• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: SecKeyGeneratePair export Public Key and OpenSSL API
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SecKeyGeneratePair export Public Key and OpenSSL API

  • Subject: Re: SecKeyGeneratePair export Public Key and OpenSSL API
  • From: Jacopo Mangiavacchi <email@hidden>
  • Date: Wed, 5 Nov 2008 19:56:49 +0100
Well I've tried both but I need a solution for the iPhone platform. I've tried to post on the iPhone Dev Forum but I didn't get a reply so I tried here.

Anyway, I've tried adding "RSA" in the header but it does work. Moreover in this case I obtain a different error:

unable to load Public Key
86084:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c: 642:Expecting: PUBLIC KEY

Thanks,
jacopo


On Nov 5, 2008, at 7:40 PM, Ken McLeod wrote:


On Nov 5, 2008, at 3:41 AM, Jacopo Mangiavacchi wrote:

Some more info.

I obtained a persistence reference of an auto generated Public key calling the SecItemCopyMatching then I encoded it in base64 format.

Ah, so this code is running on the iPhone, not on the Mac. How are you retrieving the data of the public key from that reference?

After that I added the strings "---- BEGIN..." at the top and "---- END..." at the bottom obtaining this final string an save it on a file:

-----BEGIN PUBLIC KEY-----

You might try
-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----
instead. This differs from
-----BEGIN PUBLIC KEY------
-----END PUBLIC KEY------
in that the former is a PKCS#1 representation. I think the iPhone's code only deals with that representation at the moment.

-ken


MIGIAoGAUHmlTMGzxJ8Q+M3hlqSiZmn0wKKYqaih9gGfMkRPXBT4jpOiE6VOVuWN
jedIs97H4GRe4ZlmGAqMD5BK9NztHVOGPPYYjXT7u02kppkgYDoOhI7iYFJ/iHGi
eDwzUzCo5QEjeateX1fNVNhXzLs3T45/YVN3ezRqOmjJqs31cvUCAwEAAQ==
-----END PUBLIC KEY-----

Than if I try this command: openssl rsa -pubin -in iphonepubkey.pem -modulus -noout
I obtain this following error:

unable to load Public Key
22483:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1007:
22483:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:305:Type=X509_ALGOR
22483:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_D2I:nested asn1 error:tasn_dec.c: 567:Field=algor, Type=X509_PUBKEY
22483:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_oth.c:82:

Btw, if I generate the key pair using the OpenSSL API the output of the last command instead is correct (Modulus=B744103A06A...)

I really can't understand where is my fault, I double checked the parameter that I pass to SecItemCopyMatching and SecKeyGeneratePair and of course the public key is valid by itself. I'm able to decrypt etc. with it.

j


From: Jacopo Mangiavacchi <email@hidden>
Subject: SecKeyGeneratePair export Public Key and OpenSSL API
To: email@hidden, email@hidden
Message-ID: <email@hidden>
Content-Type: text/plain; charset="us-ascii"

I need to export a public key generated with the SecKeyGeneratePair
API and send it to a WebServices (written in PHP) that using the
OpenSSL API must encrypt something using this key and return back the
ciphered value to the cocoa client.

In order to pass the public key NSData buffer I've tried to encode
that in Base64 format and to pass it as a standard RSA pubkey string
because I know that OpenSSL can accept a string like that.

An example of this kind of string is the following:

-----BEGIN PUBLIC KEY-----
MIGIAoGAUHmlTMGzxJ8Q+M3hlqSiZmn0wKKYqaih9gGfMkRPXBT4jpOiE6VOVuWN
jedIs97H4GRe4ZlmGAqMD5BK9NztHVOGPPYYjXT7u02kppkgYDoOhI7iYFJ/iHGi
eDwzUzCo5QEjeateX1fNVNhXzLs3T45/YVN3ezRqOmjJqs31cvUCAwEAAQ==
-----END PUBLIC KEY-----


Any way, the OpenSSL is telling me that this is not a valid public
key. Btw, an OpenSSL auto-generated public key is a little bit longer
than this, like the following for eample:


-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5F3OcVyc93DPSYgltiYN6zkwM
Aq30nGq1j8PSJbfqu99q1xwprK0Uh078d09piTrOwjdmqUUHjHhJqSdeSbnF0oYp
XIQLXUb01wMfB6pKpfOHpLtDjAKJBeEfIK5Zig5nF1cQrKTIlR+LLR+7m0u5UDGB
rO7yvd5dYDJAKh9BawIDAQAB
-----END PUBLIC KEY-----


Am I missing something ?

Thanks for any help,
jacopo


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.apple.com/mailman/private/apple-cdsa/attachments/20081104/e8e39c47/attachment.html

------------------------------



_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Re: SecKeyGeneratePair export Public Key and OpenSSL API (From: Jacopo Mangiavacchi <email@hidden>)






    

  • Prev by Date:
Re: Underlining text in Interface Builder

    • 

  • Next by Date:
Dual screen problems

    • 

  • Previous by thread:
Re: SecKeyGeneratePair export Public Key and OpenSSL API

    • 

  • Next by thread:
64-bit swizzling

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •