当将 iOS 应用程序连接到 Java 后端时,我们遇到了完全相同的问题。还有加密导出导入管理器提到的pedrofb也帮助了我们,这太棒了。然而,代码中的CryptoExportImportManager
类有点复杂,可能难以维护。这是因为在向 DER 编码添加新组件时使用自上而下的方法。因此,必须提前计算长度字段包含的数字(即在定义长度适用的内容之前)。因此,我创建了一个新类,我们现在用它来转换 RSA 公钥的 DER 编码:
class RSAKeyEncoding: NSObject {
// ASN.1 identifiers
private let bitStringIdentifier: UInt8 = 0x03
private let sequenceIdentifier: UInt8 = 0x30
// ASN.1 AlgorithmIdentfier for RSA encryption: OID 1 2 840 113549 1 1 1 and NULL
private let algorithmIdentifierForRSAEncryption: [UInt8] = [0x30, 0x0d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00]
/// Converts the DER encoding of an RSA public key that is either fetched from the
/// keychain (e.g. by using `SecItemCopyMatching(_:_:)`) or retrieved in another way
/// (e.g. by using `SecKeyCopyExternalRepresentation(_:_:)`), to a format typically
/// used by tools and programming languages outside the Apple ecosystem (such as
/// OpenSSL, Java, PHP and Perl). The DER encoding of an RSA public key created by
/// iOS is represented with the ASN.1 RSAPublicKey type as defined by PKCS #1.
/// However, many systems outside the Apple ecosystem expect the DER encoding of a
/// key to be represented with the ASN.1 SubjectPublicKeyInfo type as defined by
/// X.509. The two types are related in a way that if the SubjectPublicKeyInfo’s
/// algorithm field contains the rsaEncryption object identifier as defined by
/// PKCS #1, the subjectPublicKey field shall contain the DER encoding of an
/// RSAPublicKey type.
///
/// - Parameter rsaPublicKeyData: A data object containing the DER encoding of an
/// RSA public key, which is represented with the ASN.1 RSAPublicKey type.
/// - Returns: A data object containing the DER encoding of an RSA public key, which
/// is represented with the ASN.1 SubjectPublicKeyInfo type.
func convertToX509EncodedKey(_ rsaPublicKeyData: Data) -> Data {
var derEncodedKeyBytes = [UInt8](rsaPublicKeyData)
// Insert ASN.1 BIT STRING bytes at the beginning of the array
derEncodedKeyBytes.insert(0x00, at: 0)
derEncodedKeyBytes.insert(contentsOf: lengthField(of: derEncodedKeyBytes), at: 0)
derEncodedKeyBytes.insert(bitStringIdentifier, at: 0)
// Insert ASN.1 AlgorithmIdentifier bytes at the beginning of the array
derEncodedKeyBytes.insert(contentsOf: algorithmIdentifierForRSAEncryption, at: 0)
// Insert ASN.1 SEQUENCE bytes at the beginning of the array
derEncodedKeyBytes.insert(contentsOf: lengthField(of: derEncodedKeyBytes), at: 0)
derEncodedKeyBytes.insert(sequenceIdentifier, at: 0)
return Data(derEncodedKeyBytes)
}
private func lengthField(of valueField: [UInt8]) -> [UInt8] {
var length = valueField.count
if length < 128 {
return [ UInt8(length) ]
}
// Number of bytes needed to encode the length
let lengthBytesCount = Int((log2(Double(length)) / 8) + 1)
// First byte encodes the number of remaining bytes in this field
let firstLengthFieldByte = UInt8(128 + lengthBytesCount)
var lengthField: [UInt8] = []
for _ in 0..<lengthBytesCount {
// Take the last 8 bits of length
let lengthByte = UInt8(length & 0xff)
// Insert them at the beginning of the array
lengthField.insert(lengthByte, at: 0)
// Delete the last 8 bits of length
length = length >> 8
}
// Insert firstLengthFieldByte at the beginning of the array
lengthField.insert(firstLengthFieldByte, at: 0)
return lengthField
}
}
Usage
您可以在函数中使用此类asBase64()
像这样:
extension SecKey {
func asBase64() throws -> String {
var dataPtr: CFTypeRef?
let query: [String:Any] = [
kSecClass as String: kSecClassKey,
kSecAttrApplicationTag as String: "...", // Same unique tag here
kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
kSecReturnData as String: kCFBooleanTrue
]
let result = SecItemCopyMatching(query as CFDictionary, &dataPtr)
switch (result, dataPtr) {
case (errSecSuccess, .some(let data)):
// convert to X509 encoded key
let convertedData = RSAKeyEncoding().convertToX509EncodedKey(data)
// convert to Base64 string
let base64PublicKey = convertedData.base64EncodedString(options: [])
return base64PublicKey
default:
throw CryptoError.keyConversionError
}
}
}
更新 - 其他问题
使用上面的类一段时间后,我们偶然发现了另一个问题。有时,从钥匙串中获取的公钥似乎无效,因为由于某种原因它的大小增大了。此行为与问题中描述的结果相匹配(尽管在我们的示例中,Base64 编码密钥的大小已增长到 392 个字符,而不是 360 个字符)。不幸的是,我们没有找到这种奇怪行为的确切原因,但我们找到了两种解决方案。第一个解决方案是指定kSecAttrKeySizeInBits
随着kSecAttrEffectiveKeySize
定义查询时,如下面的代码片段所示:
let keySize = ... // Key size specified when storing the key, for example: 2048
let query: [String: Any] = [
kSecAttrKeySizeInBits as String: keySize,
kSecAttrEffectiveKeySize as String: keySize,
... // More attributes
]
var dataPtr: CFTypeRef?
let result = SecItemCopyMatching(query as CFDictionary, &dataPtr)
第二种解决方案是始终从钥匙串(如果有)中删除旧密钥,然后再添加具有相同标签的新密钥。
更新 - 替代解决方案
我发表了这个项目在 GitHub 上,它可以用作上述类的替代品。
参考
ASN.1、BER 和 DER 子集的外行指南
RFC 5280(X.509 v3)
RFC 8017(PKCS #1 v2.2)
我找到的一些代码here在创作时给了我灵感lengthField(...)
功能。