This is what I am trying to achieve from some days now: Approach #1:
~ Android End ~ 1. Generated public and private key at an android device (using an openssl wrapper) 2. Got modulus and exponent from the generated public key ~ iOS End ~ 3. Generated public key from modulus and exponent, at ios end, using code specified in this link: http://stackoverflow.com/a/10643962/217586 4. Converted some sample string to an object of NSData using NSUTF8StringEncoding 5. Used - wrapSymmetricKey:keyRef: method defined in SecKeyWrapper class (CryptoExercise example) for encryption, and passed key obtained from step 3 and data to encrypt obtained from step 4 to it 6. Converted NSData (encrypted data) obtained in previous step to base64encoded string, shared the same to android guy ~ Android End ~ 7. Tried to decrypt the base64encoded string, using related private key Problem: getting error - too much data for RSA block Approach #2: (Got to know from this link that - https://github.com/superwills/iOSRSAPublicKeyEncryption, we are not supposed to load public keys in iOS from anything other than a certificate, so tried a different approach) ~ Terminal End ~ 1. Generated certificate using openssl commands specified in this url: http://stackoverflow.com/a/17295321/217586 ~ iOS End ~ 2. Obtained public key as specified in above url 3. Used below code to encrypt the data: SecKeyWrapper *secKeyWrapper = [SecKeyWrapper sharedWrapper]; SecKeyRef obtainedPublicKey = [secKeyWrapper getPublicKeyRefFromDerCertificate:kCertificatePath]; NSData *dataToBeEncrypted = [kStringToBeEncrypted dataUsingEncoding:NSUTF8StringEncoding]; NSData *encryptedText = [secKeyWrapper wrapSymmetricKey:dataToBeEncrypted keyRef:obtainedPublicKey]; 4. Converted NSData to base64encoded string ~ Terminal End ~ 5. Used below command to convert it back to original string: echo <base 64 encoded string obtained from step 4> | openssl rsautl -decrypt -inkey rsaPrivate.pem Problem: getting error - rsa routines:RSA_EAY_PRIVATE_DECRYPT:data greater than mod len:/SourceCache/OpenSSL098/OpenSSL098-47.1/src/crypto/rsa/rsa_eay.c Any suggestions? On Fri, May 16, 2014 at 10:40 PM, ChanMaxthon <xcvi...@me.com> wrote: > Keychain is okay, I just cannot bear the crypto libraries. > > Sent from my iPhone > >> On May 17, 2014, at 1:08 AM, Jens Alfke <j...@mooseyard.com> wrote: >> >> >>> On May 16, 2014, at 12:37 AM, ChanMaxthon <xcvi...@me.com> wrote: >>> >>> I got fed up by Apple already and found a little BSD-licensed CXX crypto >>> library called Botan. I will either wrap it in Objective-C or rewrite it >>> for my later projects. >> >> I’m cautious of ‘alternative’ crypto implementations; there’s a lot of >> complex math and logic involved that’s easy to get wrong. I want the >> implementation I use to be as battle-tested as possible. >> >> Also, the Keychain is a valuable place to store secrets that, being built >> into the OS, offers better security than anything you can do on your own or >> with 3rd party libraries. There’s not really any other good solution for >> storing keys, short of making the user type in a strong passphrase every >> time they launch the app. Too bad the Keychain APIs are the worst part of >> the Security framework :( >> >> —Jens > _______________________________________________ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/cocoa-dev/devarshi.bluechip%40gmail.com > > This email sent to devarshi.bluec...@gmail.com -- Thanks, Devarshi _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
