如何在iOS中使用ECC
在iOS中有使用ECC的例子吗?
我注意到在Apple Developer Documents中的kSecAttrKeyTypeEC,但我不能用它来通用密钥对。
下面的代码是从示例CryptoExercise中修改的
// Container dictionaries. NSMutableDictionary * privateKeyAttr = [[NSMutableDictionary alloc] init]; NSMutableDictionary * publicKeyAttr = [[NSMutableDictionary alloc] init]; NSMutableDictionary * keyPairAttr = [[NSMutableDictionary alloc] init]; // Set top level dictionary for the keypair. [keyPairAttr setObject:(id)kSecAttrKeyTypeEC forKey:(id)kSecAttrKeyType]; [keyPairAttr setObject:[NSNumber numberWithUnsignedInteger:keySize] forKey:(id)kSecAttrKeySizeInBits]; // Set the private key dictionary. [privateKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecAttrIsPermanent]; [privateKeyAttr setObject:privateTag forKey:(id)kSecAttrApplicationTag]; // See SecKey.h to set other flag values. // Set the public key dictionary. [publicKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecAttrIsPermanent]; [publicKeyAttr setObject:publicTag forKey:(id)kSecAttrApplicationTag]; // See SecKey.h to set other flag values. // Set attributes to top level dictionary. [keyPairAttr setObject:privateKeyAttr forKey:(id)kSecPrivateKeyAttrs]; [keyPairAttr setObject:publicKeyAttr forKey:(id)kSecPublicKeyAttrs]; // SecKeyGeneratePair returns the SecKeyRefs just for educational purposes. sanityCheck = SecKeyGeneratePair((CFDictionaryRef)keyPairAttr, &publicKeyRef, &privateKeyRef); LOGGING_FACILITY( sanityCheck == noErr && publicKeyRef != NULL && privateKeyRef != NULL, @"Something really bad went wrong with generating the key pair." ); sanityCheck总是返回-50这意味着'errSecParam'。
我真的不知道如何使用它,谢谢你阅读这个。
NSDictionary *parameters = @{ (__bridge id)kSecAttrKeyType: (__bridge id)kSecAttrKeyTypeEC, (__bridge id)kSecAttrKeySizeInBits: @256, (__bridge id)kSecPrivateKeyAttrs: @{ (__bridge id)kSecAttrIsPermanent: @YES, (__bridge id)kSecAttrApplicationTag: [@"my.key.tag" dataUsingEncoding:NSUTF8StringEncoding], }, (__bridge id)kSecPublicKeyAttrs: @{ (__bridge id)kSecAttrIsPermanent: @YES, (__bridge id)kSecAttrApplicationTag: [@"my.key.pubtag" dataUsingEncoding:NSUTF8StringEncoding], } }; SecKeyRef publicKey, privateKey; OSStatus status = SecKeyGeneratePair((__bridge CFDictionaryRef)parameters, &publicKey, &privateKey);
这个工程,仔细检查您的密钥大小参数。
请注意,目前EC密钥只能用于签署/validation数据。 encryption/解密返回errSecUnimplemented = -4.