Fatal编程技术网
  • iphone/
  • iPhone公钥加密SecKeyEncrypt返回错误9809(errSSLCrypto)

iPhone公钥加密SecKeyEncrypt返回错误9809(errSSLCrypto)

iphone

iPhone公钥加密SecKeyEncrypt返回错误9809(errSSLCrypto),iphone,x509certificate,public-key-encryption,pki,commoncrypto,Iphone,X509certificate,Public Key Encryption,Pki,Commoncrypto,我试图使用iPhone的PKI库来加密短字符串(12345678),但每当我尝试使用SecKeyEncrypt时,总是会收到错误-9809(即errSSLCrypto)。SecureTransport.h头文件将此错误简单地描述为“底层加密错误”,这不是很有意义 我的代码如下: - (NSData *)encryptDataWithPublicKey:(NSString *)plainText { OSStatus result = -1; NSData *plainText

我试图使用iPhone的PKI库来加密短字符串(12345678),但每当我尝试使用SecKeyEncrypt时,总是会收到错误-9809(即errSSLCrypto)。SecureTransport.h头文件将此错误简单地描述为“底层加密错误”,这不是很有意义

我的代码如下:

- (NSData *)encryptDataWithPublicKey:(NSString *)plainText {

    OSStatus result = -1;

    NSData *plainTextData = [plainText dataUsingEncoding:NSASCIIStringEncoding];
    size_t plainTextLength = [plainTextData length];

    SecTrustRef trustRef;
    SecTrustResultType trustResult;

    SecPolicyRef policy = SecPolicyCreateBasicX509();

    result = SecTrustCreateWithCertificates(m_oCert, policy, &trustRef);

    if (result != errSecSuccess) {
        NSLog(@"Trust create failed with code: %d",result);
        return nil;
    }

    result = SecTrustEvaluate(trustRef, &trustResult);

    if (result != errSecSuccess) {
        NSLog(@"Trust eval failed with code: %d",result);

        CFRelease(trustRef);
        return nil;
    }

    SecKeyRef publicKey = SecTrustCopyPublicKey(trustRef);

    uint8_t *cipherTextBuf = NULL;
    size_t cipherTextLen = 0;

    size_t keyBlockSize = SecKeyGetBlockSize(publicKey);
    int maxInputSize = keyBlockSize - 11; //If using PKCS1 Padding, else keyBlockSize

    if (plainTextLength > maxInputSize) {
        //Fail
        NSLog(@"Data size is larger than max permitted!");

        CFRelease(trustRef);
        CFRelease(publicKey);
        CFRelease(policy);

        return nil;
    }

    cipherTextBuf = malloc(sizeof(uint8_t)*keyBlockSize);
    memset(cipherTextBuf,0,keyBlockSize);

    //result = SecKeyEncrypt(publicKey, kSecPaddingPKCS1, plainTextBuf, plainTextLength, cipherTextBuf, &cipherTextLen);
    result = SecKeyEncrypt(publicKey, kSecPaddingNone, (const uint8_t *)[plainTextData bytes], plainTextLength, cipherTextBuf, &cipherTextLen);

    NSData *cipherText = nil;
    if (result == errSecSuccess) {

        cipherText = [NSData dataWithBytes:cipherTextBuf length:cipherTextLen];

    } else {
        NSLog(@"Error detected: %d",result);
    }

    free(cipherTextBuf);
    cipherTextBuf = NULL;

    CFRelease(trustRef);
    CFRelease(publicKey);
    CFRelease(policy);

    return cipherText;
}
不管我使用什么填充,它们都会给出相同的错误。公钥是从我的客户机提供的证书派生的,我已经检查过以确保该密钥有效。我做错了什么?如何正确使用该函数?

使用SecKeyEncrypt时,输入cipherTextLength应该是输出缓冲区的大小。背景

size_t cipherTextLen = keyBlockSize;
解决了问题。

Thax对于您的函数,它帮助我加密。但在加密时,我在加密字符串中得到了奇怪的字符。有什么想法吗?提出一个新问题,发布代码示例,并添加链接作为注释。我来看看。这里是什么?