Pre: I was in charge of a project in the company and needed to use the function of iOSRSA to verify the signature. What the backend gives me is just a string of public keys. After struggling for a while at first, it turns out that it is far from simple. iOS RSA requires a certificate, and the background of java can only give me a public key string. I have searched countless web pages and still can't find a code that can be used. Finally, referring to the signature mechanism of Alipay's SDK, I understand that you can first write the public key string to a file and then read the file to get the RSA structure pointer in openssl. Now I have carefully sorted out the implementation of iOS RSA encryption, decryption, signature and verification signature using openssll. Code address https://github.com/HustBroventure/iOSRSAHandler
1. Generate RSA key
Generate RSA private key
openssl genrsa -out rsa_private_key.pem 1024
Generate RSA public key
openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
pem files can be opened directly with a text editor
Convert RSA private key to PKCS8 format
openssl pkcs8 -topk8 -inform PEM -in private_rsa.pem -outform PEM -nocrypt -out private_key.pem (be sure to add -out private_key.pem to save the converted private key in private_key.pem , otherwise the result should be set The password is displayed in the terminal, which is different from getting the private key in pem .)
2. Import OpenSSL , import HBRSAHandler folder
Tips: After dragging in: librarySearchpath: will be set automatically, then copy the path to headSearchpath, and add /include after it.
3 Use:
There are two ways to import the key and then call the corresponding method.
NSString* private_key_string = @"MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBALgv/syFH337KzC29KvR0p6cP+glRqjDYAQno5ifafXZjgf1EhBjZblKv+HiLAzNBOlYU1PnLuOOkZj6pg1A5HUZLpsbYa5Mwr1bUHALjXLaB3THCpZX51/b5L14erGo52Jv/j/63YljEtMm8ALmkY8S+3fPxFeY7ya+2VXMEtplAgMBAAECgYAguvauZWGpQ37zUy+7cLfa061PlYAu8TkYw+qAbqOnupdQtq4VF3S2LqBWhZiKVcxvovB70nM0oNsisjfb1xJBpyfDBFug7d+y2f8yr6aTOezoY5DBYEF3Svg9Kp9ra+vvAYX/7fh+tHCU0HOvp0z8ikZiRSWZaQ+3A2GiCIJrwQJBAPKVji89hGAMEWLJJFZaPiLBqZUwR2W/rp7Ely5ddKfjcosHhggHfOb71BnrMOm0h4S85Gx6a87n9R2To0c51q0CQQDCX6yYdt/9JGORyNSXfzMfSZyVOrMpIo77R0YwKa3UOwwLA56l2Lc4AYO10/lyAyZCKse2/5D9ZZUB7xoYEmGZAkB8MEJVPuoY/bSc3RqENrjetERsAwZaObJcx4oaC3AgTxmhwV1FmQfBfKTODBDDZE+Ijedm/ZlZmHhtBtstKJgVAkBKma/DgHRtUscIT90QHBjB3F3FhJb4pbPcyzksCQMXXmY73/LG0ktXqnUjlyy4zm6jnIm0OZgrOQ6chGkubfeZAkBMCGF2tPfEJh8XODOvlw5ADnUiq+Qe/abcpKowkiT9zP+rYT9XJAx7QxChjdwTZb6ahnJY1+ny1emEHUOs2fm8";
NSString* public_key_string = @"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4L/7MhR99+yswtvSr0dKenD/oJUaow2AEJ6OYn2n12Y4H9RIQY2W5Sr/h4iwMzQTpWFNT5y7jjpGY+qYNQOR1GS6bG2GuTMK9W1BwC41y2gd0xwqWV+df2+S9eHqxqOdib/4/+t2JYxLTJvAC5pGPEvt3z8RXmO8mvtlVzBLaZQIDAQAB";
NSString *publicKeyFilePath = [[NSBundle mainBundle] pathForResource:@"rsa_public_key.pem" ofType:nil];
NSString *privateKeyFilePath = [[NSBundle mainBundle] pathForResource:@"rsa_private_key.pem" ofType:nil];
HBRSAHandler* handler = [HBRSAHandler new];
//两种方式导入
// [handler importKeyWithType:KeyTypePublic andPath:publicKeyFilePath];
//[handler importKeyWithType:KeyTypePrivate andPath:privateKeyFilePath];
[handler importKeyWithType:KeyTypePrivate andkeyString:private_key_string];
[handler importKeyWithType:KeyTypePublic andkeyString:public_key_string];
NSString* sig = [handler signString:@"签名字符串"];
NSString* sigMd5 = [handler signMD5String:@"签名字符串"];
NSLog(@"%@ %@",sig,sigMd5);
BOOL isMatch = [handler verifyString:@"签名字符串" withSign:sig];
BOOL isMatchMd5 = [handler verifyMD5String:@"签名字符串
NSLog(@"%d %d",isMatch,isMatchMd5);
NSString* enString = [handler encryptWithPublicKey:@"加密字符串"];
NSString* deString = [handler decryptWithPrivatecKey:enString];
NSLog(@"%@",deString);
4 Result verification (Note: public key encryption, the result of each encryption will be different, but the result of private key signature is the same every time)
