注:本文全部轉載自:https://www.jianshu.com/p/43f7fc8d8e14
iOS之RSA加密解密與背景之間的雙向加密詳解
序言
因為項目中需要用到
RSA
加密,剛開始也是有點亂,這兩天也整理的差不多了,希望能幫到大家。
這次先上代碼,我想大部分人肯定是着急解決問題,是以不要廢話太多。
iOS端
背景是
PHP
,給我了一段公鑰和他用私鑰加密後的
base64
編碼,讓我先解一下,看看能否解出(請先不要糾結為什麼給我公鑰解密,公鑰私鑰都可以解密,具體後面會講到)。
公鑰:
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3//sR2tXw0wrC2DySx8vNGlqt
Y7ldU9+LBLI6e1KS5lfc5jlTGF7KBTSkCHBM3ouEHWqp1ZJ85iJe59aF5gIB2kl
Bd6h4wrbbHA2XE1sq21ykja/Gqx7/IRia3zQfxGv/qEkyGOx+XALVoOlZqDwh76o
n1vP1D+tD3amHsK7QIDAQAB
base64編碼後的加密資料(注意:背景給你的一定是經過base64編碼後的):
eZVIkIEDb83YfdpOQCTg1SMfJtAHjdl92oKCALYeItxwvvyBsIR/L2e7y1+rXYCztBELXff/L9SijAYrUWOcvPVLPlkJbiJhZjRn+v4L9UeLtSUfO/qv30K3JROb2OniOvRImK3ZcBq319VT8e62zjJscGBIlwfFfMxRVT/mAzY=
下面使用RSA這是一個封裝的第三方架構,隻需要将下面這兩個檔案導入到項目中,便可以使用(不用再導入其他的一些架構),别的架構不敢保證能使用,但這個是肯定可以使用的。
1.png
代碼:
//公鑰
NSString *publicKey = @"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3//sR2tXw0wrC2DySx8vNGlqt3Y7ldU9+LBLI6e1KS5lfc5jlTGF7KBTSkCHBM3ouEHWqp1ZJ85iJe59aF5gIB2klBd6h4wrbbHA2XE1sq21ykja/Gqx7/IRia3zQfxGv/qEkyGOx+XALVoOlZqDwh76o2n1vP1D+tD3amHsK7QIDAQAB";
//base64編碼後的加密資料
NSString *base64Str = @"eZVIkIEDb83YfdpOQCTg1SMfJtAHjdl92oKCALYeItxwvvyBsIR/L2e7y1+rXYCztBELXff/L9SijAYrUWOcvPVLPlkJbiJhZjRn+v4L9UeLtSUfO/qv30K3JROb2OniOvRImK3ZcBq319VT8e62zjJscGBIlwfFfMxRVT/mAzY=";
//結果:注意,這裡是用公鑰進行解密的,方法一定要用對
NSString *resultStr = [RSA decryptString:base64Str publicKey:publicKey];
NSLog(@"結果 = %@",resultStr);
列印結果:
2
這隻是先進行測試的資料,如果給你私鑰解密,就用别的方法,在
RSA.h
中可以很容易找到。
上面講述的是單向加密,那麼如何進行雙向加密呢?
