1

I am generating an RSA private key in iOS and want to have access to it between successive runs of the application. It seems to be impossible to save a SecKeyRef type in persistent memory so I was wondering if there is any other way to be able to save and load a secKeyRef private key in NSUserDefaults. I also tried to store the privateKey in the keychain and get it back as a SecKeyRef with no luck.

Any suggestions on how to store a private key in a persistent memory location in iOS?

user1845360
  • 847
  • 2
  • 12
  • 29

2 Answers2

3

Storing anything at a persistent memory location is not possible and NSDefaults is not secure.

Apple's KeyChain is made for exactly this purpose. Have a look at the official Apple Documentation.

SSKeyChain provides a great and easy to use wrapper for KeyChain APIs.

Engin Kurutepe
  • 6,719
  • 3
  • 34
  • 64
  • 1
    Additionally, there are a number of existing questions on StackOverflow you might find helpful, such as this one: http://stackoverflow.com/questions/11670647/adding-private-key-into-ios-keychain – lxt Jul 02 '13 at 14:21
  • Firstly, I do not care about security at this point since I am doing some tests, plus it is in a memory variable for some time so it is still insecure even if I manage to store it in the Keychain. Second, I have tried to store it in the keychain but when trying to get it back as SecKeyref i get a null reference. Do not point me in existing posts because I have done a fair amount of investigation. – user1845360 Jul 02 '13 at 14:32
  • Keychain is the correct place to store this. If you are having trouble using keychain, then you should post a question on that with details of your problem. There is no other place that is designed to store private keys in iOS. – Rob Napier Jul 02 '13 at 16:30
  • I have no problem storing it in the keychain. My problem is getting it back from the keychain as a SecKeyRef. – user1845360 Jul 03 '13 at 08:02
  • Why don't you ask a new question about your specific SecKeyRef problem so that somebody here can help you out with that? – Engin Kurutepe Jul 03 '13 at 08:30
  • OK, new question: http://stackoverflow.com/questions/17443707/store-rsa-private-key-and-get-it-back-as-a-seckeyref – user1845360 Jul 03 '13 at 09:18
-3

Not secured solution

You can use NSUserDefaults like this :

[[NSUserDefaults standardUserDefaults] setObject: privateKey forkey:@"myKey"];
[[NSUserDefaults standardUserDefaults] synchronize];

And retrieve it with :

[[NSUserDefaults standardUserDefaults] objectForKey:@"myKey"];

by the way

to store an int value, use setInteger: instead of setObject

zbMax
  • 2,756
  • 3
  • 21
  • 42
  • 1
    This is a terrible idea if you're storing a private key that is presumably very sensitive. `NSUserDefaults` is not encrypted, and absolutely not secure. – lxt Jul 02 '13 at 14:20