iOS是否生成RSA非随机密钥对?
我希望每次应用相同的种子时都生成相同的非对称密钥对 我使用iOS RSA加密练习生成RSA非对称密钥对。 我每次也用同样的种子。(公共和私有标签) 但是,每次生成密钥时,我都会收到不同的密钥iOS是否生成RSA非随机密钥对?,ios,cryptography,rsa,Ios,Cryptography,Rsa,我希望每次应用相同的种子时都生成相同的非对称密钥对 我使用iOS RSA加密练习生成RSA非对称密钥对。 我每次也用同样的种子。(公共和私有标签) 但是,每次生成密钥时,我都会收到不同的密钥 - (void)generateKeyPair:(NSUInteger)keySize { OSStatus sanityCheck = noErr; publicKeyRef = NULL; privateKeyRef = NULL; LOGGING_FACILITY1(
- (void)generateKeyPair:(NSUInteger)keySize {
OSStatus sanityCheck = noErr;
publicKeyRef = NULL;
privateKeyRef = NULL;
LOGGING_FACILITY1( keySize == 512 || keySize == 1024 || keySize == 2048, @"%d is an invalid and unsupported key size.", keySize );
// First delete current keys.
[self deleteAsymmetricKeys];
// Container dictionaries.
NSMutableDictionary * privateKeyAttr = [[NSMutableDictionary alloc] init];
NSMutableDictionary * publicKeyAttr = [[NSMutableDictionary alloc] init];
NSMutableDictionary * keyPairAttr = [[NSMutableDictionary alloc] init];
// Set top level dictionary for the keypair.
[keyPairAttr setObject:(id)kSecAttrKeyTypeRSA forKey:(id)kSecAttrKeyType];
[keyPairAttr setObject:[NSNumber numberWithUnsignedInteger:keySize] forKey:(id)kSecAttrKeySizeInBits];
// Set the private key dictionary.
[privateKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecAttrIsPermanent];
[privateKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecAttrCanEncrypt];
[privateKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecAttrCanDecrypt];
[privateKeyAttr setObject:privateTag forKey:(id)kSecAttrApplicationTag];
// See SecKey.h to set other flag values.
// Set the public key dictionary.
[publicKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecAttrIsPermanent];
[publicKeyAttr setObject:publicTag forKey:(id)kSecAttrApplicationTag];
// See SecKey.h to set other flag values.
// Set attributes to top level dictionary.
[keyPairAttr setObject:privateKeyAttr forKey:(id)kSecPrivateKeyAttrs];
[keyPairAttr setObject:publicKeyAttr forKey:(id)kSecPublicKeyAttrs];
// SecKeyGeneratePair returns the SecKeyRefs just for educational purposes.
sanityCheck = SecKeyGeneratePair((CFDictionaryRef)keyPairAttr, &publicKeyRef, &privateKeyRef);
LOGGING_FACILITY( sanityCheck == noErr && publicKeyRef != NULL && privateKeyRef != NULL, @"Something really bad went wrong with generating the key pair." );
NSLog(@"getPublicKeyBits: %@", [self getPublicKeyBits]);
NSLog(@"getPublicKeyExp: %@", [self getPublicKeyExp]);
NSLog(@"getPublicKeyMod: %@", [self getPublicKeyMod]);
// NSLog(@"keyPairAttr: %@" , keyPairAttr);
[privateKeyAttr release];
[publicKeyAttr release];
[keyPairAttr release];
}
您正在设置的“公共和私有标记”只是标识符,如果您将密钥对存储在密钥链中,您可以稍后使用SecItemCopyMatching
搜索这些标识符
不幸的是,您无法使用SecKeyGeneratePair
或SecKeyGeneratePairAsync
为非对称密钥对设置“种子”值。您将始终获得“随机生成”的密钥对
如果您必须这样做,您必须查看提供该功能的其他库。您能为iOS推荐任何库吗。Thanks@user2524377,我建议您先看看OpenSSL。难道您不能将私钥存储在密钥链中,然后从密钥链(如果存在)中检索它吗?能够生成相同的私钥两次似乎很奇怪。如果您可以随意生成相同的密钥,那么它就不是非常私有的。