#import "GLQyRsa.h" #import "GLSupprot.h" #import "GLLoginViewController.h" @implementation GLQyRsa static SecKeyRef _public_key=nil; + (SecKeyRef) getPublicKeyFile { // 从公钥证书文件中获取到公钥的SecKeyRef指针 if(_public_key == nil){ //NSData *certificateData = [RSA_KEY_BASE64 dataUsingEncoding:NSUTF8StringEncoding]; // NSString *publicKeyPath = [[NSBundle mainBundle] pathForResource:@"public_key" // ofType:@"der"]; // if (publicKeyPath == nil) { // NSLog(@"Can not find pub.der"); // return nil; // } NSString *fielName = [[NSUserDefaults standardUserDefaults]objectForKey:my_publicKeyFileName]; //NSLog(@"fielName:%@",fielName); fileName为.cer证书 if(!fielName) { NSLog(@"fielName nil"); return nil; } NSDate *certificateData = [NSData dataWithContentsOfFile:fielName]; if (certificateData == nil) { NSLog(@"Can not read from pub.der"); return nil; } SecCertificateRef myCertificate = SecCertificateCreateWithData(kCFAllocatorDefault, (__bridge CFDataRef)certificateData); SecPolicyRef myPolicy = SecPolicyCreateBasicX509(); SecTrustRef myTrust; OSStatus status = SecTrustCreateWithCertificates(myCertificate,myPolicy,&myTrust); SecTrustResultType trustResult; if (status == noErr) { status = SecTrustEvaluate(myTrust, &trustResult); } _public_key = SecTrustCopyPublicKey(myTrust); CFRelease(myCertificate); CFRelease(myPolicy); CFRelease(myTrust); } return _public_key; } + (NSData*) rsaEncryptString:(NSString*) string{ SecKeyRef key = [self getPublicKeyFile]; if(!key) { NSLog(@"secKeyRefNULL"); return nil; } size_t cipherBufferSize = SecKeyGetBlockSize(key); uint8_t *cipherBuffer = malloc(cipherBufferSize * sizeof(uint8_t)); NSData *stringBytes = [string dataUsingEncoding:NSUTF8StringEncoding]; size_t blockSize = cipherBufferSize - 11; size_t blockCount = (size_t)ceil([stringBytes length] / (double)blockSize); NSMutableData *encryptedData = [[NSMutableData alloc] init]; for (int i=0; i<blockCount; i++) { int bufferSize = MIN(blockSize,[stringBytes length] - i * blockSize); NSData *buffer = [stringBytes subdataWithRange:NSMakeRange(i * blockSize, bufferSize)]; OSStatus status = SecKeyEncrypt(key, kSecPaddingPKCS1, (const uint8_t *)[buffer bytes], [buffer length], cipherBuffer, &cipherBufferSize); if (status == noErr){ NSData *encryptedBytes = [[NSData alloc] initWithBytes:(const void *)cipherBuffer length:cipherBufferSize]; [encryptedData appendData:encryptedBytes]; }else{ if (cipherBuffer) free(cipherBuffer); return nil; } } if (cipherBuffer) free(cipherBuffer); // NSLog(@"Encrypted text (%d bytes): %@", [encryptedData length], [encryptedData description]); // NSLog(@"Encrypted text base64: %@", [Base64 encode:encryptedData]); return encryptedData; }