[英]Exporting public key in pkcs#1 format on iOS?
How does one export an RSA public key that has been generated with SecKeyGeneratePair
in pkcs#8 format? 如何导出用
SecKeyGeneratePair
#8格式的SecKeyGeneratePair
生成的RSA公钥?
I'm currently writing an iOS app that needs to be able to generate RSA private/public key pairs, sign a piece of content and export the public key in pkcs#8 format to be sent to the server. 我目前正在编写一个iOS应用程序,需要能够生成RSA私钥/公钥对,签署一段内容并导出pkcs#8格式的公钥以发送到服务器。 So far I'm generating my pair with
SecKeyGeneratePair
, retrieving my public and private keys with SecItemCopyMatching
and signing things with SecKeyRawSign
, which all seems to be working fine and the signature is verifying just fine for testing with SecKeyRawVerify
. 到目前为止,我生成我对与
SecKeyGeneratePair
,检索与我的公钥和私钥SecItemCopyMatching
与和签名的东西SecKeyRawSign
,这一切似乎是工作的罚款和签名验证是蛮好用的测试SecKeyRawVerify
。 But I am unfortunately coming up completely blank on how to export the public key properly in pkcs#8. 但遗憾的是,对于如何在pkcs#8中正确导出公钥,我完全空白了。
Thank you in advance for any help. 预先感谢您的任何帮助。
From experience, if you need to do something that doesn't look like it's supported by the iOS security framework then build and link your own copy of OpenSSL into your project. 根据经验,如果您需要做一些看起来不像iOS安全框架支持的内容,那么构建并将您自己的OpenSSL副本链接到您的项目中。 Although iOS apparently uses OpenSSL internally, very little of it is exposed to application developers.
尽管iOS显然在内部使用OpenSSL,但很少有它暴露给应用程序开发人员。
Grab one of the many OpenSSL-for-iOS projects out there, for example this one , and get going. 抓住众多OpenSSL-for-iOS项目中的一个 ,例如这个项目,然后开始。
Using OpenSSL directly has a number of advantages, a few of them being lots of sample code and on-line documentation at http://openssl.org , and you can pretty much do anything you need to that's crypto-related. 直接使用OpenSSL有许多优点,其中一些是http://openssl.org上的大量示例代码和在线文档,你几乎可以做任何与加密相关的事情。
Update : there are now multiple versions of OpenSSL available via Cocopods: OpenSSL and OpenSSL-Universal which should make importing OpenSSL into your iOS or OSX project a lot easier. 更新 :现在有多个版本的OpenSSL可通过Cocopods获得: OpenSSL和OpenSSL-Universal ,它们可以使OpenSSL更容易地导入iOS或OSX项目。
The process described on http://blog.wingsofhermes.org/?p=42 allows exporting properly formatted rsa public keys easily without the need for adding external libraries. http://blog.wingsofhermes.org/?p=42上描述的过程允许轻松导出格式正确的rsa公钥,而无需添加外部库。 In short, iOS was doing things properly except that it exports keys without proper encoding.
简而言之,iOS正在做正确的事情,除了它没有正确的编码导出密钥。
It wasn't the easiest post to find so hopefully this link to it saves someone some time in the future. 这不是最容易找到的帖子,所以希望这个链接可以在将来节省一些时间。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.