3

I have been Google-ing and researching for an answer on how to do a simple RSA encryption using Cbjective-C on an iPhone. The main problem I have is that I have been supplied the Exponent and Modulus as an NSData object and i need to then convert them to a SecKeyRef object in order to perform the RSA encryption.

Does anyone have any idea how to do that or have any useful hints?

Many thanks!

Book Of Zeus
  • 49,509
  • 18
  • 174
  • 171
Paul
  • 4,812
  • 3
  • 27
  • 38

2 Answers2

2

I ended up using OpenSSL in my project. and import the keys and encrypt using that library instead of the iPhone ones.

Paul
  • 4,812
  • 3
  • 27
  • 38
0

I implemented a solution to this and put it on GitHub. Now you can use the Apple-sanctioned APIs for the Keychain instead of OpenSSL. (They discourage OpenSSL in their literature, unfortunately.)

https://github.com/StCredZero/SCZ-BasicEncodingRules-iOS

SCZ-BasicEncodingRules-iOS

Implementation of Basic Encoding Rules to enable import of RSA keys to iOS KeyChain using exponent. Code targets iOS 5 with ARC.

Let's say you already have a modulus and exponent from an RSA public key as an NSData in variables named pubKeyModData and pubKeyModData. Then the following code will create an NSData containing that RSA public key, which you can then insert into the iOS or OS X Keychain.

NSMutableArray *testArray = [[NSMutableArray alloc] init];
[testArray addObject:pubKeyModData];
[testArray addObject:pubKeyExpData];
NSData *testPubKey = [testArray berData];

This would allow you to store the key using the addPeerPublicKey:keyBits: method from SecKeyWrapper in the Apple CryptoExercise example. Or, from the perspective of the low-level API, you can use SecItemAdd().

NSString * peerName = @"Test Public Key";

NSData * peerTag = 
   [[NSData alloc] 
       initWithBytes:(const void *)[peerName UTF8String] 
       length:[peerName length]];

NSMutableDictionary * peerPublicKeyAttr = [[NSMutableDictionary alloc] init];

[peerPublicKeyAttr 
   setObject:(__bridge id)kSecClassKey 
   forKey:(__bridge id)kSecClass];
[peerPublicKeyAttr 
   setObject:(__bridge id)kSecAttrKeyTypeRSA 
   forKey:(__bridge id)kSecAttrKeyType];
[peerPublicKeyAttr 
   setObject:peerTag 
   forKey:(__bridge id)kSecAttrApplicationTag];
[peerPublicKeyAttr 
   setObject:testPubKey 
   forKey:(__bridge id)kSecValueData];
[peerPublicKeyAttr 
   setObject:[NSNumber numberWithBool:YES] 
   forKey:(__bridge id)kSecReturnPersistentRef];

sanityCheck = SecItemAdd((__bridge CFDictionaryRef) peerPublicKeyAttr, (CFTypeRef *)&persistPeer);
StCredZero
  • 464
  • 3
  • 13