Turn from--ring IOS RSA encryption and decryption
RAS encryption requires two sets of keys, a set of public keys, and a set of private keys.
Build command:
OpenSSL req-x509-out public_key.der-outform der-new-newkey rsa:2048-keyout Private_key.pem
Public_key.der is a public key file and Private_key.pem is a private key file.
Generate a private key file that can be referenced by iOS. PFX:
1. OpenSSL rsa-in private_key.pem-out Private_key.key
2. OpenSSL Req-new-key private_key.key-out PRIVATE_KEY.CRT
3. OpenSSL x509-req-days 3650-in private_key.crt-signkey private_key.key-out rsacert.crt
4. OpenSSL x509-outform der-in rsacert.crt-out rsacert.der
5. OpenSSL pkcs12-export-out Private_key.pfx-inkey private_key.key-in rsacert.crt
PRIVATE_KEY.PFX is the resulting file
References to public keys:
-(SECKEYREF) Getpublickey
{
Seccertificateref mycertificate = nil;
NSString *path = [[NSBundle mainbundle] pathforresource:@ "Public_key" oftype:@ "der"];
NSData *certificatedata = [NSData Datawithcontentsoffile:path];
Mycertificate = Seccertificatecreatewithdata (Kcfallocatordefault, (__bridgecfdataref) certificateData);
Secpolicyref MyPolicy = SecPolicyCreateBasicX509 ();
Sectrustref Mytrust;
Osstatus status = Sectrustcreatewithcertificates (Mycertificate,mypolicy,&mytrust);
Sectrustresulttype Trustresult;
if (status = = NOERR) {
Status = Sectrustevaluate (Mytrust, &trustresult);
}
Return Sectrustcopypublickey (Mytrust);
}
References to private keys
-(SECKEYREF) Getprivatekey
{
NSString *publickeypath = [[NSBundle mainbundle] pathforresource:@ "Private_key" oftype:@ "PFX"];
NSData *pfxkeydata = [[NSData Alloc]initwithcontentsoffile:publickeypath];
nsmutabledictionary * options = [[Nsmutabledictionary alloc] init];
[Options setobject:@ "Password" Forkey: (__bridge ID) ksecimportexportpassphrase];
Cfarrayref items = cfarraycreate (null, 0, 0, NULL);
Osstatus Securityerror = Secpkcs12import ((__bridge cfdataref) Pfxkeydata,
(__bridge cfdictionaryref) options, &items);
Cfdictionaryref identitydict = cfarraygetvalueatindex (items, 0);
Secidentityref Identityapp =
(SECIDENTITYREF) Cfdictionarygetvalue (Identitydict,
ksecimportitemidentity);
ASSERT (Securityerror = = NOERR);
Seckeyref Privatekeyref;
Secidentitycopyprivatekey (Identityapp, &privatekeyref);
return privatekeyref;
}
Public Key cryptography:
-(nsdata*) Rsaencryptwithdata: (nsdata*) Data usingkey: (SECKEYREF) key{
size_t cipherbuffersize = seckeygetblocksize (key);
uint8_t *cipherbuffer = malloc (cipherbuffersize * sizeof (uint8_t));
memset (void *) Cipherbuffer, 0*0, cipherbuffersize);
NSData *plaintextbytes = data;
size_t blockSize = cipherBufferSize-11;
size_t Blockcount = (size_t) ceil ([Plaintextbytes length]/(double) blockSize);
Nsmutabledata *encrypteddata = [Nsmutabledata datawithcapacity:0];
for (int i=0; i<blockcount; i++) {
int buffersize = MIN (blocksize,[plaintextbytes length]-i * blockSize);
NSData *buffer = [Plaintextbytes subdatawithrange:nsmakerange (i * blockSize, buffersize)];
Osstatus status = Seckeyencrypt (key,
KSecPaddingPKCS1,
(Const uint8_t *) [Buffer bytes],
[Buffer length],
Cipherbuffer,
&cipherbuffersize);
if (status = = NOERR) {
NSData *encryptedbytes = [NSData datawithbytes: (const void *) Cipherbuffer length:cipherbuffersize];
[EncryptedData appenddata:encryptedbytes];
}else{
if (Cipherbuffer) {
Free (cipherbuffer);
}
return nil;
}
}
if (cipherbuffer) free (cipherbuffer);
return EncryptedData;
}
Private key decryption:
-(nsdata*) Rsadecryptwithdata: (nsdata*) Data usingkey: (SECKEYREF) key{
NSData *wrappedsymmetrickey = data;
size_t cipherbuffersize = seckeygetblocksize (key);
size_t keybuffersize = [Wrappedsymmetrickey length];
Nsmutabledata *bits = [Nsmutabledata datawithlength:keybuffersize];
Osstatus Sanitycheck = Seckeydecrypt (Key,
KSecPaddingPKCS1,
(Const uint8_t *) [Wrappedsymmetrickey bytes],
Cipherbuffersize,
[Bits mutablebytes],
&keybuffersize);
Nsassert (Sanitycheck = = NOERR, @ "Error decrypting, Osstatus =%ld.", Sanitycheck);
[Bits setlength:keybuffersize];
return bits;
}
Encryption and decryption on the internet has written a good ras.m, you can refer to:
http://code4app.com/ios/RSA-Encrypt-and-Decrypt/5061d6476803faf86c000001
IOS RSA Encryption and decryption