Ios 获取公钥并使用sha256验证签名值
我尝试从证书中提取公钥,以便使用SHA256验证我的签名,但每次使用SecKeyRawVerify-OSError Unknown(-9809)时Ios 获取公钥并使用sha256验证签名值,ios,objective-c,ipad,x509certificate,signature,Ios,Objective C,Ipad,X509certificate,Signature,我尝试从证书中提取公钥,以便使用SHA256验证我的签名,但每次使用SecKeyRawVerify-OSError Unknown(-9809)时 是否支持SHA256?您的验证结果实际上是签名结果。SecKeyRawVerify()执行验证。 // data to signed NSString* filePath = [[NSBundle mainBundle] pathForResource:@"data" ofType:@"der"]; NSData* willBe
是否支持SHA256?您的验证结果实际上是签名结果。SecKeyRawVerify()执行验证。
// data to signed
NSString* filePath = [[NSBundle mainBundle] pathForResource:@"data" ofType:@"der"];
NSData* willBeSigned = [NSData dataWithContentsOfFile:(filePath)];
// Signature
NSString* signaturePath = [[NSBundle mainBundle] pathForResource:@"signedData" ofType:@"der"];
NSData* signatureData = [NSData dataWithContentsOfFile:(signaturePath)];
// Certificate
NSString* certificatePath = [[NSBundle mainBundle] pathForResource:@"cert" ofType:@"cer"];
NSData* certificateData = [NSData dataWithContentsOfFile:(certificatePath)];
SecCertificateRef certificateFromFile = SecCertificateCreateWithData(NULL, (CFDataRef)certificateData); // load the certificate
SecPolicyRef secPolicy = SecPolicyCreateBasicX509();
SecTrustRef trust;
OSStatus statusTrust = SecTrustCreateWithCertificates( certificateFromFile, secPolicy, &trust);
SecTrustResultType resultType;
OSStatus statusTrustEval = SecTrustEvaluate(trust, &resultType);
SecKeyRef publicKey = SecTrustCopyPublicKey(trust);
size_t keysize = SecKeyGetBlockSize(publicKey);
NSData* keyData = [NSData dataWithBytes:publicKey length:keysize];
// NSData* keyData = [self getPublicKeyBitsFromKey:publicKey];
size_t signedHashBytesSize = SecKeyGetBlockSize(publicKey);
OSStatus verficationResult = SecKeyRawVerify (publicKey, kSecPaddingPKCS1SHA256, (const uint8_t *)[self sha256:willBeSigned], CC_SHA256_DIGEST_LENGTH,(uint8_t *)sigValue, &signedHashBytesSize);
if (verficationResult == errSecSuccess) NSLog(@"Verified");