RSA is an asymmetric encryption algorithm and is often used to encrypt data transmission. If combined with a digital digest algorithm, it can also be used for file signature.
**RSA algorithm function :** one is encryption is a sign. **1. Encryption: ** is used to encrypt data on the client using the public key and decrypt data on the server using the private key. Only for encryption **2. Signing: ** is signed with the private key on the client and then checked with the public key on the server. Add sign is to put denial, is to prevent others to simulate our client to attack our server, resulting in paralysis.
RSA basic principle: RSA uses key pairs to encrypt and decrypt data. Before encrypting and decrypting data, create a public key and a private key. ** Public key: ** Used to encrypt data. Used for disclosure, usually stored in a data provider, such as an iOS client. Private key: used to decrypt data. It must be kept secret, the disclosure of the private key is a security issue.
The composition of RSA public key and private key, as well as the formula of encryption and decryption can be seen in the following figure:
In encryption and decryption, we need to know what openSSL is; The basic principle of RSA encryption algorithm; How to generate the final DER and P12 files we need through OpenSSL.
Encryption and decryption on iOS clients first we need to import security.framework
In iOS, we focus on four functions: SecKeyEncrypt: encrypts the data using a public key; SecKeyDecrypt: decrypts the data using a private key; SecKeyRawVerify: Validates the digital signature and data using a public key to verify that the data comes from a valid source. What is the digital signature, can you refer to baidu Encyclopedia this article? SecKeyRawSign: The private key is used to digest data and generate a digital signature
See steps for details:
- To generate a key pair using OpenSSL, you need to obtain a public key certificate and a private key certificate
- Verification certificate
- Create a class RSAEncryptor for encryption and decryption, and implement the methods
- Test encryption and decryption in the project
#### First, use OpenSSL to generate the key pair. Finally, you need to obtain the public key certificate and private key certificate. MAC OS provides OpenSSL, so you can use OpenSSL directly on the command line. Rsa_private_key. pem (private key), rsa_public_key.pem (public key)) and run the following command:
Pem openssl genrsa -out rsa_private_key.pem 1024 // Use the private key file to create the required certificate: Openssl req -new -key rsa_private_key.pem -out rsacertreq. CSR // Create a certificate using x509: rsaCert.crt openssl x509 -req -days 3650 -in rsaCertReq.csr -signkey rsa_private_key.pem -out rsaCert.crt // Create rsa_public_key.der For IOS. Generate a public key in the.der format: rsa_public_key.der openssl x509 -outform der -in rsaCert.crt -out rsa_public_key.der // Create rsa_private_key.p12 For IOS. This step generates the.p12 file required for decryption. Remember the password you entered. Openssl pkcs12 -export -out rsa_private_key.p12 -inkey rsa_private_key.pem -in rsaCert Pem For Java openssl rsa -in rsa_private_key.pem -out rsa_public_key.pem -pubout // Convert the RSA private key to PKCS8 format. Openssl pkcs8 -topk8 -in rsa_private_key.pem -out pkcs8_private_key.pem -nocryptCopy the codeYou may need some information on the command line to generate public and private keys
Country Name (2 letter code) [AU]:CN // Country code State or Province Name (full Name) [some-state]: Locality Name Organization Name (eg, company) [Internet Widgits Pty Ltd]: Technical Unit Name (eg, section) []:Development Department Common Name (eg, YOUR Name) []: Email Address []:      / / emailCopy the codeNote: When generating the key pair, you need to fill in the extract password of the private key. Remember, you need to use it for decryption.
It can be seen from the above that the private key can generate the corresponding public key. Therefore, we use the private key private_key.pem on the server side and issue the public key to the front end such as Android and ios
IOS uses rsa_public_key.der and rsa_private_key.p12
#### Step 2 verify the certificate. Drag rsa_public_key.der into Xcode, and if the file looks good, you can open it directly in Xcode and see all the information about the certificate. Do not drag it into your project. Instead, right-click add Files to “” to create a new project and add the library: Security.Framework
#### The third step, create a new class for encryption, decryption RSAEncryptor, and implement the related methods
You can copy and paste this file using rsaencryptor.h:
#import <Foundation/Foundation.h>@interface RSAEncryptor: NSObject /** * Encryption method ** @param STR String to be encrypted * @param path'.der'Public key file path of the format * / + (nsstrings *) encryptString: (nsstrings *) STR publicKeyWithContentsOfFile (nsstrings *) path; /** * Decrypt method ** @param STR String to decrypt * @param path'.p12'Format to the private key file path * @ param password private key file password * / + (nsstrings *) decryptString: (nsstrings *) STR privateKeyWithContentsOfFile: (nsstrings *)path password:(NSString *)password; /** * encryption method ** @param STR string to be encrypted * @param pubKey public key string */ + (NSString *)encryptString:(NSString *) STR publicKey:(NSString *)pubKey; /** * Decryption method ** @param privKey Private key string */ + (NSString *)decryptString (NSString *) STR privateKey:(NSString *)privKey; @endCopy the codeRSAEncryptor. M file:
#import "RSAEncryptor.h"
#import <Security/Security.h>
@implementation RSAEncryptor
static NSString *base64_encode_data(NSData *data){
data = [data base64EncodedDataWithOptions:0];
NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return ret;
}
static NSData *base64_decode(NSString *str){
NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters];
return data;
}
#pragma mark - encrypts using the '.der' public key file/ / encryption + (nsstrings *) encryptString: (nsstrings *) STR publicKeyWithContentsOfFile path: (nsstrings *) {if(! str || ! path)return nil;
return[self encryptString:str publicKeyRef:[self getPublicKeyRefWithContentsOfFile:path]]; } / / get public + (SecKeyRef) getPublicKeyRefWithContentsOfFile: (nsstrings *) filePath {NSData * certData = [NSData dataWithContentsOfFile:filePath];if(! certData) {return nil;
}
SecCertificateRef cert = SecCertificateCreateWithData(NULL, (CFDataRef)certData);
SecKeyRef key = NULL;
SecTrustRef trust = NULL;
SecPolicyRef policy = NULL;
if(cert ! = NULL) { policy = SecPolicyCreateBasicX509();if (policy) {
if (SecTrustCreateWithCertificates((CFTypeRef)cert, policy, &trust) == noErr) {
SecTrustResultType result;
if(SecTrustEvaluate(trust, &result) == noErr) { key = SecTrustCopyPublicKey(trust); }}}}if (policy) CFRelease(policy);
if (trust) CFRelease(trust);
if (cert) CFRelease(cert);
return key;
}
+ (NSString *)encryptString:(NSString *)str publicKeyRef:(SecKeyRef)publicKeyRef{
if(! [str dataUsingEncoding:NSUTF8StringEncoding]){return nil;
}
if(! publicKeyRef){return nil;
}
NSData *data = [self encryptData:[str dataUsingEncoding:NSUTF8StringEncoding] withKeyRef:publicKeyRef];
NSString *ret = base64_encode_data(data);
return ret;
}
#pragma mark - use '.12' private key file to decrypt/ / decryption + (nsstrings *) decryptString: (nsstrings *) STR privateKeyWithContentsOfFile: (path password: (nsstrings nsstrings *) *)password{if(! str || ! path)return nil;
if(! password) password = @"";
