IOS RSA Encryption and decryption

Last Update:2016-03-28 Source: Internet

Author: User

Tags openssl rsa openssl x509

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Turn from--ring IOS RSA encryption and decryption

RAS encryption requires two sets of keys, a set of public keys, and a set of private keys.

Build command:

OpenSSL req-x509-out public_key.der-outform der-new-newkey rsa:2048-keyout Private_key.pem

Public_key.der is a public key file and Private_key.pem is a private key file.

Generate a private key file that can be referenced by iOS. PFX:

1. OpenSSL rsa-in private_key.pem-out Private_key.key

2. OpenSSL Req-new-key private_key.key-out PRIVATE_KEY.CRT

3. OpenSSL x509-req-days 3650-in private_key.crt-signkey private_key.key-out rsacert.crt

4. OpenSSL x509-outform der-in rsacert.crt-out rsacert.der

5. OpenSSL pkcs12-export-out Private_key.pfx-inkey private_key.key-in rsacert.crt

PRIVATE_KEY.PFX is the resulting file

References to public keys:

-(SECKEYREF) Getpublickey

{

Seccertificateref mycertificate = nil;

NSString *path = [[NSBundle mainbundle] pathforresource:@ "Public_key" oftype:@ "der"];

NSData *certificatedata = [NSData Datawithcontentsoffile:path];

Mycertificate = Seccertificatecreatewithdata (Kcfallocatordefault, (__bridgecfdataref) certificateData);

Secpolicyref MyPolicy = SecPolicyCreateBasicX509 ();

Sectrustref Mytrust;

Osstatus status = Sectrustcreatewithcertificates (Mycertificate,mypolicy,&mytrust);

Sectrustresulttype Trustresult;

if (status = = NOERR) {

Status = Sectrustevaluate (Mytrust, &trustresult);

}

Return Sectrustcopypublickey (Mytrust);

}

References to private keys

-(SECKEYREF) Getprivatekey

{

NSString *publickeypath = [[NSBundle mainbundle] pathforresource:@ "Private_key" oftype:@ "PFX"];

NSData *pfxkeydata = [[NSData Alloc]initwithcontentsoffile:publickeypath];

nsmutabledictionary * options = [[Nsmutabledictionary alloc] init];

[Options setobject:@ "Password" Forkey: (__bridge ID) ksecimportexportpassphrase];

Cfarrayref items = cfarraycreate (null, 0, 0, NULL);

Osstatus Securityerror = Secpkcs12import ((__bridge cfdataref) Pfxkeydata,

(__bridge cfdictionaryref) options, &items);

Cfdictionaryref identitydict = cfarraygetvalueatindex (items, 0);

Secidentityref Identityapp =

(SECIDENTITYREF) Cfdictionarygetvalue (Identitydict,

ksecimportitemidentity);

ASSERT (Securityerror = = NOERR);

Seckeyref Privatekeyref;

Secidentitycopyprivatekey (Identityapp, &privatekeyref);

return privatekeyref;

}

Public Key cryptography:

-(nsdata*) Rsaencryptwithdata: (nsdata*) Data usingkey: (SECKEYREF) key{

size_t cipherbuffersize = seckeygetblocksize (key);

uint8_t *cipherbuffer = malloc (cipherbuffersize * sizeof (uint8_t));

memset (void *) Cipherbuffer, 0*0, cipherbuffersize);

NSData *plaintextbytes = data;

size_t blockSize = cipherBufferSize-11;

size_t Blockcount = (size_t) ceil ([Plaintextbytes length]/(double) blockSize);

Nsmutabledata *encrypteddata = [Nsmutabledata datawithcapacity:0];

for (int i=0; i<blockcount; i++) {

int buffersize = MIN (blocksize,[plaintextbytes length]-i * blockSize);

NSData *buffer = [Plaintextbytes subdatawithrange:nsmakerange (i * blockSize, buffersize)];

Osstatus status = Seckeyencrypt (key,

KSecPaddingPKCS1,

(Const uint8_t *) [Buffer bytes],

[Buffer length],

Cipherbuffer,

&cipherbuffersize);

if (status = = NOERR) {

NSData *encryptedbytes = [NSData datawithbytes: (const void *) Cipherbuffer length:cipherbuffersize];

[EncryptedData appenddata:encryptedbytes];

}else{

if (Cipherbuffer) {

Free (cipherbuffer);

}

return nil;

}

if (cipherbuffer) free (cipherbuffer);

return EncryptedData;

}

Private key decryption:

-(nsdata*) Rsadecryptwithdata: (nsdata*) Data usingkey: (SECKEYREF) key{

NSData *wrappedsymmetrickey = data;

size_t cipherbuffersize = seckeygetblocksize (key);

size_t keybuffersize = [Wrappedsymmetrickey length];

Nsmutabledata *bits = [Nsmutabledata datawithlength:keybuffersize];

Osstatus Sanitycheck = Seckeydecrypt (Key,

KSecPaddingPKCS1,

(Const uint8_t *) [Wrappedsymmetrickey bytes],

Cipherbuffersize,

[Bits mutablebytes],

&keybuffersize);

Nsassert (Sanitycheck = = NOERR, @ "Error decrypting, Osstatus =%ld.", Sanitycheck);

[Bits setlength:keybuffersize];

return bits;

}

Encryption and decryption on the internet has written a good ras.m, you can refer to:

http://code4app.com/ios/RSA-Encrypt-and-Decrypt/5061d6476803faf86c000001

IOS RSA Encryption and decryption

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More