iPhone:如何从公钥文件(PEM)创建SecKeyRef [英] iPhone: How to create a SecKeyRef from a public key file (PEM)
问题描述
为了从iPhone发送和接收加密的消息,我需要读取一个公共密钥(服务器的公钥)PEM文件并创建一个SecKeyRef(以后我甚至可以将其存储在钥匙串上,以便不创建它)再次)。
In order to send and receive encrypted messages from/to the iPhone I need to read a public key (server's public key) PEM file and create a SecKeyRef (later I could even store it on the keychain in order not to create it again).
这是我目前的工作流程:
This is my current workflow:
- 在服务器上:使用用户的证书和私钥创建一个P12文件。将用户的公钥存储在服务器的钥匙串上。
- 在iPhone上:从服务器检索P12文件,使用密码将其打开并将密钥存储在钥匙串上。 li>
- 在iPhone上:使用服务器的公钥检索PEM文件。创建一个SecKeyRef并将其存储在钥匙串上
- 在iPhone上:使用两个密钥向/从服务器发送/接收加密消息。
- 以前幸福快乐。
- On the server: Create a P12 file with the user's certificate and private key. Store the user's public key on the server's keychain.
- On the iPhone: Retrieve the P12 file from the server, use the password to open it and store the private key on the keychain.
- On the iPhone: Retrieve a PEM file with the server's public key from the server. Create a SecKeyRef and store it on the keychain
- On the iPhone: use both keys to send/receive encrypted messages to/from the server.
- Live happily ever after.
我遇到问题3,因为我不能从PEM文件数据创建一个SecKeyRef。我找不到任何有关如何做的文件,有人有同样的问题吗?任何提示?由于我找不到任何代码示例或文档,感觉我正在做错事...
I'm having problems with 3, as I cannot create a SecKeyRef from the PEM file data. I cannot find any documentation on how to do it, Did anybody had the same problem? Any hints? As I cannot find any code examples or documentation on this it feels that I'm doing something wrong...
谢谢!
推荐答案
您应该能够解释一个DER编码的pem,并使用 SecCertificateCreateWithData()
然后提取一个键;
You should be able to interpret a DER encoded pem and get a cert using SecCertificateCreateWithData()
from which you can then extract a key;
NSData *myCertData = ....;
SecCertificateRef cert = SecCertificateCreateWithData (kCFAllocatorDefault, myCertData);
CFArrayRef certs = CFArrayCreate(kCFAllocatorDefault, (const void **) &cert, 1, NULL);
SecTrustRef trust;
SecTrustCreateWithCertificates(certs, policy, &trust);
SecTrustResultType trustResult;
SecTrustEvaluate(trust, &trustResult);
SecKeyRef pub_key_leaf = SecTrustCopyPublicKey(trust);
这篇关于iPhone:如何从公钥文件(PEM)创建SecKeyRef的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!