HTTPS和RSA结合的数据安全传递
来源:互联网 发布:淘宝服饰店铺推荐 编辑:程序博客网 时间:2024/06/06 00:15
一 . 客户端和服务器必须进行安全的HTTPS数据传递
服务器端: 要到固定的CA证书机构去生成根证书,存放在服务器和客户端
客户端:除了存放根证书外,还要进行使用NSURLConnection 和NSURLSession 相应的HTTPS请求设置
二.iOS 中代码基于HTTPS的安全请求
1. NSURLConnection 的HTTPS请求
start request
{
_urlConnection = [[NSURLConnectionalloc] initWithRequest:_requestdelegate:self];
[_urlConnectionstart];
}
#pragma mark - NURLConnection delegate
// We use this method is to accept an untrusted site which unfortunately we need to do, as our PVM servers are self signed.
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
DLog(@"%s",__func__);
return [protectionSpace.authenticationMethodisEqualToString:NSURLAuthenticationMethodServerTrust];
}
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge;
{
NSLog(@"WebController Got auth challange via NSURLConnection");
DLog(@"%s",__func__);
if ([challengepreviousFailureCount] ==0)
{
_authenticated =YES;
NSURLCredential *credential = [NSURLCredentialcredentialForTrust:challenge.protectionSpace.serverTrust];
[challenge.senderuseCredential:credentialforAuthenticationChallenge:challenge];
} else
{
[[challenge sender]cancelAuthenticationChallenge:challenge];
}
}
- (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response;
{
NSLog(@"WebController received response via NSURLConnection");
NSHTTPURLResponse *repose= (NSHTTPURLResponse *)response;
if(repose.statusCode !=200)
{
[NetworkErrorViewshowNetworkErrorViewInView:self.viewerrorStr:@"网络出错啦"SelectBlock:^{
[selfstartRequestUrl];
}];
return;
}
if([self.webView.request.URL.absoluteStringcontainsString:@"https://qiangui.58.com/changewbid"])
{
return;
}
DLog(@"%s",__func__);
// remake a webview call now that authentication has passed ok.
_authenticated =YES;
[_webViewloadRequest:_request];
// Cancel the URL connection otherwise we double up (webview + url connection, same url = no good!)
[_urlConnectioncancel];
}
2. NSURLSession 的HTTPS的请求
- (void)startRequestWithUrl:(NSString *)url
{
NSURL *URL = [NSURLURLWithString:url];
NSURLSessionDownloadTask *task = [self.sessiondownloadTaskWithURL:URL];
[task resume];
}
// NSURLSessionAuthChallengeUseCredential = 0, 使用(信任)证书
// NSURLSessionAuthChallengePerformDefaultHandling = 1, 默认,忽略
// NSURLSessionAuthChallengeCancelAuthenticationChallenge = 2, 取消
// NSURLSessionAuthChallengeRejectProtectionSpace = 3, 这次取消,下载次还来问
// 工作中直接复制这一段代理Ok了
// 金融公司
// https 第一段认证过程
- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition,NSURLCredential * _Nullable))completionHandler{
NSLog(@"%s",__func__);
NSURLSessionAuthChallengeDisposition disposition =NSURLSessionAuthChallengePerformDefaultHandling;
__blockNSURLCredential *credential =nil;
if ([challenge.protectionSpace.authenticationMethodisEqualToString:NSURLAuthenticationMethodServerTrust]) {
credential = [NSURLCredentialcredentialForTrust:challenge.protectionSpace.serverTrust];
if (credential) {
disposition = NSURLSessionAuthChallengeUseCredential;
} else {
disposition = NSURLSessionAuthChallengePerformDefaultHandling;
}
} else {
disposition = NSURLSessionAuthChallengePerformDefaultHandling;
}
if (completionHandler) {
completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, credential);
}
}
// https 第二段认证过程
//- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge
// completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * __nullable credential))completionHandler {
// NSLog(@"%@",challenge.protectionSpace);
// // 如果是请求证书信任,我们再来处理,其他的不需要处理
// if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {
// NSURLCredential *cre = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
// // 调用block
// completionHandler(NSURLSessionAuthChallengeUseCredential,cre);
// }
//
//
//}
- (void)URLSession:(NSURLSession *)session dataTask:(NSURLSessionDataTask *)dataTask didReceiveData:(NSData *)data {
NSLog(@"%s",__func__);
NSLog(@"%@",[[NSStringalloc]initWithData:dataencoding:NSUTF8StringEncoding]);
}
- (void)URLSession:(NSURLSession *)session downloadTask:(NSURLSessionDownloadTask *)downloadTask
didWriteData:(int64_t)bytesWritten
totalBytesWritten:(int64_t)totalBytesWritten
totalBytesExpectedToWrite:(int64_t)totalBytesExpectedToWrite {
NSLog(@"%s",__func__);
float percent = (float)totalBytesWritten/totalBytesExpectedToWrite;
NSLog(@"%f",percent);
}
- (void)URLSession:(NSURLSession *)session downloadTask:(NSURLSessionDownloadTask *)downloadTask
didFinishDownloadingToURL:(NSURL *)location {
NSLog(@"%s",__func__);
// 下载完成之后,把相应的文件从临时文件拷贝到Caches目录中,因为临时目录的文件会在程序杀死时被杀死
NSString *dirPath = [NSSearchPathForDirectoriesInDomains(NSCachesDirectory,NSUserDomainMask, YES) firstObject];
NSString *path = [dirPathstringByAppendingPathComponent:@"1.mp3"];
NSFileManager *manager = [NSFileManagerdefaultManager];
if ([managerfileExistsAtPath:path isDirectory:NO]) {
[manager removeItemAtPath:patherror:nil];
}
[manager moveItemAtPath:[locationpath] toPath:patherror:nil];
}
- (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task
didCompleteWithError:(NSError *)error {
NSLog(@"%s:%lu",__func__,error.code);
}
如果在传输的过程中,不管是私钥串还是原文件被修改,在客户端比对时,都会失败,从而提高数据传输的安全性
- HTTPS和RSA结合的数据安全传递
- 第7章 数据的安全传输和身份验证 ——SSL和HTTPS编程
- android 数据安全中常用的加密算法 3 RSA
- 带你了解HTTPS和HTTP的区别,数据安全时代的到来!
- springMVC和easyUI结合使用(前后台通过json传递数据)的实例
- SpringMVC-----7、SpringMVC和json结合传递数据
- 更安全的HTTPS
- web安全的HTTPS
- https的安全密钥
- HTTPS的安全保护
- Source引擎 光能传递和凹凸贴图的革命性结合
- 自理解Https原理:证书传递,握手信息传递,数据加密解密的分析。
- 结合JAAS实现J2EE的安全认证和授权
- https安全传输和内容加密的短信接口代码
- 基于Nginx服务器和iOS9的HTTPS安全通信
- Chrome和HTTPS——安全Web的征途
- https 之 ssl安全证书的获取和安装
- Java Web 数据安全-面向Tomcat Server的HTTPS安全套接层配置
- 数据源配置boncp
- webservice学习笔记
- 51Nod-1432-独木舟
- Struts 2.5.2 HTTP Status 404 - There is no Action mapped for namespace [/] and action name [regist_A
- 事件监听机制
- HTTPS和RSA结合的数据安全传递
- POJ1753-Flip Game
- 一个万能的传送门
- css记录
- HTML5新标签学习总结(网页结构)下
- @requestBody @responseBody配置要点
- Oracle 删除数据时死机
- 在Eclipse上安装Activiti插件
- jsp页面判断图片大小。