Ios OSX生成的密钥可以';t加密(SecKeyCreateRandomKey和SecKeyCreateEncryptedData)
我基本上是按照这个方法生成私钥,复制公钥,然后加密消息。但是,它给出了错误(OSStatus错误-67712-CSSM异常:-2147415791 CSSMERR\u CSP\u无效\u密钥\u引用) 起初,我认为我设置的属性不正确。但是,如果我使用SecKeyGeneratePair()函数创建公钥(具有相同的属性),那么一切都可以正常工作。奇怪吗Ios OSX生成的密钥可以';t加密(SecKeyCreateRandomKey和SecKeyCreateEncryptedData),ios,objective-c,macos,encryption,seckeyref,Ios,Objective C,Macos,Encryption,Seckeyref,我基本上是按照这个方法生成私钥,复制公钥,然后加密消息。但是,它给出了错误(OSStatus错误-67712-CSSM异常:-2147415791 CSSMERR\u CSP\u无效\u密钥\u引用) 起初,我认为我设置的属性不正确。但是,如果我使用SecKeyGeneratePair()函数创建公钥(具有相同的属性),那么一切都可以正常工作。奇怪吗 void TestEncryptDecrpt() { OSStatus status; NSData* tag = [@"com.
void TestEncryptDecrpt() {
OSStatus status;
NSData* tag = [@"com.example.keys.mykey" dataUsingEncoding:NSUTF8StringEncoding];
NSDictionary* attributes =
@{ (id)kSecAttrKeyType: (id)kSecAttrKeyTypeRSA,
(id)kSecAttrKeySizeInBits: @1024,
(id)kSecPrivateKeyAttrs:
@{ (id)kSecAttrIsPermanent: @YES,
(id)kSecAttrApplicationTag: tag,
},
};
CFErrorRef error = NULL;
SecKeyRef privateKey = SecKeyCreateRandomKey((__bridge CFDictionaryRef)attributes, &error);
SecKeyRef publicKey = SecKeyCopyPublicKey(privateKey);
// *** it will work if I generate the key by SecKeyGeneratePair ***
// status = SecKeyGeneratePair( (__bridge CFDictionaryRef)attributes, &publicKey, &privateKey );
// start encrypt and decrypt a message
static char const kMessage[] = "This is a secret!\n";
SecKeyAlgorithm algorithm = kSecKeyAlgorithmRSAEncryptionRaw;
BOOL canEncrypt = SecKeyIsAlgorithmSupported(publicKey, kSecKeyOperationTypeEncrypt, algorithm);
NSData* plainData = [NSData dataWithBytes:kMessage length:sizeof(kMessage)];
canEncrypt &= ([plainData length] < (SecKeyGetBlockSize(publicKey)-130));
NSData* cipherText = nil;
if (canEncrypt) {
CFErrorRef error = NULL;
cipherText = (NSData*)CFBridgingRelease( SecKeyCreateEncryptedData(publicKey, algorithm, (__bridge CFDataRef)plainData, &error));
if (!cipherText) {
NSError *err = CFBridgingRelease(error); // ARC takes ownership
// Handle the error. . .
NSLog(@"error = %@, %@", [err userInfo], [err localizedDescription]);
}
}
}
void testencryptdecript(){
骨状态;
NSData*标记=[@“com.example.keys.mykey”数据使用编码:NSUTF8StringEncoding];
NSDictionary*属性=
@{(id)kSecAttrKeyType:(id)kSecAttrKeyTypeRSA,
(id)kSecAttrKeySizeInBits:@1024,
(id)kSecPrivateKeyAttrs:
@{(id)kSecAttrIsPermanent:@是,
(id)kSecAttrApplicationTag:tag,
},
};
CFErrorRef error=NULL;
SecKeyRef privateKey=SecKeyCreateRandomKey((u桥CFDictionaryRef)属性,&错误);
SecKeyRef publicKey=SecKeyCopyPublicKey(私钥);
//***如果我通过SecKeyGeneratePair生成密钥,它将起作用***
//状态=SecKeyGeneratePair((uu桥CFDictionaryRef)属性、公钥和私钥);
//开始加密和解密消息
静态字符常量kMessage[]=“这是一个秘密!\n”;
SecKeyAlgorithm算法=kSecKeyAlgorithmRSAEncryptionRaw;
BOOL canEncrypt=seckeyisalgorithsupported(publicKey,kSecKeyOperationTypeEncrypt,algorithm);
NSData*plainData=[NSData dataWithBytes:kMessage length:sizeof(kMessage)];
canEncrypt&=([plainData length]<(SecKeyGetBlockSize(publicKey)-130));
NSData*密文=零;
如果(canEncrypt){
CFErrorRef error=NULL;
密文=(NSData*)CfBridgegRelease(SecKeyCreateEncryptedData(公钥、算法、(u桥CFDataRef)明文数据和错误));
if(!密文){
NSError*err=CfBrigingRelease(错误);//ARC获得所有权
//处理错误。
NSLog(@“error=%@,%@,[err userInfo],[err localizedDescription]);
}
}
}
问题已解决。在公钥设置中还需要“kSecAttrIsPermanent”属性
不确定为什么示例中没有提到这一点。不幸的是,您的链接已失效。苹果的文档并不像它们应该的那样永久:/