我在Linux机器上使用以下命令生成了RSA密钥对:
openssl genrsa -out private.pem 2048
openssl pkcs8 -topk8 -inform PEM -in private.pem -outform DER -out private.der -nocrypt
openssl req -new -x509 -keyform PEM -key private.pem -outform DER -out public.der
运行以下确认"公钥:(2048位)":
openssl x509 -in public.der -inform DER -text -noout
在我的IOS应用程序中,我从网络中读取了public.der文件的字节,并提取公钥,如下所示:
NSData *certificateData = [RequestManager getDataFromUrl:@"http://dyner.me/crypto.der"];
if (certificateData) {
SecCertificateRef certificateFromFile = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)certificateData);
SecPolicyRef secPolicy = SecPolicyCreateBasicX509();
SecTrustRef trust;
OSStatus statusTrust = SecTrustCreateWithCertificates(certificateFromFile, secPolicy, &trust);
SecTrustResultType resultType;
OSStatus statusTrustEval = SecTrustEvaluate(trust, &resultType);
SecKeyRef publicKey = SecTrustCopyPublicKey(trust);
}
但是,生成的SecKeyRef显示块大小为1024位:
<SecKeyRef algorithm id: 1, key type: RSAPublicKey, version: 3, block size: 1024 bits, exponent: {hex: 10001, decimal: 65537}, modulus: B9059150BD2933FEC3E2DAC6036E5FE7FC61CEE8B7081AD6BCCE2FA0F340232CFE3DD0B025E6DCFD3755F732ED8292F687DE421AD46FAFA5672ACC2D1C875D4644ED7ACF07E8EA3CAEDF245A27BF61ED1E0AD57D2B4F92AE1222C51A8A980E5D2C7308592E179B4EEE811C6A97358B9F87A9BEB7A08B6893CC1CBBA231B38E85, addr: 0x7f86ca831600>
为什么这个块大小不是&#34; 2048位&#34;?