我使用 SecKeyGeneratePair 生成了一个 keeper。
var publicKeyPtr, privateKeyPtr: Unmanaged<SecKey>?
let publicKeyParameters: [String: AnyObject] = [
kSecAttrIsPermanent: true,
kSecAttrApplicationTag: "com.example.site.public"
]
let privateKeyParameters: [String: AnyObject] = [
kSecAttrIsPermanent: true,
kSecAttrApplicationTag: "com.example.site.private"
]
let parameters: [String: AnyObject] = [
kSecAttrKeyType: kSecAttrKeyTypeRSA,
kSecAttrKeySizeInBits: 2048,
kSecPublicKeyAttrs.takeUnretainedValue() as String: publicKeyParameters,
kSecPrivateKeyAttrs.takeUnretainedValue() as String: privateKeyParameters
]
let result = SecKeyGeneratePair(parameters, &publicKeyPtr, &privateKeyPtr)
let publicKey = publicKeyPtr!.takeRetainedValue()
let privateKey = privateKeyPtr!.takeRetainedValue()
let blockSize = SecKeyGetBlockSize(publicKey)
如果我打印出 publicKey,我可以看到模数,我很确定这就是我需要的:
publicKey: <SecKeyRef algorithm id: 1, key type: RSAPublicKey, version: 3, block size: 2048 bits, exponent: {hex: 10001, decimal: 65537}, modulus: B2A7BD90C909F8084AD5B34040ABDAF7D1A6AFBADB35F3B6AB5CDDAB473449B0F175DEA32A7476F339D98F4AB3716AA2C1476D4009A80574B984DDFA1EF1A2550E48C46791CEFBFC39EF281049AA74E4C734C3B2A7B3F621B8A41F8B6689C4978696690D4EF9FFF0F90DB85C8ECBCF721FB7652AD7B337880A09D97EA736008C3ADBB72223F18C522C0C0889B05122561042D8637D1CBEF8F9F5AE88CDC43E411AA217E2A81C2D812B46D01C3BDC2799DFF3EAD46BB092A566E18EE94F63C4690ECE806B993FDDAC3159BE2098C2428F24969C109E221D8F066BEE3530848DE328D888B4C7E701435EACB116F97BB77B9379EF818B4D280890262EE678B92705, addr: 0x144841a00>
但我不知道如何导出 key 以便将其发送到我的服务器以供在那里使用。
根据我的理解。 Keychain中保存了一个SecKey,是一个指向它的指针, block 大小就是key在内存中的长度。所以理论上我可以将其提取为 NSData,然后将其转换为我的服务器可以读取的内容。从理论上讲,我认为这会奏效,但在实践中我却碰壁了。非常感谢所有帮助。
最佳答案
var dataPtr:Unmanaged<AnyObject>?
let query: [String:AnyObject] = [
kSecClass: kSecClassKey,
kSecAttrApplicationTag: "com.example.site.public",
kSecReturnData: kCFBooleanTrue
]
let qResult = SecItemCopyMatching(query, &dataPtr)
// error handling with `qResult` ...
let publicKeyData = dataPtr!.takeRetainedValue() as NSData
// convert to Base64 string
let base64PublicKey = publicKeyData.base64EncodedStringWithOptions(nil)
swift 4:
var dataPtr:CFTypeRef?
let query: [String: Any] = [
kSecClass as String: kSecClassKey,
kSecAttrApplicationTag as String: "com.example.site.public",
kSecReturnData as String: true
]
let qResult = SecItemCopyMatching(query as CFDictionary, &dataPtr)
// error handling with `qResult` ...
let data = dataPtr as! Data
let base64PublicKey = data.base64EncodedString()
请注意,数据的大小为 270,与 key 的 block 大小不同。参见 this question on the crypto.stackexchange.com .
关于swift - 如何导出使用 SecKeyGeneratePair 生成的公钥 <SecKey> 以在服务器上使用?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27853075/