VirgilCryptoiOS 1.3.1

VirgilCryptoiOS 1.3.1

×

测试已测试
Lang语言 Objective C++Objective C++
许可 BSD
发布最新版本2016年1月

Pavlo Gorb 维护。

VirgilCryptoiOS 1.3.1

  • Pavlo Gorb
此库已弃用,建议您查看 VirgilFoundation。

描述

这是一个基本低级框架,允许执行一些最重要的安全操作。此框架用于其他高级 Virgil 框架、库和应用程序。它也可以作为一个独立的基本库,用于任何需要安全的应用程序。

入门指南

如果您打算使用任何高级 Virgil 框架,如 VirgilKeys 或 VirgilPrivateKeys,那您就不需要直接安装 VirgilFoundation。它会与高级框架的所有必需依赖项一起安装。

本章的其余部分介绍了如何直接安装 VirgilFoundation 框架。在 iOS 应用程序中使用 VirgilFoundation 框架的最简便和推荐方法是使用 CocoaPods 进行安装和维护。

  • 首先,您需要在计算机上安装 CocoaPods。您可以在终端中执行以下行来完成此操作:
$ sudo gem install cocoapods

CocoaPods 使用 Ruby 构建,它将安装到 OS X 上默认的 Ruby。

  • 打开 Xcode,创建一个新项目(在 Xcode 菜单:文件 -> 新建 -> 项目),或使用以下方法导航到现有的 Xcode 项目
$ cd <Path to Xcode project folder>
  • 在 Xcode 项目的文件夹中创建一个新文件,将其命名为 Podfile(使用大写字母 P,无需扩展名)。在 Podfile 中放入以下行并保存。
source 'https://github.com/CocoaPods/Specs.git'
platform :ios, '8.0'
pod 'VirgilFoundation'
  • 切换回终端窗口并执行以下行
$ pod install
  • 关闭 Xcode 项目(如果它仍然打开)。对于任何进一步的开发目的,您应该使用 CocoaPods 为您创建的 Xcode .xcworkspace 文件。

此时,您应该能够使用您的代码中的 Virgil 密钥功能。以下是一些常见任务的示例。如果您在 CocoaPods 安装过程中遇到任何问题,请尝试在 cocoapods.org 找到更多信息。

Swift 注意

尽管 VirgilFoundation 以 Objective-C 作为其主要语言,但它可以在 Swift 应用程序中非常容易地使用。在 入门 部分描述中将 VirgilFoundation 安装后,需要执行以下操作

  • 在 Swift 项目中创建一个新的头文件。

  • 命名为 BridgingHeader.h

  • 将以下行放在那里

#import <VirgilFoundation/VirgilFoundation.h>
  • 在 Xcode 构建设置中找到名为 Objective-C 编译器桥接头文件 的设置,并将路径设置到您的 BridgingHeader.h 文件。请注意,此路径相对于 Xcode 项目的目录。

您可以在此处找到更多关于在同一项目中使用Objective-C和Swift的信息。

创建一个新的密钥对

应使用VSSKeyPair实例来生成一对密钥。可以生成包含密码保护的私钥。如果没有提供密码,则私钥将作为纯数据生成。

Objective-C
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...

VSSKeyPair *keyPair = [[VSSKeyPair alloc] initWithPassword:<#Password or nil#>];
NSString *publicKey = [[NSString alloc] initWithData:keyPair.publicKey encoding:NSUTF8StringEncoding];
NSLog(@"%@", publicKey);
NSString *privateKey = [[NSString alloc] initWithData:keyPair.privateKey encoding:NSUTF8StringEncoding];
NSLog(@"%@", privateKey);
Swift
//...
let keyPair = VSSKeyPair(password:<#Password or nil#>)
println(NSString(data: keyPair.publicKey(), encoding: NSUTF8StringEncoding))
println(NSString(data: keyPair.privateKey(), encoding: NSUTF8StringEncoding))
//...

加密/解密数据

VSSCryptor对象可以执行两种加密/解密方式:

  • 基于密钥的加密/解密。

  • 基于密码的加密/解密。

基于密钥的加密

Objective-C
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...

// Assuming that we have some initial string message.
NSString *message = @"This is a secret message which should be encrypted.";
// Convert it to the NSData
NSData *toEncrypt = [message dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:NO];
// Assuming that we have some key pair generated earlier.
// Create a new VSSCryptor instance
VSSCryptor *cryptor = [[VSSCryptor alloc] init];
// Now we should add a key recepient
[cryptor addKeyRecepient:<#Public Key ID (e.g. UUID)#> publicKey:<#keyPair.publicKey#>];
// And now we can easily encrypt the plain data
NSData *encryptedData = [cryptor encryptData:toEncrypt embedContentInfo:@YES];
Swift
//...
// Assuming that we have some initial string message.
let message = NSString(string: "This is a secret message which should be encrypted.")
// Convert it to the NSData
let toEncrypt = message.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)
// Assuming that we have some key pair generated earlier.
// Create a new VSSCryptor instance
let cryptor = VSSCryptor()
// Now we should add a key recepient
cryptor.addKeyRecepient(<#Public Key ID (e.g. UUID)#>, publicKey:<#keyPair.publicKey()#>)
// And now we can easily encrypt the plain data
var encryptedData = cryptor.encryptData(toEncrypt, embedContentInfo: true)
//...

基于密钥的解密

Objective-C
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...