return[self decryptString:str privateKeyRef:[self getPrivateKeyRefWithContentsOfFile:path password:password]]; } / / get the private key + (SecKeyRef) getPrivateKeyRefWithContentsOfFile: (nsstrings *) filePath password: (password nsstrings *) {NSData *p12Data = [NSData dataWithContentsOfFile:filePath];if(! p12Data) {return nil;
}
SecKeyRef privateKeyRef = NULL;
NSMutableDictionary * options = [[NSMutableDictionary alloc] init];
[options setObject: password forKey:(__bridge id)kSecImportExportPassphrase];
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
OSStatus securityError = SecPKCS12Import((__bridge CFDataRef) p12Data, (__bridge CFDictionaryRef)options, &items);
if (securityError == noErr && CFArrayGetCount(items) > 0) {
CFDictionaryRef identityDict = CFArrayGetValueAtIndex(items, 0);
SecIdentityRef identityApp = (SecIdentityRef)CFDictionaryGetValue(identityDict, kSecImportItemIdentity);
securityError = SecIdentityCopyPrivateKey(identityApp, &privateKeyRef);
if(securityError ! = noErr) { privateKeyRef = NULL; } } CFRelease(items);return privateKeyRef;
}
+ (NSString *)decryptString:(NSString *)str privateKeyRef:(SecKeyRef)privKeyRef{
NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters];
if(! privKeyRef) {return nil;
}
data = [self decryptData:data withKeyRef:privKeyRef];
NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return ret;
}
#pragma mark - String encryption using the public key/* START: Encryption with RSA public key */ // encryptString:(NSString *) STR publicKey:(NSString *)pubKey{ NSData *data = [self encryptData:[str dataUsingEncoding:NSUTF8StringEncoding] publicKey:pubKey]; NSString *ret = base64_encode_data(data);return ret;
}
+ (NSData *)encryptData:(NSData *)data publicKey:(NSString *)pubKey{
if(! data || ! pubKey){return nil;
}
SecKeyRef keyRef = [self addPublicKey:pubKey];
if(! keyRef){return nil;
}
return [self encryptData:data withKeyRef:keyRef];
}
+ (SecKeyRef)addPublicKey:(NSString *)key{
NSRange spos = [key rangeOfString:@"-----BEGIN PUBLIC KEY-----"];
NSRange epos = [key rangeOfString:@"-----END PUBLIC KEY-----"];
if(spos.location ! = NSNotFound && epos.location ! = NSNotFound){ NSUInteger s = spos.location + spos.length; NSUInteger e = epos.location; NSRange range = NSMakeRange(s, e-s);
key = [key substringWithRange:range];
}
key = [key stringByReplacingOccurrencesOfString:@"\r" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"\n" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"\t" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"" withString:@""];
// This will be base64 encoded, decode it.
NSData *data = base64_decode(key);
data = [self stripPublicKeyHeader:data];
if(! data){return nil;
}
//a tag to read/write keychain storage
NSString *tag = @"RSAUtil_PubKey";
NSData *d_tag = [NSData dataWithBytes:[tag UTF8String] length:[tag length]];
// Delete any old lingering key with the same tag
NSMutableDictionary *publicKey = [[NSMutableDictionary alloc] init];
[publicKey setObject:(__bridge id) kSecClassKey forKey:(__bridge id)kSecClass];
[publicKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
[publicKey setObject:d_tag forKey:(__bridge id)kSecAttrApplicationTag];
SecItemDelete((__bridge CFDictionaryRef)publicKey);
// Add persistent version of the key to system keychain
[publicKey setObject:data forKey:(__bridge id)kSecValueData];
[publicKey setObject:(__bridge id) kSecAttrKeyClassPublic forKey:(__bridge id)
kSecAttrKeyClass];
[publicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)
kSecReturnPersistentRef];
CFTypeRef persistKey = nil;
OSStatus status = SecItemAdd((__bridge CFDictionaryRef)publicKey, &persistKey);
