我從openSSL創建CSR,但由於OpenSSL沒有將密鑰存儲在安全區域,因此我選擇客觀C在安全區域創建密鑰對(私鑰和公鑰)併發送給OpenSSL for X509證書。我在NSData中成功獲取公鑰,然後轉換const unsigned char * bitsOfKeyDataPublicKey = (unsigned char *) [publicKey bytes];,然後創建公鑰EC_KEY*_ec_keyPublic = d2i_EC_PUBKEY(NULL,&bitsOfKeyDataPublicKey, publicKeyLegnth);。但對於私鑰,我們從目標c得到SecKeyRef,因此創建EC_Key我們如何轉換私鑰或以任何方式轉換或使用私鑰? 尋找答覆。 感謝在iOS中將SecKeyRef轉換爲EC_KEY
您可以更改私鑰從SecKeyRef到NSData
例子:
- (NSData *)getPrivateKeyBits {
OSStatus sanityCheck = noErr;
NSData * privateKeyBits = nil;
NSMutableDictionary * queryPrivateKey = [[NSMutableDictionary alloc] init];
// Set the public key query dictionary.
[queryPrivateKey setObject:(id)kSecClassKey forKey:(id)kSecClass];
[queryPrivateKey setObject:_privateTag forKey:(id)kSecAttrApplicationTag];
[queryPrivateKey setObject:(id)kSecAttrKeyTypeEC forKey:(id)kSecAttrKeyType];
[queryPrivateKey setObject:[NSNumber numberWithBool:YES] forKey:(id)kSecReturnData];
// Get the key bits.
sanityCheck = SecItemCopyMatching((__bridge CFDictionaryRef)queryPrivateKey, (void *)&privateKeyBits);
if (sanityCheck != noErr) {
privateKeyBits = nil;
}
else if (sanityCheck == errSecItemNotFound) {
privateKeyBits = nil;
}
return privateKeyBits;
}
不要忘了使用用於生成_privateTag私鑰
現在你可以使用:
const unsigned char *bitsOfKeyDataPrivateKey = (unsigned char *) [[self getPrivateKeyBits] bytes];
EC_KEY *_ec_keyPrivate = d2i_EC_PUBKEY(NULL,&bitsOfKeyDataPrivateKey, privateKeyLegnth);
必須在「privateKeyLegnth」中給出什麼? –