RSA Pubic Key Encryption & iPhone Security Services
I have an application (windows) which currently uses RSA Bsafe crypto-C for public key encryption. The Bsafe public key object passed into the crypto functions consists of modulus and exponent data (see code snippet below). I see a similar iPhone security function in the "Certificate, Key and Trust Services Reference" called SecKeyEncrypt(). Is there a way to build the public key object from modulus and exponent data for input into SecKeyEncrypt()? The internal details of SecKeyRef parameter appear to be hidden. Ideally, I'd like to use security services provided for the iphone, if possible.
Code Snippet:
unsigned char* encryptNonce(void * rsaModulus,
int rsaModulusLen,
void *rsaExponent,
int rsaExponentLen,
unsigned char * nonce,
int noncelen,
int* encryptednoncelen)
{
unsigned char *encryptednonce = NULL;
B ALGORITHMOBJ randomAlgorithm = (B ALGORITHM_OBJ)NULLPTR;
B ALGORITHMOBJ rsaEncryptor = (B ALGORITHM_OBJ)NULLPTR;
B KEYOBJ publicKey = (B KEYOBJ) NULL_PTR;
A RSAKEY rsaPublicKey;
ITEM myPublicKeyBER = {NULL, 0};
CERT_OBJ certObj = NULL;
unsigned char encryptedData[BLOCK_SIZE];
unsigned int outputLenUpdate, outputLenFinal, outputLenTotal;
int status = 0;
memset(&rsaPublicKey, 0, sizeof(A RSAKEY));
do
{
rsaPublicKey.modulus.len = rsaModulusLen;
rsaPublicKey.exponent.len = rsaExponentLen;
rsaPublicKey.modulus.data = (unsigned char *) T_malloc(rsaModulusLen);
if (rsaPublicKey.modulus.data == NULL) {
break;
}
T_memcpy(rsaPublicKey.modulus.data, (unsigned char *) rsaModulus, rsaModulusLen);
rsaPublicKey.exponent.data = (unsigned char *) T_malloc(rsaExponentLen);
if (rsaPublicKey.exponent.data == NULL) {
break;
}
T_memcpy(rsaPublicKey.exponent.data, (unsigned char *) rsaExponent, rsaExponentLen);
if ((status = B_CreateKeyObject ((POINTER *)&publicKey)) != 0)
break;
if ((status = B_SetKeyInfo (publicKey, KI_RSAPublic, (POINTER) &rsaPublicKey)) != 0)
break;
if ((status = RSA_CreateRandomAlgorithmObject (&randomAlgorithm)) != 0)
break;
/* Step 1: Creating an Algorithm Object */
if ((status = B_CreateAlgorithmObject (&rsaEncryptor)) != 0)
break;
/* Step 2: Set the algorithm object to AI PKCSRSAPublic */
if ((status = B_SetAlgorithmInfo (rsaEncryptor, AI PKCS_OAEPRSAPublic,
NULL_PTR)) != 0)
break;
/* Step 3: Init -- encrypt with the recipient's public key */
if ((status = B_EncryptInit (rsaEncryptor, publicKey, RSA SAMPLECHOOSER,
(A SURRENDERCTX *)NULL_PTR)) != 0)
break;
/* Step 4: Update */
if ((status = B_EncryptUpdate (rsaEncryptor, encryptedData,
&outputLenUpdate, BLOCK_SIZE,
nonce, noncelen,
randomAlgorithm,
/ &generalSurrenderContext/NULL)) != 0)
break;
/* Step 5: Final */
if ((status = B_EncryptFinal (rsaEncryptor,
encryptedData + outputLenUpdate,
&outputLenFinal,
BLOCK_SIZE - outputLenUpdate,
randomAlgorithm,
/ &generalSurrenderContext/NULL)) != 0)
break;
outputLenTotal = outputLenUpdate + outputLenFinal;
} while (0);
Code Snippet:
unsigned char* encryptNonce(void * rsaModulus,
int rsaModulusLen,
void *rsaExponent,
int rsaExponentLen,
unsigned char * nonce,
int noncelen,
int* encryptednoncelen)
{
unsigned char *encryptednonce = NULL;
B ALGORITHMOBJ randomAlgorithm = (B ALGORITHM_OBJ)NULLPTR;
B ALGORITHMOBJ rsaEncryptor = (B ALGORITHM_OBJ)NULLPTR;
B KEYOBJ publicKey = (B KEYOBJ) NULL_PTR;
A RSAKEY rsaPublicKey;
ITEM myPublicKeyBER = {NULL, 0};
CERT_OBJ certObj = NULL;
unsigned char encryptedData[BLOCK_SIZE];
unsigned int outputLenUpdate, outputLenFinal, outputLenTotal;
int status = 0;
memset(&rsaPublicKey, 0, sizeof(A RSAKEY));
do
{
rsaPublicKey.modulus.len = rsaModulusLen;
rsaPublicKey.exponent.len = rsaExponentLen;
rsaPublicKey.modulus.data = (unsigned char *) T_malloc(rsaModulusLen);
if (rsaPublicKey.modulus.data == NULL) {
break;
}
T_memcpy(rsaPublicKey.modulus.data, (unsigned char *) rsaModulus, rsaModulusLen);
rsaPublicKey.exponent.data = (unsigned char *) T_malloc(rsaExponentLen);
if (rsaPublicKey.exponent.data == NULL) {
break;
}
T_memcpy(rsaPublicKey.exponent.data, (unsigned char *) rsaExponent, rsaExponentLen);
if ((status = B_CreateKeyObject ((POINTER *)&publicKey)) != 0)
break;
if ((status = B_SetKeyInfo (publicKey, KI_RSAPublic, (POINTER) &rsaPublicKey)) != 0)
break;
if ((status = RSA_CreateRandomAlgorithmObject (&randomAlgorithm)) != 0)
break;
/* Step 1: Creating an Algorithm Object */
if ((status = B_CreateAlgorithmObject (&rsaEncryptor)) != 0)
break;
/* Step 2: Set the algorithm object to AI PKCSRSAPublic */
if ((status = B_SetAlgorithmInfo (rsaEncryptor, AI PKCS_OAEPRSAPublic,
NULL_PTR)) != 0)
break;
/* Step 3: Init -- encrypt with the recipient's public key */
if ((status = B_EncryptInit (rsaEncryptor, publicKey, RSA SAMPLECHOOSER,
(A SURRENDERCTX *)NULL_PTR)) != 0)
break;
/* Step 4: Update */
if ((status = B_EncryptUpdate (rsaEncryptor, encryptedData,
&outputLenUpdate, BLOCK_SIZE,
nonce, noncelen,
randomAlgorithm,
/ &generalSurrenderContext/NULL)) != 0)
break;
/* Step 5: Final */
if ((status = B_EncryptFinal (rsaEncryptor,
encryptedData + outputLenUpdate,
&outputLenFinal,
BLOCK_SIZE - outputLenUpdate,
randomAlgorithm,
/ &generalSurrenderContext/NULL)) != 0)
break;
outputLenTotal = outputLenUpdate + outputLenFinal;
} while (0);
Dell D610, Windows XP Pro, xx