Re: Share and store RSA - public key in java server and vice versa
Re: Share and store RSA - public key in java server and vice versa
- Subject: Re: Share and store RSA - public key in java server and vice versa
- From: Maxthon Chan <email@hidden>
- Date: Tue, 13 May 2014 23:55:20 +0800
I am not exactly familiar with using RSA but as long as the format is followed I believe whatever mechanism here is okay. Also if I didn’t made it wrong DER certificates are text files. Try to dump the NSData and try your Android device if it can directly recognise it.
On May 13, 2014, at 22:20, Devarshi Kulshreshtha <email@hidden> wrote:
> Thanks for your suggestions.
>
> I have one specific question:
>
> In CyrptoExercise sample provided by apple, we have a wrapper class:
> SecKeyWrapper. In this class we have one method: - (NSData
> *)getPublicKeyBits. Shall I use below code to create and send an
> encoded string to server:
>
> 1. SecKeyWrapper *keyWrapper = [SecKeyWrapper sharedWrapper];
> 2. NSData *publicKeyData = [keyWrapper getPublicKeyBits];
> 3. NSString *stringToSend = [publicKeyData
> base64EncodedStringWithOptions:NSDataBase64EncodingEndLineWithLineFeed];
>
> And expect that at android device, it will be decoded in this order:
>
> 1. string will be decoded to ByteBuffer
> 2. From ByteBuffer corresponding key object will be generated
>
> Or do we need to consider any other mechanism?
>
> On Tue, May 13, 2014 at 5:43 PM, ChanMaxthon <email@hidden> wrote:
>> Rounding stuff up, there are two broadly-implemented systems: PKCS and PGP.
>>
>> If you are using PKCS system, you need to operate a CA that your app trusts. Your server issue issue new keys as certificates signed by your CA. Clients provide keys using CSR which is confirmed when signed by the server (probably using an intermediate CA). Programming wise most if not all system can support PKCS or DER certificates.
>>
>> To use PGP system you need to use a PGP key server (a public one is okay) and key exchange is done by exchanging key IDs and searching keys on the key servers.
>>
>> Sent from my iPhone
>>
>>> On May 13, 2014, at 6:24 PM, Devarshi Kulshreshtha <email@hidden> wrote:
>>>
>>> My requirements are:
>>>
>>> Requirement 1: Share public key to java server.
>>>
>>> Steps:
>>>
>>> 1. Generate public-private keys in iOS app.
>>> 2. Store the generated keys in keychain.
>>> 3. Send generated public key to java server.
>>> 4. Java server shall be able to store shared public key in database.
>>>
>>> Requirement 2: Store public key sent by java server.
>>>
>>> Steps:
>>>
>>> 1. Java server sends public key of other user.
>>> 2. Process data sent by java server and generate public key from it.
>>> 3. Store generated key in keychain, which can be later retrieved for
>>> encrypting message to be transferred.
>>>
>>> I am able to achieve steps 1-2 in requirement 1 by using below method
>>> defined in SecKeyWrapper class (CommonCrypto sample):
>>>
>>>
>>> - (void)generateKeyPair:(NSUInteger)keySize
>>>
>>>
>>> Question 1: Now problem is- how shall I send that key to java server?
>>>
>>> We have getPublicKeyBits method in the same class, which returns an
>>> NSData object, on some googling I found that it is in DER encoded
>>> format.
>>>
>>> Question 2: If I send the same NSData object to server, which I guess
>>> it will interpret as ByteBuffer object, will it be possible for other
>>> devices, in my case it could be android, to interpret that data?
>>>
>>> Question 3: What is the best way to share public key in above scenarios?
>>>
>>> Please suggest.
>>> _______________________________________________
>>>
>>> Cocoa-dev mailing list (email@hidden)
>>>
>>> Please do not post admin requests or moderator comments to the list.
>>> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>>>
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>
>
>
> --
> Thanks,
>
> Devarshi
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden