2
我使用SecKeychainItemExport獲取公鑰和私鑰的原始數據。代碼:SecKeychainItemExport獲取私鑰數據,但轉換爲OpenSSL EVP_PKEY錯誤
CFDataRef key_data = NULL;
ret = SecKeychainItemExport(key_ref, kSecFormatBSAFE, 0, NULL, &key_data);
和公共密鑰轉換是確定:
d2i_RSA_PUBKEY_bio(public_key_bio, &rsa1_ptr);
EVP_PKEY_set1_RSA(evp_public_key_ptr, rsa1_ptr);
但私鑰的轉換是失敗的:
d2i_RSA_PrivateKey_bio(private_key_bio, &rsa2_ptr);
的ERR_print_errors_fp(標準輸出)傾錯誤:
16586:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1315:
16586:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested asn1 error:tasn_dec.c:827:
16586:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:747:Field=n, Type=RSA
16586:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:99:
我使用ope NSSL asn1parse,是打印出來的文件privatekey.der的信息:
OpenSSL> asn1parse -inform DER -in privatekey.der
0:d=0 hl=4 l= 630 cons: SEQUENCE
4:d=1 hl=2 l= 1 prim: INTEGER :00
7:d=1 hl=2 l= 13 cons: SEQUENCE
9:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
20:d=2 hl=2 l= 0 prim: NULL
22:d=1 hl=4 l= 608 prim: OCTET STRING [HEX DUMP]:3082025C02010002818100A75F05604B1E303CC8174081D8BF2BD96826E1224327464EE274E07568F8D226A5FE03DBBE6830BB1FB7B48F0DAFF3B9E4A9DDD14783CCA11310B0FBE5CFC5A71C5DD9725A5340EA0A8347346B3B2D5E5041EA69E18179242A26F2238F2922DE3C0D7627710C923F954448D6E886A077CC0BE653387ADDA6D28E1EA4C6336C6902030100010281804681A8EA1FBADFE73B0350916295660B77ECA8FA9DFF7586D5AF16BF5F3132964566F48925750ED245524625DD463A0E1D5DD1ABCFCC9DEF5CF0B31DEA79D4711AF6A2466DD3594F214C7B7075580728F027040C0840B464FD2141F907D4837C23AFBDE9408AA53F6949B0F8FC98477FB224136D8917915297D3C348BC63AD61024100D41418FA9B2B8851D70ED3FCBFC6DAE08EBE78E7E89109D65D72BA7CDF61557BE1409E39C2999890878EB7CAA88D22E140FE442761D7E31AB0A9561F8366E3D3024100CA08A56B35883D353805484B780ACB65E039980DC3B50BEC16ADD89A8111A7FD9FC0BCB1D4D6C511F370559A8D68808E383B5A0D4ED65D304900A58A15F3D553024100CA891701DE46C8BD3FE10D5A87DBE51427BE87C1123DD163438359CDFF96F90881AA3071810326CC80692FE4FEEB2AB06C5D67C1249404736CDB8B40354181B902402F6FF04747FE8140A9B2B3D2E490C4495B68AA8730D8A5BFFD633C64AAC1968C3AA26AABE6A9B7040C00E858ADB347DC1CDFF2B90535D813AA50788DFFB18CF9024051651FEA85A8DC1BCE7B4774A38989ACAF118E26CD25CC7098A887E982DF112439B4A896EDF948E2E886BF7642198F87D792D2D3692B2005EE72D4BB0CB73786
和OpenSSL的生成的密鑰解析的信息是:
OpenSSL> asn1parse -inform DER -in openssl.privatekey.der
0:d=0 hl=4 l= 604 cons: SEQUENCE
4:d=1 hl=2 l= 1 prim: INTEGER :00
7:d=1 hl=3 l= 129 prim: INTEGER :BFEC6EF278EAA85FFAB7641348A3BB2B448D88DAA83D91375F95C5C3DFAFDCA13C771A4C86A5A56718FCB1A3F5EDF28CCD0193809C43F5D95E7F944E95A50BF1F31FD01E969C82E21ED20BD4DD9AA683A3E09F7AF2E6C501BD7A448AA21E0245C9E02F925AEF073D39481AAAD1440DD024ED6ADC57303AC3BD26003C51747E23
139:d=1 hl=2 l= 1 prim: INTEGER :03
142:d=1 hl=3 l= 128 prim: INTEGER :7FF2F4A1A5F1C59551CF980CDB17D21CD85E5B3C70290B7A3FB92E82951FE86B7DA4BC33046E6E44BB532117F9494C5DDE010D00682D4E90E9AA62DF0E6E07F579E5B2F78EEC1B6A8EB6EECD498131976261571707CDEDE4AAAB69B98356F4F39A274A3D0ED6B8DB374296D7895E6B144AB63AA6A467A13787A2F24F08D866DB
273:d=1 hl=2 l= 65 prim: INTEGER :ECBF357666549510226D953FAFBE0E8CCDC88D0C73644FA8C9D8B7F0DCB9FD092BD7EFD707839BFC497935874882154F7890310474F71A938C316FB4EF2A84DD
340:d=1 hl=2 l= 65 prim: INTEGER :CF880E34D9E5C4B2265210613F9ACD93C2860FCBF3CD9081F3A06E03806195CF36CD505FBD2955F81CEB02E03AB457E23C4BE1DDEB9DAE5CE5802510D5055EFF
407:d=1 hl=2 l= 65 prim: INTEGER :9DD4CE4EEEE30E0AC19E637FCA7EB45DDE85B35DA242DFC5DBE5CFF5E87BFE061D3A9FE4AFAD12A830FB7904DB01638A506020ADA34F670D0820F5234A1C5893
474:d=1 hl=2 l= 65 prim: INTEGER :8A5AB4233BEE83216EE16040D511DE6281AEB532A2890B014D159EAD00410E8A2488E03FD370E3FABDF201EAD1CD8FEC28329693F2691EE8990018B5E358E9FF
541:d=1 hl=2 l= 65 prim: INTEGER :EA03B3BC171D1642CA7AA4D34226CE23CE079410341393FFFEF550B31E3D9D686BDA99ABC72478FBA0D3D36C91EA3E970B9DA95A1F91519F197F71A06208549A
我改變SecKeychainItemExport的參數(格式),但有沒有效果。 是SecKeychainItemExport的用法嗎? 如何將私鑰轉換爲EVP_PKEY?