Reputation: 917
encrypt data with untrusted certificate on ios
I'm developing an app in iPhone where I connect to a webService. To send the password of the user I want to encrypt it. To do that I have created a pair of public/private Keys, the private key is on the server to decrypt the password and the public is on the app of iPhone where I encrypt the password. I have created the pair with:
$ openssl genrsa -out private.pem 1024
$ openssl rsa -in private.pem -out public.pem -outform PEM -pubout
When I encrypt the message I use this code to create the SecCertificateRef:
NSData *certData = [NSData dataWithContentsOfFile:[[NSBundle mainBundle] pathForResource:@"wspublickey" ofType:@"pem"]];
SecCertificateRef cert = SecCertificateCreateWithData(kCFAllocatorDefault, (__bridge CFDataRef)certData);
After this instruction cert==nil, I pass a lot of time trying to understand post about it(I understand the teary of asymmetric keys but I'm totally inexperienced implementing it). My conclusions is that my certificate is untrusted and it's why SecCertificateCreateWithData returns nil. My question is how I should encrypt my data if I don't want to pay a trusted certificate? Sorry for my poor understanding of the implementation of encrypt data with rya public key certificate but i'm lost and I don't know how I should solve this problem. Thanks for your help. Post readed:
"untrusted server certificate" on iPhone http://omegadelta.net/2011/01/17/ios-untrusted-server-certificate/ http://lists.apple.com/archives/apple-cdsa/2009/Jun/msg00012.html
All I want is to make the equivalent to the command:
$ openssl rsautl -encrypt -inkey public.pem -pubin -in file.txt -out file.ssl
Upvotes: 2
Views: 2009
Answers (3)
Reputation: 597
The Problem is comming from the file format.
you are using PEM instead of DER with is the binary format for iOS API SecCertificateCreateWithData( )
Upvotes: 0
Reputation: 917
Finally I found what I was searching for. What I need like CodeInChaos say is my self-signed certificate. With it my code works fine. To do it I use this command:
openssl req -x509 -out public_key.der -outform der -new -newkey rsa:1024 -keyout private_key.pem -days 3650
I have found very usefull this post:
It responds to a lot of questions. Is not in english but google translated well so it's not a big problem. I hope this help someone with the same problem.
Upvotes: 1
Reputation: 67019
In order to do this securely you must use HTTPS or SSL/TLS. If you don't want to shell out the $5 for a certificate you can use a self signed certificate and hardcore the public key. No need to build your own protocol, that is a waste of time.
Upvotes: 0
Related Questions
- Encryption algorithm for iOS application over HTTPS
- Encrypt using RSA Certificate in Swift
- How to use installed SSL certificate to secure iOS app?
- SSL Certificates with iOS application
- iOS HTTPS SSL Certificates
- How to encrypt data using public key under iOS
- Encrypting data in iOS
- Certificate to be used for encryption in iOS MDM
- iOS encryption to use web data securely
- iPhone encryption with certificate