我使用 SecKeyCreateWithData 创建公钥。剥离标题后从 Pem 创建密钥。
我尝试使用验证签名
- SecKeyRawVerify 返回 -9809 错误 (iOS)
- SecKeyVerifySignature 返回 -67808 “RSA 签名验证失败,不匹配”(iOS)
- SecTransformExecute 返回 false。(操作系统)
我们使用 SHA256 和 Unicode 编码对消息进行签名(C# RSACryptoProvider)。
创建公钥的代码:
NSDictionary* attributes =
@{ (id)kSecAttrKeyType: (id)kSecAttrKeyTypeRSA,
(id)kSecAttrKeySizeInBits: @2048,
(id)kSecPublicKeyAttrs:
@{ (id)kSecAttrIsPermanent: @YES,
(id)kSecAttrApplicationTag: tag1
},
(id)kSecAttrCanEncrypt:@YES,
(id)kSecAttrCanVerify:@YES,
(id)kSecAttrKeyClass: (id)kSecAttrKeyClassPublic
};
CFErrorRef error = NULL;
SecKeyRef keyRef = SecKeyCreateWithData((__bridge CFDataRef)publicKeyData,
(__bridge CFDictionaryRef)attributes,
&error);
验证码 iOS:
size_t signedHashBytesSize = SecKeyGetBlockSize(keyRef);
const void* signedHashBytes = [signature bytes];
NSData *plainData = [dataToSign dataUsingEncoding:NSUTF16StringEncoding];
size_t hashBytesSize = CC_SHA256_DIGEST_LENGTH;
uint8_t* hashBytes = malloc(hashBytesSize);
if (!CC_SHA256([plainData bytes], (CC_LONG)[plainData length], hashBytes)) {
return nil;
}
OSStatus status1 = SecKeyRawVerify(keyRef,
kSecPaddingPKCS1,
hashBytes,
hashBytesSize,
signedHashBytes,
signedHashBytesSize);
验证码 OSx:
verifier = SecVerifyTransformCreate(keyRef, (__bridge CFDataRef)self.digest, &errorCF);
if (errorCF) { CFShow(errorCF);}
SecTransformSetAttribute(verifier,
kSecTransformInputAttributeName,
(__bridge CFTypeRef)plainData,
&errorCF);
if (errorCF) { CFShow(errorCF); exit(-1); }
SecTransformSetAttribute(verifier,
kSecDigestTypeAttribute,
kSecDigestSHA2,
&errorCF);
if (errorCF) { CFShow(errorCF); exit(-1); }
SecTransformSetAttribute(verifier,
kSecDigestLengthAttribute,
(__bridge CFNumberRef)@256,
&errorCF);
if (errorCF) { CFShow(errorCF); exit(-1); }
CFBooleanRef result1 = NULL;
result1 = SecTransformExecute(verifier, &errorCF);
BOOL success = (result1 != NULL);
我被困住了,任何帮助将不胜感激。