// Assuming that we have received some key-based encrypted data.
// Assuming that we have some key pair generated earlier.
// Create a new VSSCryptor instance
VSSCryptor *decryptor = [[VSSCryptor alloc] init];
// Decrypt data
NSData *plainData = [decryptor decryptData:<#encryptedData#> publicKeyId:<#Public Key ID (e.g. UUID)#> privateKey:<#keyPair.privateKey#> keyPassword:<#Private key password or nil#>];
// Compose initial message from the plain decrypted data
NSString *initialMessage = [[NSString alloc] initWithData:plainData encoding:NSUTF8StringEncoding];
Swift
//...

// Assuming that we have received some key-based encrypted data.
// Assuming that we have some key pair generated earlier.
// Create a new VSSCryptor instance
let decryptor = VSSCryptor()
// Decrypt data
var plainData = decryptor.decryptData(<#encryptedData#>, publicKeyId: <#Public Key ID (e.g. UUID)#>, privateKey: <#keyPair.privateKey()#>, keyPassword: <#Private key password or nil#>)
// Compose initial message from the plain decrypted data
if let data = plainData {
    var initialMessage = NSString(data: data, encoding: NSUTF8StringEncoding)
}

基于密码的加密

Objective-C
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...

// Assuming that we have some initial string message.
NSString *message = @"This is a secret message which should be encrypted with password-based encryption.";
// Convert it to the NSData
NSData *toEncrypt = [message dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:NO];
// Assuming that we have some key pair generated earlier.
// Create a new VSSCryptor instance
VSSCryptor *cryptor = [[VSSCryptor alloc] init];
// Now we should add a password recepient
[cryptor addPasswordRecipient:<#Password to encrypt data with#>];
// And now we can encrypt the plain data
NSData *encryptedData = [cryptor encryptData:toEncrypt embedContentInfo:@YES];
Swift
//...
// Assuming that we have some initial string message.
let message = NSString(string: "This is a secret message which should be encrypted.")
// Convert it to the NSData
let toEncrypt = message.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)
// Create a cryptor instance
let cryptor = VSSCryptor()
// Add a password recepient to enable password-based encryption
cryptor.addPasswordRecipient(<#Password to encrypt data with#>)
// Encrypt the data
var encryptedData = cryptor.encryptData(oEncrypt, embedContentInfo: true)
//...

基于密码的解密

Objective-C
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...

// Assuming that we have received some password-based encrypted data.
// Assuming that we have some key pair generated earlier.
// Create a new VSSCryptor instance
VSSCryptor *decryptor = [[VSSCryptor alloc] init];
// Decrypt data
NSData *plainData = [decryptor decryptData:<#NSData to decrypt#> password:<#Password used to encrypt the data#>];
// Compose initial message from the plain decrypted data
NSString *initialMessage = [[NSString alloc] initWithData:plainData encoding:NSUTF8StringEncoding];
Swift
//...
// Assuming that we have received some password-based encrypted data.
// Assuming that we have some key pair generated earlier.
// Create a new VSSCryptor instance
let decryptor = VSSCryptor()
// Decrypt data
var plainData = decryptor.decryptData(<#encryptedData#>, password:<#Password used to encrypt the data#>)
// Compose initial message from the plain decrypted data
if let data = plainData {
    var initialMessage = NSString(data: data, encoding: NSUTF8StringEncoding)
}
//...

创建/验证签名

VSSSigner实例允许使用给定的私钥对某些数据进行签名。这可以用来确保某些消息/数据确实是由私钥持有者创建并发送的。

创建签名

Objective-C
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...

// Assuming that we have some initial string message that we want to sign.
NSString *message = @"This is a secret message which should be signed.";
// Convert it to the NSData
NSData *toSign = [message dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:NO];
// Assuming that we have some key pair generated earlier.
// Create a new VSSSigner instance
VSSSigner *signer = [[VSSSigner alloc] init];
// Sign the initial data
NSData *signature = [signer signData:toSign privateKey:<#keyPair.privateKey#> keyPassword:<#Private key password or nil#>];
Swift
//...
// Assuming that we have some initial string message.
let message = NSString(string: "This is a secret message which should be signed.")
// Convert it to the NSData
let toSign = message.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)
// Create the signer
let signer = VSSSigner()
// Compose the signature
var signature = signer.signData(toSign, privateKey: <#keyPair.privateKey()#>, keyPassword: <#Private key password or nil#>)
//...

验证签名

要验证签名,需要具有我们想要验证签名的用户的公钥。

Objective-C
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...

// Assuming that we have the public key of a person whose signature we need to verify
// Assuming that we have a NSData object with signed data.
// Assuming that we have a NSData object with a signature.
// Create a new VSSSigner instance
VSSSigner *verifier = [[VSSSigner alloc] init];
// Verify the signature.
BOOL verified = [verifier verifySignature:<#signature#> data:toSign publicKey:<#keyPair.publicKey#>];
if (verified) {
    // Signature seems OK.
}
Swift
//...
// Assuming that we have the public key of a person whose signature we need to verify
// Assuming that we have a NSData object with signed data.
// Assuming that we have a NSData object with a signature.
// Create a new VSSSigner instance
let verifier = VSSSigner()
// Verify the signature.
let verified = verifier.verifySignature(<#signature#>, data: toSign, publicKey:<#keyPair.publicKey()#>)
if verified {
    // Signature seems OK.
}
//...

要求

需要iOS 8.x或更高版本。

许可证

使用受BSD 3-Clause License许可。请在LICENSE文件中查看详细信息。