- 1、
iOS
java
- 2、
iOS
iOSPublicKey
iOSPrivateKey
java
javaPublicKey
javaPrivateKey
iOSPublicKey
java
iOSPublicKey
iOS
iOS
iOSPrivateKey
java
javaPublicKey
iOS
iOS
javaPublicKey
java
java
javaPrivateKey
具體實作:
iOS端
- 生成公鑰和私鑰
1)建立檔案夾,用來儲存生成的私鑰和公鑰,打開終端
cd 建立
,進入到建立檔案夾中,
openssl
,打開openssl
3
-
genrsa -out rsa_private_key.pem 1024
4
-
pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt
5
4)
rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
生成公鑰
6
此時在建立檔案夾中會出現兩個檔案
7
我們用文本編輯器打開便可擷取
iOS
端生成的公鑰和私鑰。
- Xcode項目實戰
還得利用上面提到的RSA檔案
//公鑰
NSString *publicKey = @"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl5RBHD3abOyeYCOLkaWkpJXgJQfMklOWPmdJAnG1eD6CV+UOpUKMy5LtfGHQEM7ao5x3BpMx4MNRUYVwBAmU84PhwNm6xpTJrg5zZCloFmsX+E5ukWE5YFRu8i5+5d8LuQTTTv4XfzbTCTOhON8uj+ypkomETuVNwgRFVFjHd1QIDAQAB";
//私鑰
NSString *privateKey = @"MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOXlEEcPdps7J5gI4uRpaSkleAlB8ySU5Y+Z0kCcbV4PoJX5Q6lQozLku18YdAQztqjnHcGkzHgw1FRhXAECZTzg+HA2brGlMmuDnNkKWgWaxf4Tm6RYTlgVG7yLn7l3wu5BNNO/hd/NtMJM6E43y6P7KmSiYRO5U3CBEVUWMd3VAgMBAAECgYEAkqHVDQ4O35oOegmI9plJauYsNvNqqzWRalN5aJ6dn3YmPiI8Bt2ZClgcLt6A+UEmy3qGX0HG7Q5wD9X9geNOQB3ZiD/pGAGW08wS/wTxnWSnSBwdtZ03pUttfnFctkxULfDq4iG1ywdjqEk3F8QVFajQ0c76kWbt9LGAv2OGIi0CQQD2CmbVFXy4JeNHK3TDoLMjsUCiLa+qPnyyVDLDG9Ozb7wN2ydTrMhI+0udmjKvy/Lm1E2bKyp42iYuubEqvSAXAkEA7zNZsOgUe0q73sxXqrLQ7Fs7TNtIEXghrGmkVTHN0I7uMKzQ7KEbA6hfcBm4hPMoLa6Ag3m9tiMNBWtDWc/Y8wJAK0//dEl5EC3TSccTohCbGJBukV47i1u+teHuobw3U2I7F7FZxfgntflPAWqQu7PKieob01IRAv9cM2OLFbv/dwJBAIniXedeQMA5ekaaIEbjwQ8eH/bTyJ1ZVH/gfbwmc2+vlJo2ZFCjJcFcA3fJO9ZXnGeI2cfwG22sksr24+IXsAUCQG5yvVIleTDYqWuWVG1Rc8fk5UFjoZzJpp0nil0z+0fR5rogr4fxcH7vbWsE0id7gSvtV7KxPzkvJTpOK3yGDN0=";
//測試要加密的資料
NSString *sourceStr = @"iOS端RSA";
//公鑰加密
NSString *encryptStr = [RSA encryptString:sourceStr publicKey:publicKey];
//私鑰解密
NSString *decrypeStr = [RSA decryptString:encryptStr privateKey:privateKey];
NSLog(@"加密後的資料 %@ 解密後的資料 %@",encryptStr,decrypeStr);
列印結果:
8
經過測試,私鑰和公鑰是可以使用的。
Java端
我是用的是
Eclipse
,具體實作方法也是從網上找的,因為打開的東西太多,忘了是哪篇部落格了,知道的請聯系我,會注明作者的。
- 前期準備
9
RSAUtils.java
代碼:
package RSA;
import java.io.ByteArrayOutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
/** *//**
* <p>
* RSA公鑰/私鑰/簽名工具包
* </p>
* <p>
* 羅納德·李維斯特(Ron [R]ivest)、阿迪·薩莫爾(Adi [S]hamir)和倫納德·阿德曼(Leonard [A]dleman)
* </p>
* <p>
* 字元串格式的密鑰在未在特殊說明情況下都為BASE64編碼格式<br/>
* 由于非對稱加密速度極其緩慢,一般檔案不使用它來加密而是使用對稱加密,<br/>
* 非對稱加密算法可以用來對對稱加密的密鑰加密,這樣保證密鑰的安全也就保證了資料的安全
* </p>
*
* @author IceWee
* @date 2012-4-26
* @version 1.0
*/
public class RSAUtils {
/** *//**
* 加密算法RSA
*/
public static final String KEY_ALGORITHM = "RSA";
/** *//**
* 簽名算法
*/
public static final String SIGNATURE_ALGORITHM = "MD5withRSA";
/** *//**
* 擷取公鑰的key
*/
private static final String PUBLIC_KEY = "RSAPublicKey";
/** *//**
* 擷取私鑰的key
*/
private static final String PRIVATE_KEY = "RSAPrivateKey";
/** *//**
* RSA最大加密明文大小
*/
private static final int MAX_ENCRYPT_BLOCK = ;
/** *//**
* RSA最大解密密文大小
*/
private static final int MAX_DECRYPT_BLOCK = ;
/** *//**
* <p>
* 生成密鑰對(公鑰和私鑰)
* </p>
*
* @return
* @throws Exception
*/
public static Map<String, Object> genKeyPair() throws Exception {
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);
keyPairGen.initialize();
KeyPair keyPair = keyPairGen.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
Map<String, Object> keyMap = new HashMap<String, Object>();
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/** *//**
* <p>
