int)keySize
{
SecKeyRef privKey = [[self publicKey] keyRef];
SecKeyRef pubKey = [[self publicKey] keyRef];
NSDictionary *privateKeyDict = @{ (__bridge id)kSecAttrIsPermanent : @(YES), (__bridge id)kSecAttrApplicationTag : [[self privateKey] tag] };
NSDictionary *publicKeyDict = @{ (__bridge id)kSecAttrIsPermanent : @(YES), (__bridge id)kSecAttrApplicationTag : [[self publicKey] tag] };
NSDictionary *keyDict = @{ (__bridge id)kSecAttrKeyType : (__bridge id)kSecAttrKeyTypeRSA, (__bridge id)kSecAttrKeySizeInBits : @(keySize), (__bridge id)kSecPublicKeyAttrs : publicKeyDict, (__bridge id)kSecPrivateKeyAttrs : privateKeyDict };
OSStatus res = SecKeyGeneratePair((__bridge CFDictionaryRef)keyDict, &privKey, &pubKey);
NSLog(@"Result of generating keys: %d", res);
[[self publicKey] setKeyRef:pubKey];
[[self privateKey] setKeyRef:privKey];
return YES;
}
根据文档的意思,问题是,值的意思res是.因为我需要所有参数,所以我不确定我在这里做错了什么.我不确定参数中是否有错误和位置.呼叫返回128.-4errSecUnimplemented[self blockSize]
谁能帮我这个?
来自文档:
cipherTextLen - 输入时,cipherText参数中提供的缓冲区大小.返回时,实际放入缓冲区的数据量.
您没有设置任何值ciphertextBufferLength.
更新#1
在SecKeyGeneratePair()你有错误的论点:公钥参数必须是第一,私钥是第二.我认为这就是为什么你有错误代码-4的原因.
更新#2
当您从Update#1修复问题时,您将看到错误代码-50(errSecParam),因为您的密文长度错误.以下是正确的加密/解密方式:
[self generateNewKeyPairOfSize:1024];
NSData *data = [[NSData alloc] initWithBase64EncodedString:@"aGFsbG8=" options:0x0];
size_t cipherTextSize = [self blockSize];
uint8_t *cipherText = malloc(cipherTextSize);
memset(cipherText, 0, cipherTextSize);
OSStatus res = SecKeyEncrypt(_publicKey, kSecPaddingPKCS1, [data bytes], data.length, cipherText, &cipherTextSize);
NSLog(@"Result of encryption: %d", res);
size_t plainTextSize = cipherTextSize;
uint8_t *plainText = malloc(plainTextSize);
res = SecKeyDecrypt(_privateKey, kSecPaddingPKCS1, cipherText, cipherTextSize, plainText, &plainTextSize);
NSLog(@"Result of decryption: %d", res);
| 归档时间: |
|
| 查看次数: |
1841 次 |
| 最近记录: |