if(persistKey ! = nil){ CFRelease(persistKey); }if((status ! = noErr) && (status ! = errSecDuplicateItem)) {return nil;
}
[publicKey removeObjectForKey:(__bridge id)kSecValueData];
[publicKey removeObjectForKey:(__bridge id)kSecReturnPersistentRef];
[publicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef];
[publicKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
// Now fetch the SecKeyRef version of the key
SecKeyRef keyRef = nil;
status = SecItemCopyMatching((__bridge CFDictionaryRef)publicKey, (CFTypeRef *)&keyRef);
if(status ! = noErr){return nil;
}
return keyRef;
}
+ (NSData *)stripPublicKeyHeader:(NSData *)d_key{
// Skip ASN.1 public key header
if (d_key == nil) return(nil);
unsigned long len = [d_key length];
if(! len)return(nil);
unsigned char *c_key = (unsigned char *)[d_key bytes];
unsigned int idx = 0;
if(c_key[idx++] ! = 0x30)return(nil);
if (c_key[idx] > 0x80) idx += c_key[idx] - 0x80 + 1;
else idx++;
// PKCS #1 rsaEncryption szOID_RSA_RSA
static unsigned char seqiod[] =
{ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
0x01, 0x05, 0x00 };
if (memcmp(&c_key[idx], seqiod, 15)) return(nil);
idx += 15;
if(c_key[idx++] ! = 0x03)return(nil);
if (c_key[idx] > 0x80) idx += c_key[idx] - 0x80 + 1;
else idx++;
if(c_key[idx++] ! ='\ 0') return(nil);
// Now make a new NSData from this buffer
return ([NSData dataWithBytes:&c_key[idx] length:len - idx]);
}
+ (NSData *)encryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef{
const uint8_t *srcbuf = (const uint8_t *)[data bytes];
size_t srclen = (size_t)data.length;
size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t);
void *outbuf = malloc(block_size);
size_t src_block_size = block_size - 11;
NSMutableData *ret = [[NSMutableData alloc] init];
for(int idx=0; idx<srclen; idx+=src_block_size){
//NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size);
size_t data_len = srclen - idx;
if(data_len > src_block_size){
data_len = src_block_size;
}
size_t outlen = block_size;
OSStatus status = noErr;
status = SecKeyEncrypt(keyRef,
kSecPaddingPKCS1,
srcbuf + idx,
data_len,
outbuf,
&outlen
);
if(status ! = 0) { NSLog(@"SecKeyEncrypt fail. Error Code: %d", status);
ret = nil;
break;
}else{
[ret appendBytes:outbuf length:outlen];
}
}
free(outbuf);
CFRelease(keyRef);
return ret;
}
/* END: Encryption with RSA public key */
#pragma mark - use private key string to decrypt/* START: Decryption with RSA private key */ // decrypt using the private key string + (NSString *)decryptString:(NSString *) STR privateKey:(NSString *)privKey{if(! str)return nil;
NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters];
data = [self decryptData:data privateKey:privKey];
NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return ret;
}
+ (NSData *)decryptData:(NSData *)data privateKey:(NSString *)privKey{
if(! data || ! privKey){return nil;
}
SecKeyRef keyRef = [self addPrivateKey:privKey];
if(! keyRef){return nil;
}
return [self decryptData:data withKeyRef:keyRef];
}
+ (SecKeyRef)addPrivateKey:(NSString *)key{
NSRange spos = [key rangeOfString:@"-----BEGIN RSA PRIVATE KEY-----"];
NSRange epos = [key rangeOfString:@"-----END RSA PRIVATE KEY-----"];
if(spos.location ! = NSNotFound && epos.location ! = NSNotFound){ NSUInteger s = spos.location + spos.length; NSUInteger e = epos.location; NSRange range = NSMakeRange(s, e-s);
key = [key substringWithRange:range];
}
key = [key stringByReplacingOccurrencesOfString:@"\r" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"\n" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"\t" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"" withString:@""];
// This will be base64 encoded, decode it.