* 用私鑰對資訊生成數字簽名
* </p>
*
* @param data 已加密資料
* @param privateKey 私鑰(BASE64編碼)
*
* @return
* @throws Exception
*/
public static String sign(byte[] data, String privateKey) throws Exception {
byte[] keyBytes = Base64Utils.decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PrivateKey privateK = keyFactory.generatePrivate(pkcs8KeySpec);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initSign(privateK);
signature.update(data);
return Base64Utils.encode(signature.sign());
}
/** *//**
* <p>
* 校驗數字簽名
* </p>
*
* @param data 已加密資料
* @param publicKey 公鑰(BASE64編碼)
* @param sign 數字簽名
*
* @return
* @throws Exception
*
*/
public static boolean verify(byte[] data, String publicKey, String sign)
throws Exception {
byte[] keyBytes = Base64Utils.decode(publicKey);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PublicKey publicK = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initVerify(publicK);
signature.update(data);
return signature.verify(Base64Utils.decode(sign));
}
/** *//**
* <P>
* 私鑰解密
* </p>
*
* @param encryptedData 已加密資料
* @param privateKey 私鑰(BASE64編碼)
* @return
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] encryptedData, String privateKey)
throws Exception {
byte[] keyBytes = Base64Utils.decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, privateK);
int inputLen = encryptedData.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = ;
byte[] cache;
int i = ;
// 對資料分段解密
while (inputLen - offSet > ) {
if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
} else {
cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
}
out.write(cache, , cache.length);
i++;
offSet = i * MAX_DECRYPT_BLOCK;
}
byte[] decryptedData = out.toByteArray();
out.close();
return decryptedData;
}
/** *//**
* <p>
* 公鑰解密
* </p>
*
* @param encryptedData 已加密資料
* @param publicKey 公鑰(BASE64編碼)
* @return
* @throws Exception
*/
public static byte[] decryptByPublicKey(byte[] encryptedData, String publicKey)
throws Exception {
byte[] keyBytes = Base64Utils.decode(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key publicK = keyFactory.generatePublic(x509KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, publicK);
int inputLen = encryptedData.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = ;
byte[] cache;
int i = ;
// 對資料分段解密
while (inputLen - offSet > ) {
if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
} else {
cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
}
out.write(cache, , cache.length);
i++;
offSet = i * MAX_DECRYPT_BLOCK;
}
byte[] decryptedData = out.toByteArray();
out.close();
return decryptedData;
}
/** *//**
* <p>
* 公鑰加密
* </p>
*
* @param data 源資料
* @param publicKey 公鑰(BASE64編碼)
* @return
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data, String publicKey)
throws Exception {
byte[] keyBytes = Base64Utils.decode(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key publicK = keyFactory.generatePublic(x509KeySpec);
// 對資料加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicK);
int inputLen = data.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = ;
byte[] cache;
int i = ;
// 對資料分段加密
while (inputLen - offSet > ) {
if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
} else {
cache = cipher.doFinal(data, offSet, inputLen - offSet);
}
out.write(cache, , cache.length);
i++;
offSet = i * MAX_ENCRYPT_BLOCK;
}
byte[] encryptedData = out.toByteArray();
out.close();
return encryptedData;
}
/** *//**
* <p>
* 私鑰加密
* </p>
*
* @param data 源資料
* @param privateKey 私鑰(BASE64編碼)
* @return
* @throws Exception
*/
public static byte[] encryptByPrivateKey(byte[] data, String privateKey)
throws Exception {
byte[] keyBytes = Base64Utils.decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privateK);
int inputLen = data.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = ;
byte[] cache;
int i = ;
// 對資料分段加密
while (inputLen - offSet > ) {
if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
} else {
cache = cipher.doFinal(data, offSet, inputLen - offSet);
}
out.write(cache, , cache.length);
i++;
offSet = i * MAX_ENCRYPT_BLOCK;
}
byte[] encryptedData = out.toByteArray();
out.close();
return encryptedData;
}
/** *//**
* <p>
* 擷取私鑰
* </p>
*
* @param keyMap 密鑰對
* @return
* @throws Exception
*/
public static String getPrivateKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return Base64Utils.encode(key.getEncoded());
}
/** *//**
* <p>
* 擷取公鑰
* </p>
*
* @param keyMap 密鑰對 xs
* @return
* @throws Exception
*/
public static String getPublicKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return Base64Utils.encode(key.getEncoded());
}
}
Base64Utils.java
檔案代碼:
package RSA;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import it.sauronsoftware.base64.Base64;
public class Base64Utils {
/** *//**
* 檔案讀取緩沖區大小
*/
private static final int CACHE_SIZE = ;
/** *//**
* <p>
* BASE64字元串解碼為二進制資料
* </p>
*
* @param base64
* @return
* @throws Exception
*/
public static byte[] decode(String base64) throws Exception {
return Base64.decode(base64.getBytes());
}
/** *//**
* <p>
* 二進制資料編碼為BASE64字元串
* </p>
*
* @param bytes
* @return
* @throws Exception
*/
public static String encode(byte[] bytes) throws Exception {
return new String(Base64.encode(bytes));
}
/** *//**
* <p>
* 将檔案編碼為BASE64字元串
* </p>
* <p>
* 大檔案慎用,可能會導緻記憶體溢出
* </p>
*
* @param filePath 檔案絕對路徑
* @return
* @throws Exception
*/
public static String encodeFile(String filePath) throws Exception {
byte[] bytes = fileToByte(filePath);
return encode(bytes);
}
/** *//**
* <p>
* BASE64字元串轉回檔案
* </p>
*
* @param filePath 檔案絕對路徑
* @param base64 編碼字元串
* @throws Exception
*/
public static void decodeToFile(String filePath, String base64) throws Exception {
byte[] bytes = decode(base64);
byteArrayToFile(bytes, filePath);
}
/** *//**
* <p>
* 檔案轉換為二進制數組
* </p>
*
* @param filePath 檔案路徑
* @return
* @throws Exception
*/
public static byte[] fileToByte(String filePath) throws Exception {
byte[] data = new byte[];
File file = new File(filePath);
if (file.exists()) {
FileInputStream in = new FileInputStream(file);
ByteArrayOutputStream out = new ByteArrayOutputStream();
byte[] cache = new byte[CACHE_SIZE];
int nRead = ;
while ((nRead = in.read(cache)) != -) {
out.write(cache, , nRead);
out.flush();
}
out.close();
in.close();
data = out.toByteArray();
}
return data;
}
/** *//**
* <p>
* 二進制資料寫檔案
* </p>
*
* @param bytes 二進制資料
* @param filePath 檔案生成目錄
*/
public static void byteArrayToFile(byte[] bytes, String filePath) throws Exception {
InputStream in = new ByteArrayInputStream(bytes);
File destFile = new File(filePath);
if (!destFile.getParentFile().exists()) {
destFile.getParentFile().mkdirs();
}
destFile.createNewFile();
OutputStream out = new FileOutputStream(destFile);
byte[] cache = new byte[CACHE_SIZE];
int nRead = ;
while ((nRead = in.read(cache)) != -) {
out.write(cache, , nRead);
out.flush();
}
out.close();
in.close();
