Re: Share and store RSA - public key in java server and vice versa
Re: Share and store RSA - public key in java server and vice versa
- Subject: Re: Share and store RSA - public key in java server and vice versa
- From: Jens Alfke <email@hidden>
- Date: Mon, 19 May 2014 10:26:13 -0700
On May 19, 2014, at 3:06 AM, Devarshi Kulshreshtha <email@hidden> wrote:
> 5. Used - wrapSymmetricKey:keyRef: method defined in SecKeyWrapper
> class (CryptoExercise example) for encryption, and passed key obtained
> from step 3 and data to encrypt obtained from step 4 to it
I think you’re misusing wrapSymmetricKey. The NSData you pass into it is not the message itself; it’s a raw symmetric key. The idea is that you create a symmetric key at random (probably 32 bytes for an AES-256 key), wrap (encrypt) that key using the recipient’s public key, encrypt your actual message using the symmetric key, and then send both the wrapped key and the encrypted message to the recipient.
> Problem: getting error - too much data for RSA block
Yup. RSA can only encrypt a block of the same size as its key, so if you’re using RSA-2048 the maximum block size is 256 bytes. The padding formats used with RSA don’t support messages longer than that. In practice, the only things RSA encrypts are symmetric keys, never messages.
(If you’re not familiar with concepts like wrapping and padding, you should really read a good book on cryptography before proceeding. It’s actually rather dangerous to work on this kind of stuff without a solid understanding of the principles, because the crypto building blocks can easily be misused to create systems that are insecure and easily exploited.)
—Jens
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden