堆栈内存溢出
  繁体   English   中英

RSA加密文件大于PublicKey

[英]RSA Encryption File larger than PublicKey

 原文  2014-03-21 15:52:16       ios/ iphone/ objective-c/ ios7/ public-key-encryption

问题描述

使用以下方法,我可以成功加密不大于256Bit的NSData-Object: 

OSStatus SecCertificateCopyPublicKey (
                                  SecCertificateRef certificate,
                                  SecKeyRef *key
                                  );

- (NSData *)encryptWithData:(NSData *)content {

OSStatus result = -1;

NSData *plainTextData = content;//[@"123456789" dataUsingEncoding:NSUTF8StringEncoding];
size_t plainTextLength = [plainTextData length];

SecTrustRef trustRef;
SecTrustResultType trustResult;

SecPolicyRef policy = SecPolicyCreateBasicX509();

NSData *certificateData = [self getPublicKey];

SecCertificateRef cert = NULL;
if( [certificateData length] ) {
    cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)certificateData);
    if( cert != NULL ) {
        CFStringRef certSummary = SecCertificateCopySubjectSummary(cert);
        NSString* summaryString = [[NSString alloc] initWithString:(__bridge NSString*)certSummary];
        NSLog(@"CERT SUMMARY: %@", summaryString);
        CFRelease(certSummary);
    } else {
        NSLog(@" *** ERROR *** trying to create the SSL certificate from data located, but failed");
    }
}

result = SecTrustCreateWithCertificates(cert, policy, &trustRef);

if (result != errSecSuccess) {
    NSLog(@"Trust create failed with code: %d",(int)result);
    return nil;
}

result = SecTrustEvaluate(trustRef, &trustResult);

if (result != errSecSuccess) {
    NSLog(@"Trust eval failed with code: %d",(int)result);

    CFRelease(trustRef);
    return nil;
}

SecKeyRef publicKey = SecTrustCopyPublicKey(trustRef);

uint8_t *cipherTextBuf = NULL;


size_t keyBlockSize = SecKeyGetBlockSize(publicKey);
int maxInputSize = keyBlockSize - 11; //If using PKCS1 Padding, else keyBlockSize
size_t cipherTextLen = keyBlockSize;

if (plainTextLength > maxInputSize) {
    //Fail
    NSLog(@"Data size is larger than max permitted!");

    CFRelease(trustRef);
    CFRelease(publicKey);
    CFRelease(policy);

    return nil;
}

cipherTextBuf = malloc(sizeof(uint8_t)*keyBlockSize);
memset(cipherTextBuf,0,keyBlockSize);

//result = SecKeyEncrypt(publicKey, kSecPaddingPKCS1, plainTextBuf, plainTextLength, cipherTextBuf, &cipherTextLen);
result = SecKeyEncrypt(publicKey, kSecPaddingPKCS1, (const uint8_t *)[plainTextData bytes], plainTextLength, cipherTextBuf, &cipherTextLen);

NSData *cipherText = nil;
if (result == errSecSuccess) {

    cipherText = [NSData dataWithBytes:cipherTextBuf length:cipherTextLen];

} else {
    NSLog(@"Error detected: %d",(int)result);
}

free(cipherTextBuf);
cipherTextBuf = NULL;

CFRelease(trustRef);
CFRelease(publicKey);
CFRelease(policy);

return cipherText;
}

-(NSData *)getPublicKey
{
NSString *filePath = [[NSBundle mainBundle] pathForResource:@"public_key" ofType:@"cer"];
NSData *myData = [NSData dataWithContentsOfFile:filePath];

return myData;
}

但是,我该如何加密大于256Bit的文件?

1 个解决方案

解决方案1
 2  2014-04-11 23:42:12

一般过程是非对称地(例如使用RSA)传输对称密钥,该对称密钥可用于通过诸如AES之类的对称密码(结合诸如CBC之类的分组密码方式)来加密/解密您的有效载荷。 如果可能的话,您应该避免自己构建这种加密货币。 NaCl是一个相当用户友好的库,据称可以将Nadium实现与iOS一起使用。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 swift ios 8.0 RSA 加密(已知公钥) 如何在RSA上加密大于N的数字? 使用DER格式的RSA公钥文件进行iOS加密 如何在钥匙串中保存RSA publicKey / privateKey NOT Swift中的RSA公钥加密 RSA加密长度不一致的结果 在 iOS 上使用 RSA 公钥加密 OpenSSL SSL加密解密 使用公钥进行RSA加密 如何快速使用RSA加密?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM