看见这边文章的同学太有眼福了,前段时间搞这个SHA1WithRSA 的 数据加签的功能,这个方面的资料很少,查看了好多资料搞的我很蛋疼啊,在知识的海洋中遨游了好久,最终用了九牛二虎之力搞定了。哈哈!
首先加入头文件
#import <CommonCrypto/CommonDigest.h>
#import <CommonCrypto/CommonCryptor.h>
#import <Security/Security.h>
#import "NSData+Base64.h"
#define kChosenDigestLengthCC_SHA1_DIGEST_LENGTH // SHA-1消息摘要的数据位数160位
– (NSData *)getHashBytes:(NSData *)plainText {CC_SHA1_CTX ctx;uint8_t * hashBytes = NULL;NSData * hash = nil;// Malloc a buffer to hold hash.hashBytes = malloc( kChosenDigestLength * sizeof(uint8_t) );memset((void *)hashBytes, 0x0, kChosenDigestLength);// Initialize the context.CC_SHA1_Init(&ctx);// Perform the hash.CC_SHA1_Update(&ctx, (void *)[plainText bytes], [plainText length]);// Finalize the output.CC_SHA1_Final(hashBytes, &ctx);// Build up the SHA1 blob.hash = [NSData dataWithBytes:(const void *)hashBytes length:(NSUInteger)kChosenDigestLength];if (hashBytes) free(hashBytes);return hash;}-(NSString *)signTheDataSHA1WithRSA:(NSString *)plainText{uint8_t* signedBytes = NULL;size_t signedBytesSize = 0;OSStatus sanityCheck = noErr;NSData* signedHash = nil;NSString * path = [[NSBundle mainBundle]pathForResource:@"keystore" ofType:@"p12"];NSData * data = [NSData dataWithContentsOfFile:path];NSMutableDictionary * options = [[NSMutableDictionary alloc] init]; // Set the private key query dictionary.[options setObject:@"你的p12文件的密码" forKey:(id)kSecImportExportPassphrase];CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);OSStatus securityError = SecPKCS12Import((CFDataRef) data, (CFDictionaryRef)options, &items);if (securityError!=noErr) {return nil ;}CFDictionaryRef identityDict = CFArrayGetValueAtIndex(items, 0);SecIdentityRef identityApp =(SecIdentityRef)CFDictionaryGetValue(identityDict,kSecImportItemIdentity);SecKeyRef privateKeyRef=nil;SecIdentityCopyPrivateKey(identityApp, &privateKeyRef);signedBytesSize = SecKeyGetBlockSize(privateKeyRef);NSData *plainTextBytes = [plainText dataUsingEncoding:NSUTF8StringEncoding];signedBytes = malloc( signedBytesSize * sizeof(uint8_t) ); // Malloc a buffer to hold signature.memset((void *)signedBytes, 0x0, signedBytesSize);sanityCheck = SecKeyRawSign(privateKeyRef,kSecPaddingPKCS1SHA1,(const uint8_t *)[[self getHashBytes:plainTextBytes] bytes],kChosenDigestLength,(uint8_t *)signedBytes,&signedBytesSize);if (sanityCheck == noErr){signedHash = [NSData dataWithBytes:(const void *)signedBytes length:(NSUInteger)signedBytesSize];}else{return nil;}if (signedBytes){free(signedBytes);}NSString *signatureResult=[NSString stringWithFormat:@"%@",[signedHash base64EncodedString]];return signatureResult;}
在服务器端的java验签方法明天上传。哈哈!请看
版权声明:本文为博主原创文章,未经博主允许不得转载。
,人若软弱就是自己最大的敌人
