1

我有一个字符串。我想在 swift3 中使用 SecKeyRawSign 和 SecKeyRawVerify。我正在使用 Xcode 8.3.3

   func signString(string: String, privateKey: SecKey) -> NSData? {
    var digest = Data(count: Int(CC_SHA256_DIGEST_LENGTH))
    let stringData: Data = string.data(using: String.Encoding.utf8)!

    _ = digest.withUnsafeMutableBytes { (digestBytes) in
        stringData.withUnsafeBytes { (stringBytes) in
            CC_SHA256(stringBytes, CC_LONG(stringData.count), digestBytes)
        }
    }

    let signedData: NSMutableData = NSMutableData(length: SecKeyGetBlockSize(privateKey))!
    var signedDataLength: Int = signedData.length

    let err: OSStatus = SecKeyRawSign(
        privateKey,
        SecPadding.PKCS1SHA256,
        [UInt8](digest),
        digest.count,
        signedData.mutableBytes.assumingMemoryBound(to: UInt8.self),
        &signedDataLength
    )
    switch err {
    case noErr:
        return signedData
    default:
        return nil
    }    
}

编辑:我将返回的数据从 signString 方法传递给 verifyString 方法。我无法获得我之前签署的字符串。

func verifyString(signeddata: NSData,  publicKey: SecKey) -> String {

        var digest = Data(count: Int(CC_SHA256_DIGEST_LENGTH))
        let rawSignedData: Data =  signeddata as Data
        _ = digest.withUnsafeMutableBytes { (digestBytes) in
            rawSignedData.withUnsafeBytes { (stringBytes) in
                CC_SHA256(stringBytes, CC_LONG(rawSignedData.count), digestBytes)
            }
        }


        let unsignedData: NSMutableData = NSMutableData(length: SecKeyGetBlockSize(publicKey))!
        let unsignedDataLength: Int = unsignedData.length

        let err: OSStatus = SecKeyRawVerify(
            publicKey,
            SecPadding.PKCS1SHA256,
            [UInt8](digest),
            digest.count,
            unsignedData.mutableBytes.assumingMemoryBound(to: UInt8.self),
            unsignedDataLength
        )
        switch err {
        case noErr:
             let backToString2 = String(data: unsignedData as Data, encoding: String.Encoding.utf8) as String!
            return backToString2!
        default:
            return ""
        }


    }

但我可以验证,如果我在下面的方法中传递相同的字符串。

func verifyString(string: String, signature: NSData, publicKey: SecKey) -> Bool {
    var digest = Data(count: Int(CC_SHA256_DIGEST_LENGTH))
    let stringData: Data = string.data(using: String.Encoding.utf8)!

    _ = digest.withUnsafeMutableBytes { (digestBytes) in
        stringData.withUnsafeBytes { (stringBytes) in
            CC_SHA256(stringBytes, CC_LONG(stringData.count), digestBytes)
        }
    }


    let mutdata = NSMutableData(data: signature as Data)

    let err: OSStatus = SecKeyRawVerify(
        publicKey,
        SecPadding.PKCS1SHA256,
        [UInt8](digest),
        digest.count,
        mutdata.mutableBytes.assumingMemoryBound(to: UInt8.self),
        signature.length
    )
    switch err {
    case noErr:
        return true
    default:
        return false
    }



}
4

1 回答 1

3

请检查 :

func signString(string: String, privateKey: SecKey) -> NSData? {
    var digest = Data(count: Int(CC_SHA256_DIGEST_LENGTH))
    let stringData: Data = string.data(using: String.Encoding.utf8)!

    _ = digest.withUnsafeMutableBytes { (digestBytes) in
            stringData.withUnsafeBytes { (stringBytes) in
                CC_SHA256(stringBytes, CC_LONG(stringData.count), digestBytes)
            }
        }

    let signedData: NSMutableData = NSMutableData(length: SecKeyGetBlockSize(privateKey))!
    var signedDataLength: Int = signedData.length

    let err: OSStatus = SecKeyRawSign(
        privateKey,
        SecPadding.PKCS1SHA256,
        [UInt8](digest),
        digest.count,
        signedData.mutableBytes.assumingMemoryBound(to: UInt8.self),
        &signedDataLength
    )
    switch err {
        case noErr:
            return signedData
        default:
            return nil
    }    
}
于 2017-09-22T08:14:41.123 回答