Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

macOS Encryption help

M

mycompuser

macrumors member
Original poster
May 8, 2012
37
0
Hi,

I too plan to implement RSA algorithm (encryption/decryption) using public/private keys but looks like the sample available in apple documents is only applicable for iOS (kSecPrivateKeyAttrs and kSecPublicKeyAttrs are available in iOS only).

Can somebody shed some light for it's equivalent for MAC development (snow leopard onwards).

Thanks & Regards.
 
chown33

chown33

Moderator
Staff member
Aug 9, 2009
10,740
8,416
A sea of green
When I google for kSecPrivateKeyAttrs, the first result is this:
http://stackoverflow.com/questions/10741437/mac-os-x-ksecpublickeyattrs-undeclared-identifier
First, you're using iOS sample code on OS X. The frameworks are similar, but not identical. But there is no OS X sample code, and the iOS sample code shows up in the OS X doc sets, ...

If that explains a solution that works, then remember that simply searching for one of the unresolved symbols came up with an answer. You should try that approach in the future.
 
M

mycompuser

macrumors member
Original poster
May 8, 2012
37
0
I did google and do some investigation and raised this thread only as the last resort.

Did try to add the below mentioned code to do away with the error

Code: 
#define SEC_CONST_DECL(k,v) CFTypeRef k = (CFTypeRef)(CFSTR(v))

SEC_CONST_DECL (kSecPrivateKeyAttrs, "private");
SEC_CONST_DECL (kSecPublicKeyAttrs, "public");

but found that the "SecItemCopyMatching" method for retrieving of public key information returns a sanityCheck value of -25300. Though the method "SecKeyGeneratePair" returns success.


Below is the code.

Code: 
- (NSData*)publicKeyForTag:(UInt8 *)publicKeyIdentifier
{
    OSStatus sanityCheck = noErr;
    NSData *publicTag = [NSData dataWithBytes:publicKeyIdentifier
                                       length:strlen((const char *)publicKeyIdentifier)];
    NSData * publicKeyBits = nil;

    NSMutableDictionary * queryPublicKey = [[NSMutableDictionary alloc] init];

    // Set the public key query dictionary.
    [queryPublicKey setObject:(id)kSecClassKey forKey:( id)kSecClass];
    [queryPublicKey setObject:publicTag forKey:( id)kSecAttrApplicationTag];
    [queryPublicKey setObject:( id)kSecAttrKeyTypeRSA forKey:( id)kSecAttrKeyType];
    [queryPublicKey setObject:( id)kSecAttrKeyClassPublic forKey:( id)kSecAttrKeyClass];

    [queryPublicKey setObject:[NSNumber numberWithBool:YES] forKey:( id)kSecReturnData];

    // Get the key bits.
    CFTypeRef cfRef = &publicKeyBits;
    sanityCheck = SecItemCopyMatching(( CFDictionaryRef)queryPublicKey, (CFTypeRef *)cfRef);

    if (sanityCheck != noErr)
        publicKeyBits = nil;

    return publicKeyBits;
}

Is there any changes that I need to make to in the above method to access the private and public key information successfully?
 
M

mycompuser

macrumors member
Original poster
May 8, 2012
37
0
As an alternative, I've tried to implement RSA asymmetric key encryption using openssl api's though my first preference will still be using the framework for performing RSA encryption/decryption on OSX.

I managed to get a OSX sample project running using publicly available code for encrypt and decrypt an string using RSA. Have attached the project to this thread.

But the problem is that the size of the string that I can encrypt is Max of 128 bytes (1024/8). Read that this is a inherent limitation of the RSA algorithm.

And the way to get around that for large input data is to split the input data into smaller chunks for encryption purpose.

Can somebody guide me on those lines. Any link to code snippet/sample project implementing this will be of great help to me.

Thanks & Regrds.
 

Attachments

  • RSASample.zip
    85.4 KB · Views: 114
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom