iOS 之我的rsa双向加密经历

来源：互联网发布：最好的我们知乎编辑：程序博客网时间：2024/05/04 13:59

接到这个项目感觉很苦逼，因为之前木有接触过，没办法网上搜了些资料，自己尝试着做吧。

首先第一步，先注册一个自定义证书请看代码：

Last login: Thu Feb 27 16:03:27 on ttys001

SuberverterdeMac-mini:~ Subverter$ openssl req -x509 -out public_key.der -outform der -new -newkey rsa:1024 -keyout private_key.pem

Generating a 1024 bit RSA private key

...................++++++

..................................++++++

unable to write 'random state'

writing new private key to 'private_key.pem'

Enter PEM pass phrase:

Verifying - Enter PEM pass phrase:

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [AU]:bj

State or Province Name (full name) [Some-State]:bj

Locality Name (eg, city) []:bj

Organization Name (eg, company) [Internet Widgits Pty Ltd]:bj

Organizational Unit Name (eg, section) []:bj

Common Name (e.g. server FQDN or YOUR name) []:bj

Email Address []:2030086660@qq.com

照着写就是了，也可以自己重新命名。证书导入Xcode内，然后加密吧：

#import <Foundation/Foundation.h>

@interface RSA : NSObject{

SecKeyRef publicKey;

SecCertificateRef certificate;

SecPolicyRef policy;

SecTrustRef trust;

size_t maxPlainLen;

}

- (NSData *) encryptWithData:(NSData *)content;

- (NSData *) encryptWithString:(NSString *)content;

@end

#import "RSA.h"

@implementation RSA

- (id)init {

self = [superinit];

NSString *publicKeyPath = [[NSBundlemainBundle] pathForResource:@"public_key"

ofType:@"der"];

if (publicKeyPath ==nil) {

NSLog(@"Can not find pub.der");

returnnil;

}

NSDate *publicKeyFileContent = [NSDatadataWithContentsOfFile:publicKeyPath];

if (publicKeyFileContent ==nil) {

NSLog(@"Can not read from pub.der");

returnnil;

}

certificate = SecCertificateCreateWithData(kCFAllocatorDefault, (__bridge CFDataRef)publicKeyFileContent);

if (certificate ==nil) {

NSLog(@"Can not read certificate from pub.der");

returnnil;

}

policy =SecPolicyCreateBasicX509();

OSStatus returnCode =SecTrustCreateWithCertificates(certificate,policy, &trust);

if (returnCode !=0) {

NSLog(@"SecTrustCreateWithCertificates fail. Error Code: %ld", returnCode);

returnnil;

}

SecTrustResultType trustResultType;

returnCode =SecTrustEvaluate(trust, &trustResultType);

if (returnCode !=0) {

NSLog(@"SecTrustEvaluate fail. Error Code: %ld", returnCode);

returnnil;

}

publicKey =SecTrustCopyPublicKey(trust);

if (publicKey ==nil) {

NSLog(@"SecTrustCopyPublicKey fail");

returnnil;

}

maxPlainLen = SecKeyGetBlockSize(publicKey) -12;

returnself;

}

- (NSData *) encryptWithData:(NSData *)content {

size_t plainLen = [content length];

if (plainLen >maxPlainLen) {

NSLog(@"content(%ld) is too long, must < %ld", plainLen,maxPlainLen);

returnnil;

}

void *plain = malloc(plainLen);

[contentgetBytes:plain

length:plainLen];

size_t cipherLen = 128; // 当前RSA的密钥长度是128字节

void *cipher = malloc(cipherLen);

OSStatus returnCode = SecKeyEncrypt(publicKey, kSecPaddingPKCS1, plain,

plainLen, cipher, &cipherLen);

NSData *result = nil;

if (returnCode !=0) {

NSLog(@"SecKeyEncrypt fail. Error Code: %ld", returnCode);

}

else {

result = [NSDatadataWithBytes:cipher

length:cipherLen];

}

free(plain);

free(cipher);

return result;

}

- (NSData *) encryptWithString:(NSString *)content {

return [selfencryptWithData:[contentdataUsingEncoding:NSUTF8StringEncoding]];

}

@end

声明下，小编是在Xcode5下写的，也许你认为下面就结束了，哦，no。有些项目你是需要base64EncodeString的，那么这个你就需要了：

#import "NSData+Base64.h"

@implementation NSData_Base64

- (NSData*)formatWithData:(NSData*)data{

if (data && [datalength]>76) {

}return data;

}

+ (NSData *)dataWithBase64EncodedString:(NSString *)string

{

const char lookup[] =

{

99, 99, 99, 99, 99,99, 99, 99, 99, 99,99, 99, 99, 99, 99,99,

99, 99, 99, 99, 99,99, 99, 99, 99, 99,99, 62, 99, 99, 99,63,

52, 53, 54, 55, 56,57, 58, 59, 60, 61,99, 99, 99, 99, 99,99,

99, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13,14,

15, 16, 17, 18, 19,20, 21, 22, 23, 24,25, 99, 99, 99, 99,99,

99, 26, 27, 28, 29,30, 31, 32, 33, 34,35, 36, 37, 38, 39,40,

41, 42, 43, 44, 45,46, 47, 48, 49, 50,51, 99, 99, 99, 99,99

};

NSData *inputData = [stringdataUsingEncoding:NSASCIIStringEncodingallowLossyConversion:YES];

long long inputLength = [inputDatalength];

const unsignedchar *inputBytes = [inputData bytes];

long long maxOutputLength = (inputLength /4 + 1) * 3;

NSMutableData *outputData = [NSMutableDatadataWithLength:maxOutputLength];

unsigned char *outputBytes = (unsignedchar *)[outputData mutableBytes];

int accumulator =0;

long long outputLength =0;

unsigned char accumulated[] = {0,0, 0, 0};

for (longlong i = 0; i < inputLength; i++)

{

unsigned char decoded = lookup[inputBytes[i] &0x7F];

if (decoded !=99)

{

accumulated[accumulator] = decoded;

if (accumulator ==3)

{

outputBytes[outputLength++] = (accumulated[0] <<2) | (accumulated[1] >>4);

outputBytes[outputLength++] = (accumulated[1] <<4) | (accumulated[2] >>2);

outputBytes[outputLength++] = (accumulated[2] <<6) | accumulated[3];

}

accumulator = (accumulator +1) % 4;

}

//handle left-over data

if (accumulator >0) outputBytes[outputLength] = (accumulated[0] <<2) | (accumulated[1] >>4);

if (accumulator >1) outputBytes[++outputLength] = (accumulated[1] <<4) | (accumulated[2] >>2);

if (accumulator >2) outputLength++;

//truncate data to match actual output length

outputData.length = outputLength;

return outputLength? outputData:nil;

}

- (NSString *)base64EncodedStringWithWrapWidth:(NSUInteger)wrapWidth

{

//ensure wrapWidth is a multiple of 4

wrapWidth = (wrapWidth /4) * 4;

constchar lookup[] ="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

long long inputLength = [selflength];

const unsignedchar *inputBytes = [selfbytes];

long long maxOutputLength = (inputLength /3 + 1) * 4;

maxOutputLength += wrapWidth? (maxOutputLength / wrapWidth) *2: 0;

unsigned char *outputBytes = (unsignedchar *)malloc(maxOutputLength);

long long i;

long long outputLength =0;

for (i =0; i < inputLength - 2; i += 3)

{

outputBytes[outputLength++] = lookup[(inputBytes[i] &0xFC) >> 2];

outputBytes[outputLength++] = lookup[((inputBytes[i] &0x03) << 4) | ((inputBytes[i +1] & 0xF0) >>4)];

outputBytes[outputLength++] = lookup[((inputBytes[i +1] & 0x0F) <<2) | ((inputBytes[i + 2] & 0xC0) >> 6)];

outputBytes[outputLength++] = lookup[inputBytes[i +2] & 0x3F];

//add line break

if (wrapWidth && (outputLength +2) % (wrapWidth + 2) == 0)

{

outputBytes[outputLength++] ='\r';

outputBytes[outputLength++] ='\n';

}

//handle left-over data

if (i == inputLength -2)

{

// = terminator

outputBytes[outputLength++] = lookup[(inputBytes[i] &0xFC) >> 2];

outputBytes[outputLength++] = lookup[((inputBytes[i] &0x03) << 4) | ((inputBytes[i +1] & 0xF0) >>4)];

outputBytes[outputLength++] = lookup[(inputBytes[i +1] & 0x0F) <<2];

outputBytes[outputLength++] = '=';

}

else if (i == inputLength -1)

{

// == terminator

outputBytes[outputLength++] = lookup[(inputBytes[i] &0xFC) >> 2];

outputBytes[outputLength++] = lookup[(inputBytes[i] &0x03) << 4];

outputBytes[outputLength++] ='=';

}

//truncate data to match actual output length

outputBytes =realloc(outputBytes, outputLength);

NSString *result = [[NSStringalloc] initWithBytesNoCopy:outputByteslength:outputLength encoding:NSASCIIStringEncodingfreeWhenDone:YES];

#if !__has_feature(objc_arc)

[result autorelease];

#endif

return (outputLength >=4)? result: nil;

}

- (NSString *)base64EncodedString

{

return [selfbase64EncodedStringWithWrapWidth:0];

}

@end

做完这些加密就完成了，解密大家就自个写吧。写的很烂，希望对大家有点帮助仨。

0 0

iOS 之 我的rsa双向加密经历

iOS 之我的rsa双向加密经历