服务器使用字符串公钥进行RSA加密
[英]RSA Encryption With String Public Key From Server
问题描述
I'am tying to encrypt string password using RSA . 
我想使用RSA加密字符串密码。 but the function that i'am using is generating the public key which is SecKey data type and that is not what i need because i'm getting the public key from the server response as a String . 但是我正在使用的函数正在生成SecKey数据类型的公钥,这不是我所需要的,因为我从服务器响应中获取的String为String。 i used many libraries but also the same, generating public key SecKey . 我使用了许多库,但也使用了相同的库,生成了公共密钥SecKey。
the class bellow showing what i meant i want to change the function func encryptBase64(text: String, secKey: SecKey) -> String { to be like that func encryptBase64(text: String, publicKey: String) -> String { 该类波纹管显示了我的意思后,我想更改函数func cryptobase64(text:String,secKey:SecKey)-> String {就像那个func cryptoBase64(text:String,publicKey:String)-> String {
class RSAWrapper { private var publicKey : SecKey? class RSAWrapper {private var publicKey:SecKey? private var privateKey : SecKey? private var privateKey:SecKey?
func generateKeyPair(keySize: UInt, privateTag: String, publicTag: String) -> Bool {
self.publicKey = nil
self.privateKey = nil
if (keySize != 512 && keySize != 1024 && keySize != 2048) {
// Failed
print("Key size is wrong")
return false
}
let publicKeyParameters: [NSString: AnyObject] = [
kSecAttrIsPermanent: true as AnyObject,
kSecAttrApplicationTag: publicTag as AnyObject
]
let privateKeyParameters: [NSString: AnyObject] = [
kSecAttrIsPermanent: true as AnyObject,
kSecAttrApplicationTag: publicTag as AnyObject
]
let parameters: [String: AnyObject] = [
kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
kSecAttrKeySizeInBits as String: keySize as AnyObject,
kSecPrivateKeyAttrs as String: privateKeyParameters as AnyObject,
kSecPublicKeyAttrs as String: publicKeyParameters as AnyObject
];
let status : OSStatus = SecKeyGeneratePair(parameters as CFDictionary, &(self.publicKey), &(self.privateKey))
return (status == errSecSuccess && self.publicKey != nil && self.privateKey != nil)
}
func encrypt(text: String) -> [UInt8] {
let plainBuffer = [UInt8](text.utf8)
var cipherBufferSize : Int = Int(SecKeyGetBlockSize((self.publicKey!)))
var cipherBuffer = [UInt8](repeating:0, count:Int(cipherBufferSize))
// Encrypto should less than key length
let status = SecKeyEncrypt((self.publicKey)!, SecPadding.PKCS1, plainBuffer, plainBuffer.count, &cipherBuffer, &cipherBufferSize)
if (status != errSecSuccess) {
print("Failed Encryption")
}
return cipherBuffer
}
func decprypt(encrpted: [UInt8]) -> String? {
var plaintextBufferSize = Int(SecKeyGetBlockSize((self.privateKey)!))
var plaintextBuffer = [UInt8](repeating:0, count:Int(plaintextBufferSize))
let status = SecKeyDecrypt((self.privateKey)!, SecPadding.PKCS1, encrpted, plaintextBufferSize, &plaintextBuffer, &plaintextBufferSize)
if (status != errSecSuccess) {
print("Failed Decrypt")
return nil
}
return NSString(bytes: &plaintextBuffer, length: plaintextBufferSize, encoding: String.Encoding.utf8.rawValue)! as String
}
func encryptBase64(text: String, secKey: SecKey) -> String {
let plainBuffer = [UInt8](text.utf8)
var cipherBufferSize : Int = Int(SecKeyGetBlockSize((secKey)))
var cipherBuffer = [UInt8](repeating:0, count:Int(cipherBufferSize))
// Encrypto should less than key length
let status = SecKeyEncrypt((self.publicKey)!, SecPadding.PKCS1, plainBuffer, plainBuffer.count, &cipherBuffer, &cipherBufferSize)
if (status != errSecSuccess) {
print("Failed Encryption")
}
let mudata = NSData(bytes: &cipherBuffer, length: cipherBufferSize)
return mudata.base64EncodedString(options: NSData.Base64EncodingOptions.lineLength64Characters)
}
func decpryptBase64(encrpted: String) -> String? {
let data : NSData = NSData(base64Encoded: encrpted, options: .ignoreUnknownCharacters)!
let count = data.length / MemoryLayout<UInt8>.size
var array = [UInt8](repeating: 0, count: count)
data.getBytes(&array, length:count * MemoryLayout<UInt8>.size)
var plaintextBufferSize = Int(SecKeyGetBlockSize((self.privateKey)!))
var plaintextBuffer = [UInt8](repeating:0, count:Int(plaintextBufferSize))
let status = SecKeyDecrypt((self.privateKey)!, SecPadding.PKCS1, array, plaintextBufferSize, &plaintextBuffer, &plaintextBufferSize)
if (status != errSecSuccess) {
print("Failed Decrypt")
return nil
}
return NSString(bytes: &plaintextBuffer, length: plaintextBufferSize, encoding: String.Encoding.utf8.rawValue)! as String
}
func getPublicKey() -> SecKey? {
return self.publicKey
}
func getPrivateKey() -> SecKey? {
return self.privateKey
}
} }
1 个解决方案
解决方案1
0 2019-01-15 15:02:44
The keys concept are: 关键概念是:
The server as a key pair 服务器作为密钥对
- Public Key 公钥
- Private key 私钥
The application as a key pair too 该应用程序也作为密钥对
- Public Key 公钥
- Private key 私钥
So the server should know the app public key and the app should know the server public key. 因此,服务器应该知道应用程序的公共密钥,而应用程序应该知道服务器的公共密钥。
When the server wants to encrypt some payload to the app, the server encrypts with the app public and send it to the app. 当服务器要对应用程序的某些有效负载进行加密时,服务器将应用程序公共进行加密并将其发送给应用程序。 The app decrypts the payload with app private key. 应用程序使用应用程序私钥解密有效负载。
When the app wants to encrypt some payload to the server, the app encrypts with the server public key and send it to the server. 当应用程序想要对服务器的某些有效载荷进行加密时,该应用程序将使用服务器公钥进行加密并将其发送到服务器。 The server decrypts the payload with server private key. 服务器使用服务器私钥解密有效负载。
This is how the communication with key pairs should works. 这就是与密钥对进行通信的方式。
In your case, you should only need to know the server public key because you only need to send things to the server and you shouldn't need to generate the app key pair. 在您的情况下,您只需要知道服务器的公共密钥,因为您只需要将内容发送到服务器,而无需生成应用程序密钥对。
Check this link in order to encrypt with the server public key. 检查此链接为了使用服务器公用密钥加密。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.