正文
iOS RSA 证书加密
小程序:扫一扫查出行
【扫一扫了解最新限行尾号】
复制小程序
【扫一扫了解最新限行尾号】
复制小程序
#import "GLQyRsa.h"
#import "GLSupprot.h"
#import "GLLoginViewController.h" @implementation GLQyRsa static SecKeyRef _public_key=nil;
+ (SecKeyRef) getPublicKeyFile
{ // 从公钥证书文件中获取到公钥的SecKeyRef指针
if(_public_key == nil){
//NSData *certificateData = [RSA_KEY_BASE64 dataUsingEncoding:NSUTF8StringEncoding];
// NSString *publicKeyPath = [[NSBundle mainBundle] pathForResource:@"public_key"
// ofType:@"der"];
// if (publicKeyPath == nil) {
// NSLog(@"Can not find pub.der");
// return nil;
// }
NSString *fielName = [[NSUserDefaults standardUserDefaults]objectForKey:my_publicKeyFileName];
//NSLog(@"fielName:%@",fielName); fileName为.cer证书
if(!fielName)
{
NSLog(@"fielName nil");
return nil;
}
NSDate *certificateData = [NSData dataWithContentsOfFile:fielName];
if (certificateData == nil) {
NSLog(@"Can not read from pub.der");
return nil;
}
SecCertificateRef myCertificate = SecCertificateCreateWithData(kCFAllocatorDefault, (__bridge CFDataRef)certificateData);
SecPolicyRef myPolicy = SecPolicyCreateBasicX509();
SecTrustRef myTrust;
OSStatus status = SecTrustCreateWithCertificates(myCertificate,myPolicy,&myTrust);
SecTrustResultType trustResult;
if (status == noErr) {
status = SecTrustEvaluate(myTrust, &trustResult);
}
_public_key = SecTrustCopyPublicKey(myTrust);
CFRelease(myCertificate);
CFRelease(myPolicy);
CFRelease(myTrust);
}
return _public_key;
} + (NSData*) rsaEncryptString:(NSString*) string{ SecKeyRef key = [self getPublicKeyFile];
if(!key)
{
NSLog(@"secKeyRefNULL");
return nil;
} size_t cipherBufferSize = SecKeyGetBlockSize(key);
uint8_t *cipherBuffer = malloc(cipherBufferSize * sizeof(uint8_t));
NSData *stringBytes = [string dataUsingEncoding:NSUTF8StringEncoding];
size_t blockSize = cipherBufferSize - ;
size_t blockCount = (size_t)ceil([stringBytes length] / (double)blockSize);
NSMutableData *encryptedData = [[NSMutableData alloc] init];
for (int i=; i<blockCount; i++) {
int bufferSize = MIN(blockSize,[stringBytes length] - i * blockSize);
NSData *buffer = [stringBytes subdataWithRange:NSMakeRange(i * blockSize, bufferSize)];
OSStatus status = SecKeyEncrypt(key, kSecPaddingPKCS1, (const uint8_t *)[buffer bytes],
[buffer length], cipherBuffer, &cipherBufferSize);
if (status == noErr){
NSData *encryptedBytes = [[NSData alloc] initWithBytes:(const void *)cipherBuffer length:cipherBufferSize];
[encryptedData appendData:encryptedBytes]; }else{
if (cipherBuffer) free(cipherBuffer);
return nil;
}
} if (cipherBuffer) free(cipherBuffer);
// NSLog(@"Encrypted text (%d bytes): %@", [encryptedData length], [encryptedData description]);
// NSLog(@"Encrypted text base64: %@", [Base64 encode:encryptedData]);
return encryptedData;
}