iOS RSA 证书加密

#import "GLQyRsa.h"
#import "GLSupprot.h"
#import "GLLoginViewController.h"



@implementation GLQyRsa

static SecKeyRef _public_key=nil;
+ (SecKeyRef) getPublicKeyFile
{ // 从公钥证书文件中获取到公钥的SecKeyRef指针
    if(_public_key == nil){
        //NSData *certificateData = [RSA_KEY_BASE64 dataUsingEncoding:NSUTF8StringEncoding];
//        NSString *publicKeyPath = [[NSBundle mainBundle] pathForResource:@"public_key"
//                                                                  ofType:@"der"];
//        if (publicKeyPath == nil) {
//            NSLog(@"Can not find pub.der");
//            return nil;
//        }
        NSString *fielName = [[NSUserDefaults standardUserDefaults]objectForKey:my_publicKeyFileName];
        //NSLog(@"fielName:%@",fielName); fileName为.cer证书
        if(!fielName)
        {
            NSLog(@"fielName nil");
            return nil;
        }
        NSDate *certificateData = [NSData dataWithContentsOfFile:fielName];
        if (certificateData == nil) {
            NSLog(@"Can not read from pub.der");
            return nil;
        }
        SecCertificateRef myCertificate =  SecCertificateCreateWithData(kCFAllocatorDefault, (__bridge CFDataRef)certificateData);
        SecPolicyRef myPolicy = SecPolicyCreateBasicX509();
        SecTrustRef myTrust;
        OSStatus status = SecTrustCreateWithCertificates(myCertificate,myPolicy,&myTrust);
        SecTrustResultType trustResult;
        if (status == noErr) {
            status = SecTrustEvaluate(myTrust, &trustResult);
        }
        _public_key = SecTrustCopyPublicKey(myTrust);
        CFRelease(myCertificate);
        CFRelease(myPolicy);
        CFRelease(myTrust);
    }
    return _public_key;
}


+ (NSData*) rsaEncryptString:(NSString*) string{
    
    SecKeyRef key = [self getPublicKeyFile];
    if(!key)
    {
        NSLog(@"secKeyRefNULL");
        return nil;
    }
    
    size_t cipherBufferSize = SecKeyGetBlockSize(key);
    uint8_t *cipherBuffer = malloc(cipherBufferSize * sizeof(uint8_t));
    NSData *stringBytes = [string dataUsingEncoding:NSUTF8StringEncoding];
    size_t blockSize = cipherBufferSize - 11;
    size_t blockCount = (size_t)ceil([stringBytes length] / (double)blockSize);
    NSMutableData *encryptedData = [[NSMutableData alloc] init];
    for (int i=0; i<blockCount; i++) {
        int bufferSize = MIN(blockSize,[stringBytes length] - i * blockSize);
        NSData *buffer = [stringBytes subdataWithRange:NSMakeRange(i * blockSize, bufferSize)];
        OSStatus status = SecKeyEncrypt(key, kSecPaddingPKCS1, (const uint8_t *)[buffer bytes],
                                        [buffer length], cipherBuffer, &cipherBufferSize);
        if (status == noErr){
            NSData *encryptedBytes = [[NSData alloc] initWithBytes:(const void *)cipherBuffer length:cipherBufferSize];
            [encryptedData appendData:encryptedBytes];
            
        }else{
            if (cipherBuffer) free(cipherBuffer);
            return nil;
        }
    }
    
    
    if (cipherBuffer) free(cipherBuffer);
    //  NSLog(@"Encrypted text (%d bytes): %@", [encryptedData length], [encryptedData description]);
    //  NSLog(@"Encrypted text base64: %@", [Base64 encode:encryptedData]);
    return encryptedData;
}