我是新手,但我有一个私钥,我使用此命令从 p12 cert 获得它
openssl pkcs12 -in cert.p12 -nodes -out private.key.pem -nocerts
这是结果文件的内容
包袋属性 本地密钥ID: ======= 友好名称: ======= 关键属性: -----开始私钥----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg1e12SFqNnD2aiLtB 2x5+K0R2pZDaBh2Drt09zLuL5imhRANCAASduIdkrmXpf5681JwnJHkcMi5zVPAS YFUig95A2w7flEY1lNtZcy/IRDQidqu/6BqLqe0V8P/CBZDa4hvKGzkE -----结束私钥-----
然后我尝试根据该文件的内容创建一个 secKey,但我总是遇到相同的错误
Unmanaged(_value: Error Domain=NSOSStatusErrorDomain Code=-50 "从数据创建 EC 私钥失败" UserInfo={numberOfErrorsDeep=0, NSDescription=从数据创建 EC 私钥失败})
这是代码
func test() {
let pemContent = """
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg1e12SFqNnD2aiLtB
2x5+K0R2pZDaBh2Drt09zLuL5imhRANCAASduIdkrmXpf5681JwnJHkcMi5zVPAS
YFUig95A2w7flEY1lNtZcy/IRDQidqu/6BqLqe0V8P/CBZDa4hvKGzkE
"""
let pemData = pemContent
.replacingOccurrences(of: "\n", with: "")
.trimmingCharacters(in: .whitespacesAndNewlines)
guard let decodedData = Data(base64Encoded: pemData) else {
fatalError("Failed to decode Base64 data")
}
var attribute = [
kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
kSecAttrKeyClass: kSecAttrKeyClassPrivate,
kSecAttrKeySizeInBits: 256
] as CFDictionary
// Create the key
var error: Unmanaged<CFError>?
guard let secKey = SecKeyCreateWithData(decodedData as CFData,
[
kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
kSecAttrKeyClass: kSecAttrKeyClassPrivate,
kSecAttrKeySizeInBits: 256
] as CFDictionary,
&error) else {
if let createKeyError = error {
print("Error creating key: \(createKeyError.takeRetainedValue() as Error)")
}
fatalError("Failed to create key")
}
// Successfully created SecKey
print("SecKey created: \(secKey)")
}
注意:当我在 Android 平台上尝试时,相同的密钥工作正常,但在 iOS 中则不行
我能够找到一种方法来做到这一点,我将在这个问题
的帮助下将其发布在这里,供任何有相同问题的人使用 func privateKeyFromCertificate() -> SecKey {
let certName : String = "yourCertName"
let resourcePath: String = Bundle.main.path(forResource: certName, ofType: "p12")!
let p12Data: NSData = NSData(contentsOfFile: resourcePath)!
let key : NSString = kSecImportExportPassphrase as NSString
let options : NSDictionary = [key : "CertificatePassword"]
var privateKeyRef: SecKey? = nil
var items : CFArray?
let securityError: OSStatus = SecPKCS12Import(p12Data, options, &items)
//let description : CFString = CFCopyDescription(items)
//print(description)
let theArray : CFArray = items!
if securityError == noErr && CFArrayGetCount(theArray) > 0 {
let newArray = theArray as [AnyObject] as NSArray
let dictionary = newArray.object(at: 0)
if let secIdentity = (dictionary as AnyObject).value(forKey: kSecImportItemIdentity as String) {
let securityError = SecIdentityCopyPrivateKey(secIdentity as! SecIdentity , &privateKeyRef)
if securityError != noErr {
privateKeyRef = nil
}
}
}
var error:Unmanaged<CFError>?
if let cfdata = SecKeyCopyExternalRepresentation(privateKeyRef!, &error) {
let data:Data = cfdata as Data
let b64Key = data.base64EncodedString()
}
return privateKeyRef!
}