PDA

View Full Version : Encryption help




mycompuser
Jul 30, 2013, 02:05 AM
Hi,

I too plan to implement RSA algorithm (encryption/decryption) using public/private keys but looks like the sample available in apple documents is only applicable for iOS (kSecPrivateKeyAttrs and kSecPublicKeyAttrs are available in iOS only).

Can somebody shed some light for it's equivalent for MAC development (snow leopard onwards).

Thanks & Regards.



chown33
Jul 30, 2013, 12:21 PM
When I google for kSecPrivateKeyAttrs, the first result is this:
http://stackoverflow.com/questions/10741437/mac-os-x-ksecpublickeyattrs-undeclared-identifier
First, you're using iOS sample code on OS X. The frameworks are similar, but not identical. But there is no OS X sample code, and the iOS sample code shows up in the OS X doc sets, ...


If that explains a solution that works, then remember that simply searching for one of the unresolved symbols came up with an answer. You should try that approach in the future.

mycompuser
Aug 12, 2013, 02:59 AM
I did google and do some investigation and raised this thread only as the last resort.

Did try to add the below mentioned code to do away with the error

#define SEC_CONST_DECL(k,v) CFTypeRef k = (CFTypeRef)(CFSTR(v))

SEC_CONST_DECL (kSecPrivateKeyAttrs, "private");
SEC_CONST_DECL (kSecPublicKeyAttrs, "public");

but found that the "SecItemCopyMatching" method for retrieving of public key information returns a sanityCheck value of -25300. Though the method "SecKeyGeneratePair" returns success.


Below is the code.

- (NSData*)publicKeyForTag:(UInt8 *)publicKeyIdentifier
{
OSStatus sanityCheck = noErr;
NSData *publicTag = [NSData dataWithBytes:publicKeyIdentifier
length:strlen((const char *)publicKeyIdentifier)];
NSData * publicKeyBits = nil;

NSMutableDictionary * queryPublicKey = [[NSMutableDictionary alloc] init];

// Set the public key query dictionary.
[queryPublicKey setObject:(id)kSecClassKey forKey:( id)kSecClass];
[queryPublicKey setObject:publicTag forKey:( id)kSecAttrApplicationTag];
[queryPublicKey setObject:( id)kSecAttrKeyTypeRSA forKey:( id)kSecAttrKeyType];
[queryPublicKey setObject:( id)kSecAttrKeyClassPublic forKey:( id)kSecAttrKeyClass];

[queryPublicKey setObject:[NSNumber numberWithBool:YES] forKey:( id)kSecReturnData];

// Get the key bits.
CFTypeRef cfRef = &publicKeyBits;
sanityCheck = SecItemCopyMatching(( CFDictionaryRef)queryPublicKey, (CFTypeRef *)cfRef);

if (sanityCheck != noErr)
publicKeyBits = nil;

return publicKeyBits;
}


Is there any changes that I need to make to in the above method to access the private and public key information successfully?

mycompuser
Aug 12, 2013, 01:20 PM
As an alternative, I've tried to implement RSA asymmetric key encryption using openssl api's though my first preference will still be using the framework for performing RSA encryption/decryption on OSX.

I managed to get a OSX sample project running using publicly available code for encrypt and decrypt an string using RSA. Have attached the project to this thread.

But the problem is that the size of the string that I can encrypt is Max of 128 bytes (1024/8). Read that this is a inherent limitation of the RSA algorithm.

And the way to get around that for large input data is to split the input data into smaller chunks for encryption purpose.

Can somebody guide me on those lines. Any link to code snippet/sample project implementing this will be of great help to me.

Thanks & Regrds.