通过ios实现RSA加密解密中的 RSAEncryptor.h/m相关代码
2016-02-16 20:02
633 查看
RSAEncryptor.h代码
RSAEncryptor.m代码
// // RSAEncryptor.h // 121mai // // Created by 薛XX on 16/2/16. // // #import <Foundation/Foundation.h> @interface RSAEncryptor : NSObject #pragma mark - Instance Methods -(void) loadPublicKeyFromFile: (NSString*) derFilePath; -(void) loadPublicKeyFromData: (NSData*) derData; -(void) loadPrivateKeyFromFile: (NSString*) p12FilePath password:(NSString*)p12Password; -(void) loadPrivateKeyFromData: (NSData*) p12Data password:(NSString*)p12Password;-(NSString*) rsaEncryptString:(NSString*)string; -(NSData*) rsaEncryptData:(NSData*)data ; -(NSString*) rsaDecryptString:(NSString*)string; -(NSData*) rsaDecryptData:(NSData*)data; #pragma mark - Class Methods+(void) setSharedInstance: (RSAEncryptor*)instance; +(RSAEncryptor*) sharedInstance; @end
RSAEncryptor.m代码
// // RSAEncryptor.m // 121mai // // Created by 薛XX on 16/2/16. // // #import "RSAEncryptor.h" #import <Security/Security.h> #import "NSData+Base64.h" @implementation RSAEncryptor { SecKeyRef publicKey; SecKeyRef privateKey; } -(void)dealloc{ CFRelease(publicKey); CFRelease(privateKey); } -(SecKeyRef) getPublicKey { return publicKey; } -(SecKeyRef) getPrivateKey { return privateKey; } -(void) loadPublicKeyFromFile: (NSString*) derFilePath{ NSData *derData = [[NSData alloc] initWithContentsOfFile:derFilePath]; [self loadPublicKeyFromData: derData]; } -(void) loadPublicKeyFromData: (NSData*) derData{ publicKey = [self getPublicKeyRefrenceFromeData: derData]; } -(void) loadPrivateKeyFromFile: (NSString*) p12FilePath password:(NSString*)p12Password{ NSData *p12Data = [NSData dataWithContentsOfFile:p12FilePath]; [self loadPrivateKeyFromData: p12Data password:p12Password]; } -(void) loadPrivateKeyFromData: (NSData*) p12Data password:(NSString*)p12Password{ privateKey = [self getPrivateKeyRefrenceFromData: p12Data password: p12Password]; } #pragma mark - Private Methods -(SecKeyRef) getPublicKeyRefrenceFromeData: (NSData*)derData{ SecCertificateRef myCertificate = SecCertificateCreateWithData(kCFAllocatorDefault, (__bridge CFDataRef)derData); SecPolicyRef myPolicy = SecPolicyCreateBasicX509(); SecTrustRef myTrust; OSStatus status = SecTrustCreateWithCertificates(myCertificate,myPolicy,&myTrust); SecTrustResultType trustResult; if (status == noErr) { status = SecTrustEvaluate(myTrust, &trustResult); } SecKeyRef securityKey = SecTrustCopyPublicKey(myTrust); CFRelease(myCertificate); CFRelease(myPolicy); CFRelease(myTrust); return securityKey; } -(SecKeyRef) getPrivateKeyRefrenceFromData: (NSData*)p12Data password:(NSString*)password{ SecKeyRef privateKeyRef = NULL; NSMutableDictionary * options = [[NSMutableDictionary alloc] init]; [options setObject: password forKey:(__bridge id)kSecImportExportPassphrase]; CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL); OSStatus securityError = SecPKCS12Import((__bridge CFDataRef) p12Data, (__bridge CFDictionaryRef)options, &items); if (securityError == noErr && CFArrayGetCount(items) > 0) { CFDictionaryRef identityDict = CFArrayGetValueAtIndex(items, 0); SecIdentityRef identityApp = (SecIdentityRef)CFDictionaryGetValue(identityDict, kSecImportItemIdentity); securityError = SecIdentityCopyPrivateKey(identityApp, &privateKeyRef); if (securityError != noErr) { privateKeyRef = NULL; } } CFRelease(items); return privateKeyRef; } #pragma mark - Encrypt -(NSString*) rsaEncryptString:(NSString*)string { NSData* data = [string dataUsingEncoding:NSUTF8StringEncoding]; NSData* encryptedData = [self rsaEncryptData: data]; NSString* base64EncryptedString = [encryptedData base64EncodedString]; return base64EncryptedString; }// 加密的大小受限于SecKeyEncrypt函数,SecKeyEncrypt要求明文和密钥的长度一致,如果要加密更长的内容,需要把内容按密钥长度分成多份,然后多次调用SecKeyEncrypt来实现 -(NSData*) rsaEncryptData:(NSData*)data { SecKeyRef key = [self getPublicKey]; size_t cipherBufferSize = SecKeyGetBlockSize(key); uint8_t *cipherBuffer = malloc(cipherBufferSize * sizeof(uint8_t)); size_t blockSize = cipherBufferSize - 11; // 分段加密 size_t blockCount = (size_t)ceil([data length] / (double)blockSize); NSMutableData *encryptedData = [[NSMutableData alloc] init] ; for (int i=0; i<blockCount; i++) { int bufferSize = MIN(blockSize,[data length] - i * blockSize); NSData *buffer = [data subdataWithRange:NSMakeRange(i * blockSize, bufferSize)]; OSStatus status = SecKeyEncrypt(key, kSecPaddingPKCS1, (const uint8_t *)[buffer bytes], [buffer length], cipherBuffer, &cipherBufferSize); if (status == noErr){ NSData *encryptedBytes = [[NSData alloc] initWithBytes:(const void *)cipherBuffer length:cipherBufferSize]; [encryptedData appendData:encryptedBytes]; }else{ if (cipherBuffer) { free(cipherBuffer); } return nil; } } if (cipherBuffer){ free(cipherBuffer); } return encryptedData; } #pragma mark - Decrypt -(NSString*) rsaDecryptString:(NSString*)string { NSData* data = [NSData dataFromBase64String: string]; NSData* decryptData = [self rsaDecryptData: data]; NSString* result = [[NSString alloc] initWithData: decryptData encoding:NSUTF8StringEncoding]; return result; } -(NSData*) rsaDecryptData:(NSData*)data { SecKeyRef key = [self getPrivateKey]; size_t cipherLen = [data length]; void *cipher = malloc(cipherLen); [data getBytes:cipher length:cipherLen]; size_t plainLen = SecKeyGetBlockSize(key) - 12; void *plain = malloc(plainLen); OSStatus status = SecKeyDecrypt(key, kSecPaddingPKCS1, cipher, cipherLen, plain, &plainLen); if (status != noErr) { return nil; } NSData *decryptedData = [[NSData alloc] initWithBytes:(const void *)plain length:plainLen]; return decryptedData; } #pragma mark- Class Methodsstatic RSAEncryptor* sharedInstance = nil; +(void) setSharedInstance: (RSAEncryptor*)instance{ sharedInstance = instance;}+(RSAEncryptor*) sharedInstance{ return sharedInstance; } @end
相关文章推荐
- 通过ios实现RSA加密解密中的 NSString+Base64.h/m相关代码
- 通过ios实现RSA加密解密中的 NSData+Base64.h/m相关代码
- 通过ios实现RSA加密和解密
- iOS本地推送(本地通知)
- Xcode预处理命令、控制台调试命令、 iOS事件拦截
- Missing iOS Distribution signing identity for …, 在打包的时候发现证书过期了。
- iOS的DeviceToken随生产环境和开发环境变化
- iOS 开发中,如何实现高效的大量(如十万级)推送通知?
- ios开发有关远程推送的测试版和正式发布版的区别
- 配置超级用户口令(Cisco IOS系统)
- iOS 设置头像圆角效果
- iOS 开发证书签发者无效
- iOS 关联外部应用
- iOS 通知 证书 设置指南
- iOS推送小结(证书的生成、客户端的开发、服务端的开发)
- ios 开发--使用模态跳转了2次之后怎么从第三个视图控制器回到跟视图控制器
- 如何成为一名入门级 iOS 开发者
- iOS中关于证书签发者无效的问题
- 《转载》IOS高级开发~开机启动&无限后台运行&监听进程
- IOS开发证书变成“此证书的签发者无效”解决方法