我尝试用ECDH生成键值对,我成功生成了两个键值对。通过两对,我生成了一个共享密钥,并且工作正常。但是当我尝试使用来自服务器的公钥创建共享密钥时,我做不到。来自服务器的公钥是十六进制格式。我无法将十六进制值转换为公钥 (secKey)。
生成两个键值对和两个共享秘密的代码:
var error: Unmanaged<CFError>?
let keyPairAttr:[String : Any] = [kSecAttrKeySizeInBits as String: 256,
SecKeyKeyExchangeParameter.requestedSize.rawValue as String: 32,
kSecAttrKeyType as String: kSecAttrKeyTypeECSECPrimeRandom,
kSecAttrKeyClass as String: kSecAttrKeyClassPublic,
kSecPrivateKeyAttrs as String: [kSecAttrIsPermanent as String: false],
kSecPublicKeyAttrs as String:[kSecAttrIsPermanent as String: false]]
let algorithm:SecKeyAlgorithm = SecKeyAlgorithm.ecdhKeyExchangeStandardX963SHA256 //ecdhKeyExchangeStandardX963SHA256
do {
guard let privateKey = SecKeyCreateRandomKey(keyPairAttr as CFDictionary, &error) else {
throw error!.takeRetainedValue() as Error
}
let publicKey = SecKeyCopyPublicKey(privateKey)
guard let privateKey2 = SecKeyCreateRandomKey(keyPairAttr as CFDictionary, &error) else {
throw error!.takeRetainedValue() as Error
}
let publicKey2 = SecKeyCopyPublicKey(privateKey2)
let shared:CFData? = SecKeyCopyKeyExchangeResult(privateKey, algorithm, publicKey2!, keyPairAttr as CFDictionary, &error)
let sharedData:Data = shared! as Data
print("shared Secret key",sharedData.base64EncodedString())
let shared2:CFData? = SecKeyCopyKeyExchangeResult(privateKey2, algorithm, publicKey!, keyPairAttr as CFDictionary, &error)
let sharedData2:Data = shared2! as Data
print("shared Secret key 2",sharedData2.base64EncodedString())
if sharedData.base64EncodedString() == sharedData2.base64EncodedString() {
let secretKey = sharedData.base64EncodedString()
print("SEC KEY MATCHES",secretKey)
}
上面的代码是有效的,因为我自己创建了两个键值对。但我无法使用服务器的公钥创建它。 我需要知道如何使用十六进制格式的服务器公钥创建共享密钥。
kSecAttrKeySizeInBits 作为字符串:256 256应该是384