iPhone加密与证书 [英] iPhone encryption with certificate
问题描述
我必须加密一个字符串,并在我的xCode项目的资源文件夹中有一个.CER(x.509)。最后两天我花了多少时间来想象如何,但没有成功,所以是时候问了。
I have to encrypt a string and have a .CER (x.509) in the Resources folder of my xCode project. The last two days I have spent to imagine how, but no success, so it's time to ask.
苹果的文档很难阅读...和我看到这个框架可能是最难理解的一个框架,这两个样本都没有帮助。
The documentation of Apple is very difficult to read... and I see this framework is probably the hardest one to understand... neither the samples have helped.
所以,我尝试使用以下代码:显然它不起作用:
So, I have tried with the following code: obviously it does not work:
在我的Mac上使用OPENSSL,但我发现没有办法在SDK中重新创建OPENSSL命令。所以,我很困惑...任何人?
On my Mac I used OPENSSL but I found no way to recreate OPENSSL commands in the SDK. So, I'm pretty confused... anyone???
非常感谢:)
NSString *certPath = [[NSBundle mainBundle] pathForResource:@"Certificate" ofType:@"cer"];
SecCertificateRef myCertificate = nil;
NSData *certificateData = [[NSData alloc] initWithContentsOfFile:certPath];
myCertificate = SecCertificateCreateWithData(kCFAllocatorDefault, (CFDataRef)certificateData);
SecPolicyRef myPolicy = SecPolicyCreateBasicX509();
SecTrustRef myTrust;
SecTrustCreateWithCertificates(myCertificate, myPolicy, &myTrust);
SecKeyRef publicKey = SecTrustCopyPublicKey(myTrust);
uint8_t *pPlainText = (uint8_t*)"This is a test";
uint8_t aCipherText[1024];
size_t iCipherLength = 1024;
OSStatus status = SecKeyEncrypt(publicKey,
kSecPaddingPKCS1,
pPlainText,
strlen( (char*)pPlainText ) + 1,
aCipherText,
&iCipherLength);
}
推荐答案
p>我想你的更新的代码通过添加两行末:
I tried your updated code with the addition of two lines at the end:
NSData *cipherData = [NSData dataWithBytes:aCipherText length:iCipherLength];
NSLog(@"(%d) %@", status, cipherData);
工作正常:
2011-02-17 22:24:04.204 Untitled[45121:207] (0) <87a2eb07 25ab693a 7fe88329 974b6820
843c5c33 8c5d4606 aecea682 0176e4cb 10482c9b fd2e2242 1c77d349 d3037e91 8d704783
f2e04c82 ef273815 bdb6aa73 f8646542 243f3e12 518147ba 53636441 fd9399d3 b198ed6a
615d51d1 4105fb75 27180f0d 09835551 5162e156 33dedf39 a87e17f8 16881990 c5e57a38
7cd7ec63>
现在有一个区别是我使用的公钥在我的钥匙扣。如果你不是,你可能想看下面的import-an-ssl-cert-under-the-iphone-sdk链接。到目前为止,我只测试了模拟器,也可以是不同的,但我相信这是正确的。
Now one difference is that the public key I'm using is in my keychain. If yours isn't, you may want to look at the importing-an-ssl-cert-under-the-iphone-sdk link below. So far I've only tested on Simulator, which also can be different, but I believe this is correct.
如果还有问题,请确保检查结果的每个调用(如果它返回OSStatus,请检查)。哪一块失败?
If you still have trouble, make sure to check the result of each call (and if it returns OSStatus, check that). Which piece is failing?
你忘了打电话给$ code SecTrustEvaluate() SecTrustRef 之前调用 SecTrustCopyPublicKey()。检查 SecTrustCopyPublicKey()上的文档,解释这一点。
You forgot to call SecTrustEvaluate() on your SecTrustRef before calling SecTrustCopyPublicKey(). Check the docs on SecTrustCopyPublicKey() which explains this.
我相信这些帖子应该指向正确的方向:
I believe these posts should point you in the right direction:
http://greghaygood.com/2009/01/17/asymmetric-encryption-with-the-iphone-sdk-and-securityframework
另请注意,如果您已经有Mac的OpenSSL代码,则可以为iPhone编译OpenSSL。当我开发我的构建脚本时,这篇文章对我有用:
Also note that if you have OpenSSL code for Mac already, you can compile OpenSSL for iPhone. This post was useful for me when I developed my build scripts:
http://www.therareair.com/2009/01/01/tutorial-how-to-compile-openssl-for -the-iphone /
这篇关于iPhone加密与证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
