| 测试已验证 | ✓ |
| Lang语言 | Obj-CObjective C |
| 许可协议 | BSD |
| 发布上次发布 | 2016年1月 |
由Pavlo Gorb维护。
| 依赖项 | |
| VirgilFoundation | >= 0 |
| VirgilKit | >= 0 |
VirgilKeys框架是对Virgil Keys服务的包装,用于苹果平台的平台。它允许用户更轻松地与Virgil Keys服务交互。该框架负责组合正确的请求并为服务响应解析到可使用的模型类。
VirgilKeys框架应通过CocoaPods进行安装。因此,如果您不熟悉它,现在是安装CocoaPods的时候了。打开终端窗口并执行以下命令:
$ sudo gem install cocoapods
它会要求您输入密码,然后安装CocoaPods的最新版本。CocoaPods是用Ruby编写的,它将使用OS X上可用的默认Ruby进行安装。
如果在安装过程中遇到任何问题,请参阅cocoapods.org的更多信息。
VirgilKeys框架有2个依赖项
您不需要手动安装任何一个。CocoaPods将为您自动处理。
现在可以将VirgilKeys添加到特定应用程序。所以
$ cd <Path to Xcode project folder>
source 'https://github.com/CocoaPods/Specs.git'
platform :ios, '8.0'
pod 'VirgilKeys'
$ pod install
此时,您应该能在代码中使用VirgilKeys的功能。下面列举了最常见的任务示例。如果遇到与CocoaPods安装有关的问题,请尝试在cocoapods.org上找到更多信息。
尽管VirgilKeys使用Objective-C作为其主语言,但它可以非常容易地用于Swift应用程序。在入门部分说明的VirgilKeys安装完成后,需要执行以下操作:
在Swift项目中创建一个新头文件。
将其命名为类似BridgingHeader.h的内容。
将以下行放在那里:
#import <VirgilKeys/VirgilKeys.h>有关如何在同一项目中使用Objective-C和Swift的更多信息,请参阅此处。
在调用Virgil密钥服务之前,您需要获取一个应用程序令牌。请在这里注册这里,或如有账户请登录。
登录后,点击注册应用程序按钮,填写所需字段。完成后,您应该能够复制生成的应用程序令牌。此令牌是调用Virgil密钥服务的必要条件。
#import <VirgilFoundation/VirgilFoundation.h>
//...
VSSKeyPair *keyPair = [[VSSKeyPair alloc] init];
//...//...
let keyPair = VSSKeyPair()
//...可选地,您可以使用某些密码保护来创建一个新的密钥对。
#import <VirgilFoundation/VirgilFoundation.h>
//...
VSSKeyPair *keyPair = [[VSSKeyPair alloc] initWithPassword:<#password#>];
//...//...
let keyPair = VSSKeyPair(password:<#password#>)
//...对服务的请求是一个异步网络操作。VSSKeysClient实例发送请求,并在完成时调用作为任何调用最后一个参数给出的完成处理程序块。为了使这工作,VSSKeysClient实例应在请求完成后存在。创建一个将保存VSSKeysClient实例的属性的念头是个好主意。
#import <VirgilFoundation/VirgilFoundation.h>
#import <VirgilKit/VirgilKit.h>
#import <VirgilKeys/VirgilKeys.h>
//...
@property (nonatomic, strong) VSSKeysClient *keysClient;
//...
//...
// Create a new key pair
VSSKeyPair *keyPair = [[VSSKeyPair alloc] init];
// Create a new user data object
VSSUserData* userData = [[VSSUserData alloc] initWithDataClass:UDCUserId dataType:UDTEmail value:<#email address#>];
// Create a new public key candidate
VSSPublicKey *publicKey = [[VSSPublicKey alloc] initWithKey:pair.publicKey userDataList:@[ userData ]];
// Create a new instance of the keysClient
self.keysClient = [[VSSKeysClient alloc] initWithApplicationToken:<#Virgil Application Token#>];
// Pack the private key into container
VSSPrivateKey *pKey = [[VSSPrivateKey alloc] initWithKey:keyPair.privateKey password:nil];
// Create a request
[self.keysClient createPublicKey:publicKey privateKey:pKey completionHandler:^(VSSPublicKey *pubKey, NSError *error) {
// Each request to the service is executed in a different background thread.
// This completion handler is called NOT on the main thread.
if (error != nil) {
NSLog(@"Error creating public key object: '%@'", [error localizedDescription]);
return;
}
// Process received pubKey...
// NSLog(@"Created public key:");
// NSLog(@"account_id: %@", pubKey.Id.containerId);
// NSLog(@"public_key_id: %@", pubKey.Id.publicKeyId);
// NSLog(@"user data attached: %lu", (unsigned long)pubKey.UserDataList.count);
}];
//...//...
private var keysClient: VSSKeysClient!
//...
//...
// Create a new key pair
let keyPair = VSSKeyPair()
// Create a new user data object
let userData = VSSUserData(dataClass: .UDCUserId, dataType: .UDTEmail, value: <#email address#>)
// Create a new public key candidate
let publicKey = VSSPublicKey(key: keyPair.publicKey(), userDataList: [ userData ])
let privateKey = VSSPrivateKey(key: keyPair.privateKey(), password: nil)
// Create a new instance of the keysClient
self.keysClient = VSSKeysClient(applicationToken: <#Virgil Application Token#>)
self.keysClient.createPublicKey(publicKey, privateKey: pKey) { pubKey, error in
if error != nil {
println("Error creating public key object: \(error!.localizedDescription)")
return
}
// Process received public key...
// println("Created public key")
// println("account_id: \(pubKey.idb.containerId)")
// println("public_key_id: \(pubKey.idb.publicKeyId)")
}
//...#import <VirgilKeys/VirgilKeys.h>
//...
@property (nonatomic, strong) VSSKeysClient *keysClient;
//...
//...
// Assuming that keysClient was instantiated at some point before. If not - see 'Creating a new public key at the Virgil Keys Service' example.
// Send a request
[self.keysClient searchPublicKeyUserIdValue:<#email address#> completionHandler:^(VSSPublicKey *pubKey, NSError *error) {
// Each request to the service is executed in a different background thread.
// This completion handler is called NOT on the main thread.
if (error != nil) {
NSLog(@"Error getting public key object: '%@'", [error localizedDescription]);
return;
}
// Process received pubKey...
// NSLog(@"Got the public key:");
// NSLog(@"account_id: %@", pubKey.idb.containerId);
// NSLog(@"public_key_id: %@", pubKey.idb.publicKeyId);
// NSLog(@"%@", [[NSString alloc] initWithData:pubKey.key encoding:NSUTF8StringEncoding]);
}];
//...//...
private var keysClient: VSSKeysClient!
//...
//...
// Assuming that keysClient was instantiated at some point before. If not - see 'Creating a new public key at the Virgil Keys Service' example.
// Send a request
self.keysClient.searchPublicKeyUserIdValue(<#email address#>) { pubKey, error in
if error != nil {
println("Error getting public key object: \(error!.localizedDescription)")
return
}
// Process received public key...
// println("Created public key")
// println("account_id: \(pubKey.idb.containerId)")
// println("public_key_id: \(pubKey.idb.publicKeyId)")
}
//...当用户想要发送只有收件人才能阅读的私密信息时,用户需要根据
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...
// Assuming that we have some initial private string message.
NSString *message = @"This is a secret message which should be encrypted.";
// Convert it to the NSData
NSData *toEncrypt = [message dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:NO];
// Assuming that we have received a recepient's public key from the Virgil Keys Service.
// So, VSSPublicKey *recepientKey exists.
// Create a new VSSCryptor instance
VSSCryptor *cryptor = [[VSSCryptor alloc] init];
// Now we should add a key recepient (recepientKey is a VSSPublicKey instance received from the Virgil Keys Service)
[cryptor addKeyRecepient:<#recepientKey.idb.publicKeyId#> publicKey:<#recepientKey.key#>];
// And now we can easily encrypt the plain data
NSData *encryptedData = [cryptor encryptData:toEncrypt embedContentInfo:@YES];
// Now it is safe to send encryptedData to the recepient. Only person who holds the private key which corresponds to the recepientKey.Key public key is able to decrypt and read this data.
//...//...
// Assuming that we have some initial private string message.
let message = "This is a secret message which should be encrypted."
// Convert it to the NSData
if let toEncrypt = (message as NSString).dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false) {
// Create a new VSSCryptor instance
let cryptor = VSSCryptor()
// Now we should add a key recepient (recepientKey is a VSSPublicKey instance received from the Virgil Keys Service)
cryptor.addKeyRecepient(<#recepientKey.idb.publicKeyId#>, publicKey: <#recepientKey.key#>)
// And now we can easily encrypt the plain data
if let encryptedData = cryptor.encryptData(toEncrypt, embedContentInfo: true) {
// Now it is safe to send encryptedData to the recepient. Only person who holds the private key which corresponds to the recepientKey.Key public key is able to decrypt and read this data.