NSData *data = base64_decode(key);
data = [self stripPrivateKeyHeader:data];
if(! data){return nil;
}
//a tag to read/write keychain storage
NSString *tag = @"RSAUtil_PrivKey";
NSData *d_tag = [NSData dataWithBytes:[tag UTF8String] length:[tag length]];
// Delete any old lingering key with the same tag
NSMutableDictionary *privateKey = [[NSMutableDictionary alloc] init];
[privateKey setObject:(__bridge id) kSecClassKey forKey:(__bridge id)kSecClass];
[privateKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
[privateKey setObject:d_tag forKey:(__bridge id)kSecAttrApplicationTag];
SecItemDelete((__bridge CFDictionaryRef)privateKey);
// Add persistent version of the key to system keychain
[privateKey setObject:data forKey:(__bridge id)kSecValueData];
[privateKey setObject:(__bridge id) kSecAttrKeyClassPrivate forKey:(__bridge id)
kSecAttrKeyClass];
[privateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)
kSecReturnPersistentRef];
CFTypeRef persistKey = nil;
OSStatus status = SecItemAdd((__bridge CFDictionaryRef)privateKey, &persistKey);
if(persistKey ! = nil){ CFRelease(persistKey); }if((status ! = noErr) && (status ! = errSecDuplicateItem)) {return nil;
}
[privateKey removeObjectForKey:(__bridge id)kSecValueData];
[privateKey removeObjectForKey:(__bridge id)kSecReturnPersistentRef];
[privateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef];
[privateKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
// Now fetch the SecKeyRef version of the key
SecKeyRef keyRef = nil;
status = SecItemCopyMatching((__bridge CFDictionaryRef)privateKey, (CFTypeRef *)&keyRef);
if(status ! = noErr){return nil;
}
return keyRef;
}
+ (NSData *)stripPrivateKeyHeader:(NSData *)d_key{
// Skip ASN.1 private key header
if (d_key == nil) return(nil);
unsigned long len = [d_key length];
if(! len)return(nil);
unsigned char *c_key = (unsigned char *)[d_key bytes];
unsigned int idx = 22; //magic byte at offset 22
if(0x04 ! = c_key[idx++])return nil;
//calculate length of the key
unsigned int c_len = c_key[idx++];
int det = c_len & 0x80;
if(! det) { c_len = c_len & 0x7f; }else {
int byteCount = c_len & 0x7f;
if (byteCount + idx > len) {
//rsa length field longer than buffer
return nil;
}
unsigned int accum = 0;
unsigned char *ptr = &c_key[idx];
idx += byteCount;
while (byteCount) {
accum = (accum << 8) + *ptr;
ptr++;
byteCount--;
}
c_len = accum;
}
// Now make a new NSData from this buffer
return [d_key subdataWithRange:NSMakeRange(idx, c_len)];
}
+ (NSData *)decryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef{
const uint8_t *srcbuf = (const uint8_t *)[data bytes];
size_t srclen = (size_t)data.length;
size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t);
UInt8 *outbuf = malloc(block_size);
size_t src_block_size = block_size;
NSMutableData *ret = [[NSMutableData alloc] init];
for(int idx=0; idx<srclen; idx+=src_block_size){
//NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size);
size_t data_len = srclen - idx;
if(data_len > src_block_size){
data_len = src_block_size;
}
size_t outlen = block_size;
OSStatus status = noErr;
status = SecKeyDecrypt(keyRef,
kSecPaddingNone,
srcbuf + idx,
data_len,
outbuf,
&outlen
);
if(status ! = 0) { NSLog(@"SecKeyEncrypt fail. Error Code: %d", status);
ret = nil;
break;
}else{
//the actual decrypted data is in the middle, locate it!
int idxFirstZero = -1;
int idxNextZero = (int)outlen;
for ( int i = 0; i < outlen; i++ ) {
if ( outbuf[i] == 0 ) {
if ( idxFirstZero < 0 ) {
idxFirstZero = i;
} else {
idxNextZero = i;
break;
}
}
}
[ret appendBytes:&outbuf[idxFirstZero+1] length:idxNextZero-idxFirstZero-1];
}
}
free(outbuf);
CFRelease(keyRef);
return ret;
}
/* END: Decryption with RSA private key */
@end
Copy the code#### Step 4. Test encryption and decryption in the place that needs to be encrypted in the project. 1
NSString *originalString = @"This is a string that is going to be encrypted using a '.der' file!"; // Use the public and private keys in.der and.p12 to encrypt and decrypt NSString * public_KEY_path = [[NSBundle mainBundle] pathForResource:@"rsa_public_key.der" ofType:nil];
NSString *private_key_path = [[NSBundle mainBundle] pathForResource:@"rsa_private_key.p12" ofType:nil];
NSString *encryptStr = [RSAEncryptor encryptString:originalString publicKeyWithContentsOfFile:public_key_path];
NSLog(@"Before encryption :%@", originalString);
NSLog(@"Encrypted :%@", encryptStr);
NSLog(@"After decryption :%@", [RSAEncryptor decryptString:encryptStr privateKeyWithContentsOfFile:private_key_path password:@"123456"]);
Copy the code2. The RSA secret key is generated online by encrypting and decrypting the string of the secret key. The public key and secret key are generated and copied for testing.
