我已经使用SecKeyGeneratePair创建了一对密钥。我现在想将公钥传递给服务器,但是我不确定如何继续。

我有一个函数getPublicKeyBits(取自Apple的CryptoExercise),但我真的不知道该如何处理原始NSData。这是函数:

- (NSData *)getPublicKeyBits {
    OSStatus sanityCheck = noErr;
    NSData* publicKeyBits = nil;
    NSData* publicTag = [[NSData alloc] initWithBytes:publicKeyIdentifier length:sizeof(publicKeyIdentifier)];
    CFDataRef cfresult = NULL;


    NSMutableDictionary * queryPublicKey = [[NSMutableDictionary alloc] init];

    // Set the public key query dictionary.
    [queryPublicKey setObject:(__bridge id)kSecClassKey forKey:(__bridge id)kSecClass];
    [queryPublicKey setObject:publicTag forKey:(__bridge id)kSecAttrApplicationTag];
    [queryPublicKey setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
    [queryPublicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnData];

    // Get the key bits.
    sanityCheck = SecItemCopyMatching((__bridge CFDictionaryRef)queryPublicKey, (CFTypeRef*)&cfresult);


    if (sanityCheck != noErr)
    {
        publicKeyBits = nil;
    }
    else
    {
        publicKeyBits = (__bridge_transfer NSData *)cfresult;
    }

    return publicKeyBits;
}

如何获取此原始字节数据并将其转换为PEM或加密库可以理解的其他格式?我应该对base64进行编码吗?我还有其他需要做的事情吗?

如果有帮助,我正在尝试将公用密钥与可用于Python的M2Crypto库一起使用。

最佳答案

我想你会想看看http://www.openssl.org/docs/crypto/pem.html#
也许:

int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
                                    unsigned char *kstr, int klen,
                                    pem_password_cb *cb, void *u);

07-24 09:44
查看更多