iOS SecItemCopyMatching RSA公钥格式? [英] iOS SecItemCopyMatching RSA public key format?
问题描述
我正在尝试从已生成的密钥对(两个 SecKeyRef s)中提取一个1024位的RSA公钥,以便通过线路发送。我需要的是一个简单的(模数,指数)对,它应该占用131个字节(模数的128和指数的3)。
然而,当我以 NSData 对象获取键信息时,我得到140位而不是131.这里是一个示例结果: / p>
< 30818902 818100d7 514f320d eacf48e1 eb64d8f9 4d212f77 10dd3b48 ba38c5a6
ed6ba693 35bb97f5 a53163eb b403727b 91c34fc8 cba51239 3ab04f97 dab37736
0377cdc3 417f68eb 9e351239 47c1f98f f4274e05 0d5ce1e9 e2071d1b 69a7cac4
4e258765 6c249077 dba22ae6 fc55f0cf 834f260a 14ac2e9f 070d17aa 1edd8db1
0cd7fd4c c2f0d302 03010001>
重试密钥生成几次后,比较生成的 NSData 对象,所有键的字节保持不变的是第一个7:
< 30818902 818100 ;
最后三个字节看起来像指数(65537,一个公共值)。在模数和指数之间还有两个字节:
< 0203&
有更多加密经验的人能帮我识别这是什么编码? DER?如何正确解码模数和指数?
我尝试使用
手动去除模数和指数。 NSData * modulus = [keyBits subdataWithRange:(NSRange){7,128}];
NSData * exponent = [keyBits subdataWithRange:(NSRange){7 + 128 + 2,3}];
但是当尝试解密远程主机使用key编码的数据时会出现错误。 / p>
编辑:
这里是我解决RSA blob解决方案的一个要点: https://gist.github.com/vl4dimir/6079882
假设您希望解决方案在iOS下工作,请查看这个线程。该帖子确认编码是DER,并显示如何从您开始的 NSData 对象中提取指数和模数。
有另一个解决方案不能在iOS上工作,但将在安装OpenSSL的桌面系统(包括MacOS X)上工作此线程。即使您正在寻找仅限iOS的解决方案,您仍然可以使用此来验证您的代码是否正常工作。
I'm trying to extract a 1024-bit RSA public key from an already generated key pair (two SecKeyRefs), in order to send it over the wire. All I need is a plain (modulus, exponent) pair, which should take up exactly 131 bytes (128 for the modulus and 3 for the exponent).
However, when I fetch the key info as a NSData object, I get 140 bits instead of 131. Here's an example result:
<30818902 818100d7 514f320d eacf48e1 eb64d8f9 4d212f77 10dd3b48 ba38c5a6
ed6ba693 35bb97f5 a53163eb b403727b 91c34fc8 cba51239 3ab04f97 dab37736
0377cdc3 417f68eb 9e351239 47c1f98f f4274e05 0d5ce1e9 e2071d1b 69a7cac4
4e258765 6c249077 dba22ae6 fc55f0cf 834f260a 14ac2e9f 070d17aa 1edd8db1
0cd7fd4c c2f0d302 03010001>
After retrying the key generation a couple of times and comparing the resulting NSData objects, the bytes that remain the same for all keys are the first 7:
<30818902 818100>
The last three bytes look like the exponent (65537, a common value). There are also two bytes between the "modulus" and the exponent:
<0203>
Can someone with more crypto experience help me identify what encoding is this? DER? How do I properly decode the modulus and exponent?
I tried manually stripping out the modulus and exponent using
NSData* modulus = [keyBits subdataWithRange:(NSRange){ 7, 128 }];
NSData* exponent = [keyBits subdataWithRange:(NSRange){ 7 + 128 + 2, 3 }];
but I get errors when trying to decrypt data which the remote host encoded using that "key".
EDIT:
Here's a gist of the solution I ended up using to unpack the RSA blob: https://gist.github.com/vl4dimir/6079882
Assuming you want the solution to work under iOS, please have a look at this thread. The post confirms that the encoding is DER and shows how to extract the exponent and modulus from the NSData object you started with.
There is another solution that won't work on iOS, but will work on Desktop systems (including MacOS X) that have OpenSSL installed in this thread. Even if you are looking for the iOS-only solution you can still use this to verify your code is working correctly.
这篇关于iOS SecItemCopyMatching RSA公钥格式?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
