2

我正在使用 RNCryptor 成功加密/解密 iOS 中的数据。

我正在尝试将公钥发送到服务器,以便它可以加密一些数据。

NSString *saltString = @"salt'n'peppa";
NSData *salt = [saltString dataUsingEncoding:NSUTF8StringEncoding];
NSData *key = [RNCryptor keyForPassword:password
                                   salt:salt
                               settings:kRNCryptorAES256Settings.keySettings];

此时,key里面有一些数据。但是,我似乎无法弄清楚如何将公钥作为字符串获取:

NSString *publicKey = [[NSString alloc] initWithData:key encoding:NSUTF8StringEncoding];

我尝试了不同的编码,但似乎没有任何效果。

这是来自 RNCryptor 的 keyForPassword 方法:

+ (NSData *)keyForPassword:(NSString *)password salt:(NSData *)salt settings:(RNCryptorKeyDerivationSettings)keySettings
{
  NSMutableData *derivedKey = [NSMutableData dataWithLength:keySettings.keySize];

  // See Issue #77. V2 incorrectly calculated key for multi-byte characters.
  NSData *passwordData;
  if (keySettings.hasV2Password) {
    passwordData = [NSData dataWithBytes:[password UTF8String] length:[password length]];
  }
  else {
    passwordData = [password dataUsingEncoding:NSUTF8StringEncoding];
  }

  // Use the built-in PBKDF2 if it's available. Otherwise, we have our own. Hello crazy function pointer.
  int result;
  int (*PBKDF)(CCPBKDFAlgorithm algorithm, const char *password, size_t passwordLen,
               const uint8_t *salt, size_t saltLen,
               CCPseudoRandomAlgorithm prf, uint rounds,
               uint8_t *derivedKey, size_t derivedKeyLen);

  PBKDF = CCKeyDerivationPBKDF ?: RN_CCKeyDerivationPBKDF;

  result = PBKDF(keySettings.PBKDFAlgorithm,         // algorithm
                 passwordData.bytes,                 // password
                 passwordData.length,                // passwordLength
                 salt.bytes,                         // salt
                 salt.length,                        // saltLen
                 keySettings.PRF,                    // PRF
                 keySettings.rounds,                 // rounds
                 derivedKey.mutableBytes,            // derivedKey
                 derivedKey.length);                 // derivedKeyLen

  // Do not log password here
  NSAssert(result == kCCSuccess, @"Unable to create AES key for password: %d", result);

  return derivedKey;
}

我觉得我在做一些严重错误的事情,因为谷歌搜索的结果很少。

4

1 回答 1

4

键不是字符串,而是数据。只是一个随机(某种)系列的字节。将其转换为字符串以发送到服务器的唯一真正方法是对字节进行编码。一种常见的方法是使用 base 64 编码。然后服务器可以将 base 64 编码的字符串转换回密钥的原始字节。

于 2014-10-02T02:54:25.400 回答