2015-02-03

iOS Objective-C RSA encrypt with only public key and descrypt with PHP

Views: 24147 | 12 Comments

If you found this post via Google, I am sure this is the final link you click. Your problem will be solved with a single function without any dependency!

You may have read these posts:

The first post helps, but it is too old, and it doesn’t provide the full code, the author is so mean!

The second is nonsense, because you people finding this post must have the exact need as me: iOS RSA encrypt with ONLY the public key. NO .der file, NO CA, NO bullshit!

OK, lets go on.

You generate RSA public key and private key with PHP

$config = array(
		"digest_alg" => "sha512",
		"private_key_bits" => 1024,
		"private_key_type" => OPENSSL_KEYTYPE_RSA,
		);
$res = openssl_pkey_new($config);
openssl_pkey_export($res, $privKey);
$pubKey = openssl_pkey_get_details($res);
$pubKey = $pubKey["key"];
var_dump($privKey, $pubKey); // now you get keys in plain text

It is like:

-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMQKGp7zSUktNOQk
PdfcvJ3sWP7O46ENmSO4s0+iDdhHbR7klyt2oj0gXM1sAJj8ZBWFudu8GpiDKqXw
N88IZemfT5c1LEQshTD1WHfZC6EY2vf9MGl5yGtV5WkU8vDJpg0STUJrCAcJ5Cp/
m5qqJqgEM5Op6jHzwtzWV3syx+CBAgMBAAECgYEApSzqPzE3d3uqi+tpXB71oY5J
cfB55PIjLPDrzFX7mlacP6JVKN7dVemVp9OvMTe/UE8LSXRVaFlkLsqXC07FJjhu
wFXHPdnUf5sanLLdnzt3Mc8vMgUamGJl+er0wdzxM1kPTh0Tmq+DSlu5TlopAHd5
IqF3DYiORIen3xIwp0ECQQDj6GFaXWzWAu5oUq6j1msTRV3mRZnx8Amxt1ssYM0+
JLf6QYmpkGFqiQOhHkMgVUwRFqJC8A9EVR1eqabcBXbpAkEA3DQfLVr94vsIWL6+
VrFcPJW9Xk28CNY6Xnvkin815o2Q0JUHIIIod1eVKCiYDUzZAYAsW0gefJ49sJ4Y
iRJN2QJAKuxeQX2s/NWKfz1rRNIiUnvTBoZ/SvCxcrYcxsvoe9bAi7KCMdxObJkn
hNXFQLav39wKbV73ESCSqnx7P58L2QJABmhR2+0A5EDvvj1WpokkqPKmfv7+ELfD
HQq33LvU4q+N3jPn8C85ZDedNHzx57kru1pyb/mKQZANNX10M1DgCQJBAMKn0lEx
QH2GrkjeWgGVpPZkp0YC+ztNjaUMJmY5g0INUlDgqTWFNftxe8ROvt7JtUvlgtKC
XdXQrKaEnpebeUQ=
-----END PRIVATE KEY-----

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEChqe80lJLTTkJD3X3Lyd7Fj+
zuOhDZkjuLNPog3YR20e5JcrdqI9IFzNbACY/GQVhbnbvBqYgyql8DfPCGXpn0+X
NSxELIUw9Vh32QuhGNr3/TBpechrVeVpFPLwyaYNEk1CawgHCeQqf5uaqiaoBDOT
qeox88Lc1ld7MsfggQIDAQAB
-----END PUBLIC KEY-----

Then you send the public key to iOS app

So, your Objective-C gets only this data(no other bullshit!):

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEChqe80lJLTTkJD3X3Lyd7Fj+
zuOhDZkjuLNPog3YR20e5JcrdqI9IFzNbACY/GQVhbnbvBqYgyql8DfPCGXpn0+X
NSxELIUw9Vh32QuhGNr3/TBpechrVeVpFPLwyaYNEk1CawgHCeQqf5uaqiaoBDOT
qeox88Lc1ld7MsfggQIDAQAB
-----END PUBLIC KEY-----

You need a function to do RSA encryption

+ (NSString *)encryptString:(NSString *)str publicKey:(NSString *)pubKey;

YES! No SecRef, No Security.h, with exactly one function, of two arguments.

Now your code is as clean as

NSString *pubkey = get_public_key_string_with_http();
NSString *ret = [RSA encryptString:@"hello world!" publicKey:pubkey];
NSLog(@"encrypted: %@", ret);

Screw 100% percent security!

Many Apps don’t need 100% percent security, it only needs encryption, with RSA public key only!

Objective-C RSA encrypt with public key, full code on GitHub: https://github.com/ideawu/Objective-C-RSA

Posted by ideawu at 2015-02-03 12:49:01 Tags: ,

12 Responses to "iOS Objective-C RSA encrypt with only public key and descrypt with PHP"

  • Hi there. I just would like to thank you for the great project here! Whenever you come to Germany let me know and I buy you a few beers to proper thank you for that! =)
    Would be great to have your response in the email.
    Cheers from Germany,
    Marcelo Reply
  • What is the need to on the keychain sharing toggle in capabilities for ios 10? Reply
  • I want to do a testing!Sadly! When i use publicKey to encrypt a string is ok! But use privacy to decrypt return nil.Why? I have checked public_key.pem and private_key.em,they’re right! Reply
  • THX! Reply
  • Hi, I’m doing a same thing as this post mentioned. I download your project from Github, but there’s something is not very clear for.
    1. Can I use private_key to encrypt a string? (I did a test, it returned nil)
    2. I found you did a lot of efforts to handle the key’s header, is it necesssary?
    3. I think add_public_key and add_private_key are duplicate funcs, am I right? Maybe you can make it more clear to read.
    Thanks. Reply
    @dgwutao:
    1. enc with private key will not work, so there is no such function in the header file(they are commented out in RSA.h).
    2. I think it is yes
    2. yes, they have small difference Reply
  • Java server return hexadecimal public key, I will be the public key conversion of binary, then converts binary base64 string, call + (nsstrings *) encryptString: (nsstrings *) STR publicKey (pubKey encryption successful nsstrings *).Question: why do I use the backend decrypted cannot succeed?The parameters of the background can’t preach to me right.Can you provide ideas?Thank you very much! Reply
    @xiaolong: show me the code on github issue: https://github.com/ideawu/Objective-C-RSA/issues Reply
  • Swift implementation, also has iOS decryption with public key: https://github.com/btnguyen2k/swift-rsautils Reply
    @Thanh Nguyen: good! Reply
  • That’s it!!! Great work… Most of the tutorial on the web should be like this Reply

« [1][2] » 1/2

Leave a Comment