iOS RSA_SHA1私钥验签

『使用说明』:
+(SecKeyRef)setPrivateKey:(NSString*)path password:(NSString*)pwd;
为设置私钥,path为证书路径,pwd为证书密码。

+(NSString *)signTheDataSHA1WithRSA:(NSString *)plainText;
为私钥RSA_SHA1验签,完成后并进行Base64编码,编码结束后返回UTF-8字符串格式。

[objc]
//
// UIB_RSA.h
// rsa
//
// Created by kumadocs.com on 13-9-31.
// Copyright (c) 2013年 kumadocs.com. All rights reserved.
//

#import <Foundation/Foundation.h>

@interface UIB_RSA : NSObject

/*
path 证书路径
pwd 证书密码
*/
+(SecKeyRef)setPrivateKey:(NSString*)path password:(NSString*)pwd;

/*
plainText 加密内容
*/
+(NSString *)signTheDataSHA1WithRSA:(NSString *)plainText;

@end

[/objc]

/********************
文字分割
********************/

[objc]
//
// UIB_RSA.m
// rsa
//
// Created by kumadocs.com on 13-9-31.
// Copyright (c) 2013年 kumadocs.com. All rights reserved.
//

#import "UIB_RSA.h"
#import "GTMBase64.h"
#import <Security/Security.h>
#import <CommonCrypto/CommonDigest.h>
#import <CommonCrypto/CommonCryptor.h>
@implementation UIB_RSA

#define kChosenDigestLength CC_SHA1_DIGEST_LENGTH
static SecKeyRef privateKeyRef;

+(SecKeyRef)setPrivateKey:(NSString*)path password:(NSString*)pwd{

NSData * data = [NSData dataWithContentsOfFile:path];

NSMutableDictionary * options = [[NSMutableDictionary alloc] init];
[options setObject:pwd forKey:(__bridge id)kSecImportExportPassphrase];

CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);

OSStatus securityError = SecPKCS12Import((__bridge CFDataRef) data, (__bridge CFDictionaryRef)options, &items);
if (securityError!=noErr) {
return nil ;
}

CFDictionaryRef identityDict = CFArrayGetValueAtIndex(items, 0);
SecIdentityRef identityApp =(SecIdentityRef)CFDictionaryGetValue(identityDict,kSecImportItemIdentity);
SecIdentityCopyPrivateKey(identityApp, &privateKeyRef);
return privateKeyRef;
}

+ (NSString *)signTheDataSHA1WithRSA:(NSString *)plainText
{
uint8_t* signedBytes = NULL;
size_t signedBytesSize = 0;
OSStatus sanityCheck = noErr;
NSData* signedHash = nil;

signedBytesSize = SecKeyGetBlockSize(privateKeyRef);

NSData *plainTextBytes = [plainText dataUsingEncoding:NSUTF8StringEncoding];

signedBytes = malloc( signedBytesSize * sizeof(uint8_t) ); // Malloc a buffer to hold signature.
memset((void *)signedBytes, 0x0, signedBytesSize);

sanityCheck = SecKeyRawSign(privateKeyRef,
kSecPaddingPKCS1SHA1,
(const uint8_t *)[[self getHashBytes:plainTextBytes] bytes],
kChosenDigestLength,
(uint8_t *)signedBytes,
&signedBytesSize);

if (sanityCheck == errSecSuccess)
{
signedHash = [NSData dataWithBytes:(const void *)signedBytes length:(NSUInteger)signedBytesSize];

}else{

NSLog(@"【error!!】 err code:%ld", sanityCheck);
return nil;
}

if (signedBytes)
{
free(signedBytes);
}

NSString *signatureResult=[NSString stringWithFormat:@"%@",[GTMBase64 encodeBase64Data:signedHash]];
return signatureResult;
}

+ (NSData *)getHashBytes:(NSData *)plainText {
CC_SHA1_CTX ctx;
uint8_t * hashBytes = NULL;
NSData * hash = nil;

// Malloc a buffer to hold hash.
hashBytes = malloc( kChosenDigestLength * sizeof(uint8_t) );
memset((void *)hashBytes, 0x0, kChosenDigestLength);
// Initialize the context.
CC_SHA1_Init(&ctx);
// Perform the hash.
CC_SHA1_Update(&ctx, (void *)[plainText bytes], [plainText length]);
// Finalize the output.
CC_SHA1_Final(hashBytes, &ctx);

// Build up the SHA1 blob.
hash = [NSData dataWithBytes:(const void *)hashBytes length:(NSUInteger)kChosenDigestLength];
if (hashBytes) free(hashBytes);

return hash;
}

@end

[/objc]

By userKuma | 2014-01-13 | iOS 开发 | 82 Comments |

82 thoughts on “iOS RSA_SHA1私钥验签

Wlceap进行回复 取消回复

电子邮件地址不会被公开。