NSString *originalString = @"This is a string that will be encrypted using the 'secret key string'!"; / / use the string format of public key encryption private key decryption nsstrings * encryptStr = [RSAEncryptor encryptString: originalString publicKey: @"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTbZ6cNH9PgdF60aQKveLz3FTalyzHQwbp601y77SzmGHX3F5NoVUZbdK7UMdoCLK4FBziTewYD9DWvAE rXZo9BFuI96bAop8wfl1VkZyyHTcznxNJFGSQd/B70/ExMgMBpEwkAAdyUqIjIdVGh1FQK/4acwS39YXwbS+IlHsPSQIDAQAB"];
NSLog(@"Before encryption :%@", originalString);
NSLog(@"Encrypted :%@", encryptStr);
NSLog(@"After decryption :%@", [RSAEncryptor decryptString:encryptStr privateKey:@"MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANNtnpw0f0+B0XrRpAq94vPcVNqXLMdDBunrTXLvtLOYYdfcXk2hVRlt0rtQx2gIsrgUHOJ N7BgP0Na8AStdmj0EW4j3psCinzB+XVWRnLIdNzOfE0kUZJB38HvT8TEyAwGkTCQAB3JSoiMh1UaHUVAr/hpzBLf1hfBtL4iUew9JAgMBAAECgYA1tGeQmAk qofga8XtwuxEWDoaDS9k0+EKeUoXGxzqoT/GyiihuIafjILFhoUA1ndf/yCQaG973sbTDhtfpMwqFNQq13+JAownslTjWgr7Hwf7qplYW92R7CU0v7wFfjqm 1t/2FKU9JkHfaHfb7qqESMIbO/VMjER9o4tEx58uXDQJBAO0O4lnWDVjr1gN02cqvxPOtTY6DgFbQDeaAZF8obb6XqvCqGW/AVms3Bh8nVlUwdQ2K/xte8tH xjW9FtBQTLd8CQQDkUncO35gAqUF9Bhsdzrs7nO1J3VjLrM0ITrepqjqtVEvdXZc+1/UrkWVaIigWAXjQCVfmQzScdbznhYXPz5fXAkEAgB3KMRkhL4yNpmK Rjhw+ih+ASeRCCSj6Sjfbhx4XaakYZmbXxnChg+JB+bZNz06YBFC5nLZM7y/n61o1f5/56wJBALw+ZVzE6ly5L34114uG04W9x0HcFgau7MiJphFjgUdAtd/ H9xfgE4odMRPUD3q9Me9LlMYK6MiKpfm4c2+3dzcCQQC8y37NPgpNEkd9smMwPpSEjPW41aMlfcKvP4Da3z7G5bGlmuICrva9YDAiaAyDGGCK8LxC8K6HpKr FgYrXkRtt"]);
Copy the codeProject must be used in many places, you can encapsulate the request, on the interface parameters encryption, background decryption can be. I use AFN here and customize the request again for reference only.
+ (void)post:(NSString *)url params:(id)params success:(void (^)(id json))success failure:(void (^)(NSError *error))failure { // 1. Request manager AFHTTPSessionManager *manager = [AFHTTPSessionManager]; NSString * public_KEY_PATH = [[NSBundle mainBundle] pathForResource:@"rsa_public_key.der"ofType:nil]; NSString *encryptStr = [RSAEncryptor encryptString:params publicKeyWithContentsOfFile:public_key_path]; // 3. Send request [Manager POST: URL Parameters :encryptStr success:^(NSURLSessionDataTask *task, id responseObject) {if (success) {
success(responseObject);
}
} failure:^(NSURLSessionDataTask *task, NSError *error) {
if(failure) { failure(error); }}]; }Copy the codeYou can test