ios - SecKeyRawVerify 与 iOS 4.3 和 iOS 5.0 是否存在任何已知的不兼容性
<p><p>我正在尝试使用 <a href="http://blog.flirble.org/2011/01/05/rsa-public-key-openssl-ios/" rel="noreferrer noopener nofollow">http://blog.flirble.org/2011/01/05/rsa-public-key-openssl-ios/</a> 中提到的确切方法使用公钥验证数据。 . </p>
<p>我使用模拟器 iOS 6.1、iOS 4.3 和 iOS 5.0 测试了我的代码。它适用于 iOS 6.1,但不适用于 iOS 4.3 和 iOS 5.0。在 iOS 4.3 和 iOS 5.0 上,SecKeyRawVerify 失败,错误代码为 -50(其中一个输入参数错误)。</p>
<p>有人知道这里出了什么问题吗?</p>
<p>下面是我正在使用的验证功能的代码。使用的函数的定义请看<a href="http://blog.flirble.org/2011/01/05/rsa-public-key-openssl-ios" rel="noreferrer noopener nofollow"> here </a> </p>
<p><b>代码:</b></p>
<pre><code>+ (SecKeyRef)getPublicKeyRef:(NSString*)key
{
NSString* tag = @"com.publickey";
NSString *s_key = ;
NSArray*a_key = ;
BOOL f_key= FALSE;
for (NSString *a_line in a_key) {
if () {
f_key = TRUE;
}
else if () {
f_key = FALSE;
}
else if (f_key) {
s_key = ;
}
}
if (s_key.length == 0) return(FALSE);
// This will be base64 encoded, decode it.
NSData *d_key = ;//;
d_key = ;
if (d_key == nil) return(FALSE);
NSData *d_tag = length:];
// Delete any old lingering key with the same tag
NSMutableDictionary *publicKey = [ init];
;
;
;
SecItemDelete((CFDictionaryRef)publicKey);
CFTypeRef persistKey = nil;
// Add persistent version of the key to system keychain
;
;
forKey:(id)kSecReturnPersistentRef];
OSStatus secStatus = SecItemAdd((CFDictionaryRef)publicKey, &persistKey);
if (persistKey != nil) CFRelease(persistKey);
if ((secStatus != noErr) && (secStatus != errSecDuplicateItem)) {
;
return(FALSE);
}
// Now fetch the SecKeyRef version of the key
SecKeyRef keyRef = nil;
;
;
forKey:(id)kSecReturnRef];
;
secStatus = SecItemCopyMatching((CFDictionaryRef)publicKey,(CFTypeRef *)&keyRef);
;
if (keyRef == nil) return(FALSE);
return keyRef;
}
+ (BOOL)verifyMessage:(NSString *)msg forSignature:(NSString*)signature forPublicKey:(NSString*)publicKey
{
// Search for the two sections: Data and a signature.
NSString *s_data = msg, *s_signature = signature;
if ((s_data.length == 0) || (s_signature.length == 0)) return(FALSE);
// These will be base64 encoded, decode them.
NSData *d_data = ;
if (d_data == nil) return(FALSE);
NSData *d_signature = ;
if (d_signature == nil) return(FALSE);
// Make SHA-256 hash of the data
uint8_t h_data;
CC_SHA256(d_data.bytes, d_data.length, h_data);
NSData* d_hash = ;
// The signature is generated against the binary form of the data, validate
//it.
BOOL valid = FALSE;
OSStatus secStatus = SecKeyRawVerify(,
kSecPaddingPKCS1SHA256,
d_hash.bytes, d_hash.length,
d_signature.bytes,
d_signature.length);
if (secStatus == errSecSuccess) {
valid = TRUE;
}
return(valid);
}
</code></pre>
<p><b>错误代码:</b>
SecKeyRawVerify 在 iOS 5.0 和 iOS 4.3 上失败,错误代码为 -50(输入参数之一错误),但在 iOS 6.1 上调用成功。</p>
<p>提前致谢。</p></p>
<br><hr><h1><strong>Best Answer-推荐答案</ strong></h1><br>
<p><p>找到不工作的原因,kSecPaddingPKCS1SHA256 只支持iOS 6.0 以上。
<a href="http://developer.apple.com/library/ios/#releasenotes/General/iOS60APIDiffs/index.html" rel="noreferrer noopener nofollow">http://developer.apple.com/library/ios/#releasenotes/General/iOS60APIDiffs/index.html</a> </p></p>
<p style="font-size: 20px;">关于ios - SecKeyRawVerify 与 iOS 4.3 和 iOS 5.0 是否存在任何已知的不兼容性,我们在Stack Overflow上找到一个类似的问题:
<a href="https://stackoverflow.com/questions/16503961/" rel="noreferrer noopener nofollow" style="color: red;">
https://stackoverflow.com/questions/16503961/
</a>
</p>
页:
[1]