Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Objective c RSA with OAEP padding sha256 prior ios 10

I am working on an encryption method in the iPhone with the RSA encryption method, so far i could achieve getting the encryption string with this method, the string is successfully decrypted by the server.

SecKeyRef keyRef = [self addPublicKey:pubKey];

SecKeyAlgorithm algorithm = kSecKeyAlgorithmRSAEncryptionOAEPSHA256;

if (!keyRef) {
    return nil;
}

BOOL canEncrypt =  SecKeyIsAlgorithmSupported(keyRef, kSecKeyOperationTypeEncrypt, algorithm);

if (canEncrypt) {
    CFErrorRef error = NULL;
    NSData *encryptedData = (NSData *)CFBridgingRelease(
                                                        SecKeyCreateEncryptedData(keyRef, algorithm, (__bridge CFDataRef) content, &error)
    );

    if (encryptedData) {
        return encryptedData;
    }else{
        NSError *err = CFBridgingRelease(error);
        NSLog(@"Ocurrió un error %@", err.localizedDescription);
        return nil;
    }
}

This method works for ios 10 and newer, what i need is to know how to set the algorithm in prior ios versions, my code is the following

SecKeyRef keyRef = [self addPublicKey:pubKey];
if (!keyRef) {
    return nil;
}

size_t cipherBufferSize = SecKeyGetBlockSize(keyRef);
uint8_t *cipherBuffer = malloc(cipherBufferSize * sizeof(uint8_t));
memset((void *)cipherBuffer, 0*0, cipherBufferSize);

NSData *plainTextBytes = content;
size_t blockSize = cipherBufferSize - 11;
size_t blockCount = (size_t)ceil([plainTextBytes length] / (double)blockSize);

NSMutableData *encryptedData = [NSMutableData dataWithCapacity:0];

for (int i=0; i<blockCount; i++) {

    int bufferSize = (int)MIN(blockSize,[plainTextBytes length] - i * blockSize);
    NSData *buffer = [plainTextBytes subdataWithRange:NSMakeRange(i * blockSize, bufferSize)];
    OSStatus status = SecKeyEncrypt(keyRef,
                                    kSecPaddingOAEP,
                                    (const uint8_t *)[buffer bytes],
                                    [buffer length],
                                    cipherBuffer,
                                    &cipherBufferSize);

    if (status == noErr){
        NSData *encryptedBytes = [NSData dataWithBytes:(const void *)cipherBuffer length:cipherBufferSize];
        [encryptedData appendData:encryptedBytes];

    }else{

        if (cipherBuffer) {
            free(cipherBuffer);
        }
        return nil;
    }
}
if (cipherBuffer) free(cipherBuffer);

So far i can see that in the version of ios 10 you can set the algorithm with this line

SecKeyAlgorithm algorithm = kSecKeyAlgorithmRSAEncryptionOAEPSHA256;

my question is, how do i get that algorithm in the early version of ios, the second code i post can't be decrypted.

Thanks for your help

like image 725
daniel1511 Avatar asked Nov 08 '22 08:11

daniel1511


1 Answers

If you are using OAEP padding with SecKeyEncrypt, you can only use kSecPaddingOAEP, which is SHA1. Unfortunately you cannot use OAEP SHA256 with SecKeyEncrypt.

like image 188
kspearrin Avatar answered Nov 15 '22 12:11

kspearrin