Reputation: 579
How to encrypt data in objective-c using a public key generated from php script
I've looked around and found scant information on encryption on Mac OS X. It seems like OpenSSL support is deprecated in newer version of Mac OS X. I need to be able to support from 10.5 and up. Here's my problem:
I have a public and private key pair generate on our licensing server using php (code shown below)
$dn = array(configs....);
$privkey = openssl_pkey_new();
$csr = openssl_csr_new($dn, $privkey);
$sscert = openssl_csr_sign($csr, null, $privkey, $term);
openssl_x509_export($sscert, $publickey);
openssl_pkey_export($privkey, $privatekey, "somepassphrase");
//base64 encode the keys
$privatekey = base64_encode($privatekey);
$publickey = base64_encode($publickey);
The base64 encoded private key is stored in a secure location on one of our servers and the base64 encoded public key is written to a file for download by our users. The file is loaded into a desktop application for MacOS X written in cocoa, which base64 decodes the public key. Until this step is good. However, I want to then encrypt data with the public key and send it to our license server. Does anyone know how I can use this public key to encrypt data in cocoa and what is the "best" practice method? Any examples or tips would be much appreciated!
Upvotes: 0
Views: 401
Answers (1)
Reputation: 654
It is not so much OpenSSL that is deprecated on the Mac but merely the OpenSSL libraries that are provided by OS X are deprecated. Nothing stops you from compiling your own OpenSSL and use it in your app by statically linking to it:
Although OpenSSL is commonly used in the open source community, OpenSSL does not provide a stable API from version to version. For this reason, although OS X provides OpenSSL libraries, the OpenSSL libraries in OS X are deprecated, and OpenSSL has never been provided as part of iOS. Use of the OS X OpenSSL libraries by apps is strongly discouraged.
If your app depends on OpenSSL, you should compile OpenSSL yourself and statically link a known version of OpenSSL into your app. This use of OpenSSL is possible on both OS X and iOS. However, unless you are trying to maintain source compatibility with an existing open source project, you should generally use a different API.
Common Crypto and Security Transforms are the recommended alternatives for general encryption. CFNetwork and Secure Transport are the recommended alternatives for secure communications.
In other words: It is still fine to use OpenSSL in your OS X app - just don't rely on the bundled OpenSSL anymore. Alternatively, you can make use of OS X' Security Framework: It is capable of handling X.509 public key encryption which you seem to be doing as well.
Source: Cocoa Cryptographic Services Guide
Upvotes: 1
Related Questions
- How to decrypt a PHP script in Objective C / iOS
- Encrypting data in Cocoa, decoding in PHP
- How can I do this same encrypt/decrypt PHP function on iOS with Objective-C?
- Encrypting in PHP, decrypting in IOS
- Use AES to encrypt with Objective-C and decrypt with PHP
- PHP encrypting and objective-c decrypting
- RSA iOS encrypt & PHP decrypt
- Encrypt Login Credentials in Objective-C and decrypt in PHP
- objective-c encryption. php decryption
- What is a standard way to encrypt text in Objective C and decrypt in PHP