//...
}
}
//...当用户需要解密接收到的加密消息时,他/她需要持有与用于加密数据的公钥对应的一个私钥。
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...
// Assuming that we have received some data encrypted using our public key from the Virgil Keys Service.
// Assuming that we got VSSPublicKey instance of our public key from the Virgil Keys Service.
// Assuming that we have our private key which corresponds the public key from the Virgil Keys Service.
// Create a new VSSCryptor instance
VSSCryptor *decryptor = [[VSSCryptor alloc] init];
// Decrypt data
NSData *plainData = [decryptor decryptData:<#encryptedData#> publicKeyId:<#myPublicKey.idb.publicKeyId#> privateKey:<#myPrivateKey#> keyPassword:<# Private key password or nil #>];
// Compose initial message from the plain decrypted data
NSString *initialMessage = [[NSString alloc] initWithData:plainData encoding:NSUTF8StringEncoding];//...
// Assuming that we have received some data encrypted using our public key from the Virgil Keys Service.
// Assuming that we got VSSPublicKey instance of our public key from the Virgil Keys Service.
// Assuming that we have our private key which corresponds the public key from the Virgil Keys Service.
// Create a new VSSCryptor instance
let decryptor = VSSCryptor()
// Decrypt data
if let plainData = decryptor.decryptData(<#encrypted data#>, publicKeyId: <#myPublicKey.idb.publicKeyId#>, privateKey: <#myPrivateKey#>, keyPassword: <#passwword or nil#>) {
// Compose initial message from the plain decrypted data
let initialMessage = NSString(data: plainData, encoding: NSUTF8StringEncoding)
//...
}
//...虽然可以向某个特定的收件人发送加密消息,但仍然很重要让收件人确认这条加密消息确实是由你发送的。这可以通过签名这个概念来实现。
签名是由特定用户的私钥组成的数据块,它可以使用该用户的公钥进行验证。
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...
// Assuming that we have some initial string message that we want to sign.
NSString *message = @"This is a message which should be signed.";
// Convert it to the NSData
NSData *toSign = [message dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:NO];
// Assuming that we have our private key.
// Create a new VSSSigner instance
VSSSigner *signer = [[VSSSigner alloc] init];
// Sign the initial data
NSData *signature = [signer signData:toSign privateKey:<#myPrivateKey#> keyPassword:<#password or nil#>];
if (signature.length > 0) {
// Use composed signature data to make recipient sure about the sender identity.
//...
}
//...//...
// Assuming that we have some initial string message that we want to sign.
let message = "This is a message which should be signed."
// Convert it to the NSData
if let toSign = (message as NSString).dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false) {
// Assuming that we have our private key.
// Create a new VSSSigner instance
let signer = VSSSigner()
if let signature = signer.signData(toSign, privateKey: <#myPrivateKey#>, keyPassword: <#password or nil#>) {
// Use composed signature data to make recipient sure about the sender identity.
//...
}
}
//...为了验证某个签名,需要从Virgil Keys Service获取发送者的公钥,如下文“获取与特定电子邮件地址相关联的公钥”所述。
//...
#import <VirgilFoundation/VirgilFoundation.h>
//...
// Assuming that we get the public key of the user whose signature we need to verify from the Virgil Keys Service
// Assuming that we have a NSData object which was actually signed.
// Assuming that we have a NSData object with a signature.
// Create a new VSSSigner instance
VSSSigner *verifier = [[VSSSigner alloc] init];
// Verify signature against the signed data and sender's public key.
BOOL verified = [verifier verifySignature:<#signature#> data:<#signed data#> publicKey:<#senderKey.key#>];
if (verified) {
// Sender is the real holder of the private key, so it might be trusted.
//...
}
//...//...
// Assuming that we get the public key of the user whose signature we need to verify from the Virgil Keys Service
// Assuming that we have a NSData object which was actually signed.
// Assuming that we have a NSData object with a signature.
// Create a new VSSSigner instance
let verifier = VSSSigner()
// Verify signature against the signed data and sender's public key.
let verified = verifier.verifySignature(<#signature#>, data: <#signed data#>, publicKey: <#senderKey.key#>)
if verified {
// Sender is the real holder of the private key, so it might be trusted.
//...
}
//...需要iOS 8.x或更高版本。
使用提供在BSD 3-Clause License下。请参阅LICENSE以获取详细信息。