Creating an RSA private key in iOS

Question

I'm trying to rewrite some Java (Android) code in ObjC on the iPhone. The code will do a basic web service call and needs to set some headers with authentication information.

One part of that information is an encrypted hash of the data I am sending over.

The Java version calculates an SHA256 signature using an RSA private key that is generated on the phone. The private key is generated using a seed that I have available.

The (simplified) java code is as follows:

KeyFactory keyFactory = KeyFactory.getInstance("RSA");
Signature sig = Signature.getInstance("SHA256WithRSAEncryption");

// I get the private key bytes from an outside source
EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
sig.initSign(keyFactory.generatePrivate(privateKeySpec));

sig.update(/* insert my data here */);
return sig.sign();

Now I'm trying to recreate this in iOS and ObjC. Doing the SHA256 signature calculation is easy, but I don't see how to create a private RSA key easily. I would prefer to use the built-in API's if there are any available, but if I must use a third party library like OpenSSL then I can live with that as well.

Answer 1

Most people (citation needed) elect to go with the third party OpenSSL library, not only because rolling your own crypto is hard, but also because their is a good chance you'll create bad crypto if you're not already experienced with it.

That said, nothing prevents you from writing your own SHA256 hash, in straight C or C++ if you like, although I think you'll find your PRNG options lacking and find yourself spending altogether way too much time on entropy pools and the like.

If you do come across a good SHA256 primitive without all the extra baggage of OpenSSL, I'd love to learn about it too! But so far I haven't seen one.