}
}
Test.java
檔案中
package RSA;
import java.util.Map;
public class Test {
static String publicKey;
static String privateKey;
static {
try {
Map<String, Object> keyMap = RSAUtils.genKeyPair();
publicKey = RSAUtils.getPublicKey(keyMap);
privateKey = RSAUtils.getPrivateKey(keyMap);
System.err.println("公鑰: \n\r" + publicKey);
System.err.println("私鑰: \n\r" + privateKey);
} catch (Exception e) {
e.printStackTrace();
}
}
public static void main(String[] args) throws Exception {
test();
}
//加密資料
static void test() throws Exception {
String source = "Java端RSA";
System.out.println("\r加密前文字:\r\n" + source);
byte[] data = source.getBytes();
byte[] encodedData = RSAUtils.encryptByPrivateKey(data,privateKey);
System.out.println("加密後文字:\r\n" + new String(encodedData));
byte[] decodedData = RSAUtils.decryptByPublicKey(encodedData, publicKey);
String target = new String(decodedData);
System.out.println("解密後文字: \r\n" + target);
}
//驗證簽名
static void testSign() throws Exception {
System.err.println("私鑰加密——公鑰解密");
String source = "這是一行測試RSA數字簽名的無意義文字";
System.out.println("原文字:\r\n" + source);
byte[] data = source.getBytes();
byte[] encodedData = RSAUtils.encryptByPrivateKey(data, privateKey);
System.out.println("加密後:\r\n" + new String(encodedData));
byte[] decodedData = RSAUtils.decryptByPublicKey(encodedData, publicKey);
String target = new String(decodedData);
System.out.println("解密後: \r\n" + target);
System.err.println("私鑰簽名——公鑰驗證簽名");
String sign = RSAUtils.sign(encodedData, privateKey);
System.err.println("簽名:\r" + sign);
boolean status = RSAUtils.verify(encodedData, publicKey, sign);
System.err.println("驗證結果:\r" + status);
}
}
列印結果:
10
在此,我們可以擷取java端生成的私鑰和公鑰
javaPrivateKey
:
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAICJzSMJQJWRMP/eAQpHpeFvoZ6TlEpDwzOu7U7COK0QFOfbSqw8+jVckcUXsbIeluay5kQBogrlzcBcEOUabMczFQRsb9Lo9fa1TObDPOb+Vexg2ndk6BjGO85npXTQlRx1PQzJ2JoFWjdwFxUX9bgkeZLgkYyPpQroHK4SIe5HAgMBAAECgYAYl8T67htAQp5IZjZ2vAyd3Fjk2UGnD936Nn7K8dgcLJaDYe6gk64fpY1yUz05YibnDtWFr3ZMdXlvU24cF3k2PoIyu/CK+/HxToAI1kx0yk52QdiBfiG9vPIqZmCCDWYm0kLE1ayEt2JMDbMWqlMfA7LWzlFEPsO63Jc4hH0BOQJBAPul4inORuoDgtBPxPGUcCICJJZ0xw+kFxgZjSnV0qcP3nQDdzqLiPPJ9Z8jJziIUEqXaxI0qOG7OFlMW8os5qUCQQCCwuBk/Gve/z+j386yiaJFQwxH8SAO97FuHDmYPJtdjrX7o6Uboq9GydzrPwNNK1odV4S858pXksZnU7K2lRl7AkEA6cv8i4qyJ8iLSK5T835Nj8sd4wsrxkRVkHZsyGl4BO6hZnex1hq9aoJASVGHpuY+co6rU4bJQK+Icq6WuQduYQJAaVcM5s3jKNaAMkhOf84ZB6sn7Zz2spggPBBI5beNgiVBveLrVAQPJ/vfGTS+OCDAi/rBWF1yyHHZm8v1oNkkmQJBAPJ5eXbeQngp3s4fi4wc+RuaXVpnwv1HHsUc3JlxfIRcuLthNKZJdLbQO8tjCfnEjztweJP6HjaO6VxZ50o/EDw=
javaPublicKey
:
上面的隻是生成公鑰和私鑰并且是在目前環境測試,也就是iOS測試自己的,Java測試自己的,我上面也已經說了,
iOS
端與背景如何進行雙向加密的,下面具體測試。
雙向加密
-
iOS
Java
iOS
javaPublicKey
11
java
端利用
javaPrivate
解密
12
列印結果:
13
-
Java
iOS
Java
iOSPublicKey
14
15
iOS
端利用
iOSPrivateKey
解密
16
列印結果:
17
最後
至此,單向加密與雙向加密,尤其是與背景之間的加密已經講完了,因為之前看過一些文章有的很模糊,雙向加密的講解很少,并且一些文章的編輯格式真的是難看,根本就沒辦法看下去,是以花了一點時間講講我對這方面的了解,知識其實很淺,并不高深。
注意點:
1、關于
iOS
端儲存的私鑰和公鑰最好是生成檔案儲存,并且設定密碼,這樣為了更安全,這個網上都有,可以找找。
2、在
RSA
原理上公鑰和私鑰是可以互相加密互相解密的。公鑰加密,私鑰解密一般是用于加密資料的,私鑰加密公鑰解密是用于驗證身份的,也就是驗證簽名。但在iOS端隻能用公鑰加密私鑰解密(不和背景互動,隻是在iOS平台),隻能用私鑰加密公鑰驗簽,請參考文章。如果是和背景進行加密,無論背景是用公鑰加密還是私鑰加密,iOS端都是可以解的。這個大家可以試試,在RSA檔案中,其實他在
RSA.h
中已經說明了
// enc with private key NOT working YET!
+ (NSString *)encryptString:(NSString *)str privateKey:(NSString *)privKey;
用私鑰加密的方法并未實作,具體
iOS
為何不能用私鑰加密公鑰解密還在搜尋資料中,如果有知道的童鞋請告知,不勝感謝。
8月4日解答:關于非對稱加密是沒有說用私鑰加密公鑰解密的,私鑰隻能用來解密和生成簽名,公鑰隻能用來加密和驗簽,特此聲明!