How to sign and verify some data on iOS with an RSA key (preferably using the system own libcommonCrypto
)?
2 Answers
Since there hasn't been nearly any knowledge about signing and verifying found on StackOverflow and the Apple docs, I had to manually browse around in the iOS header files and found SecKeyRawSign
and SecKeyRawVerify
. The following lines of code seem to work.
Signing NSData (using SHA256 with RSA):
NSData* PKCSSignBytesSHA256withRSA(NSData* plainData, SecKeyRef privateKey)
{
size_t signedHashBytesSize = SecKeyGetBlockSize(privateKey);
uint8_t* signedHashBytes = malloc(signedHashBytesSize);
memset(signedHashBytes, 0x0, signedHashBytesSize);
size_t hashBytesSize = CC_SHA256_DIGEST_LENGTH;
uint8_t* hashBytes = malloc(hashBytesSize);
if (!CC_SHA256([plainData bytes], (CC_LONG)[plainData length], hashBytes)) {
return nil;
}
SecKeyRawSign(privateKey,
kSecPaddingPKCS1SHA256,
hashBytes,
hashBytesSize,
signedHashBytes,
&signedHashBytesSize);
NSData* signedHash = [NSData dataWithBytes:signedHashBytes
length:(NSUInteger)signedHashBytesSize];
if (hashBytes)
free(hashBytes);
if (signedHashBytes)
free(signedHashBytes);
return signedHash;
}
Verification (using SHA256 with RSA):
BOOL PKCSVerifyBytesSHA256withRSA(NSData* plainData, NSData* signature, SecKeyRef publicKey)
{
size_t signedHashBytesSize = SecKeyGetBlockSize(publicKey);
const void* signedHashBytes = [signature bytes];
size_t hashBytesSize = CC_SHA256_DIGEST_LENGTH;
uint8_t* hashBytes = malloc(hashBytesSize);
if (!CC_SHA256([plainData bytes], (CC_LONG)[plainData length], hashBytes)) {
return nil;
}
OSStatus status = SecKeyRawVerify(publicKey,
kSecPaddingPKCS1SHA256,
hashBytes,
hashBytesSize,
signedHashBytes,
signedHashBytesSize);
return status == errSecSuccess;
}
Alternatives (OpenSSL):
There is a very good alternative available which utilizes OpenSSL directly instead of libCommonCrypto. MIHCrypto is a well-designed Objective-C wrapper library for OpenSSL which makes working with cryptography very easy. See the example below.
Generating a key is that simple:
MIHAESKeyFactory *factory = [[MIHAESKeyFactory alloc] init];
id<MIHSymmetricKey> aesKey = [factory generateKey];
Or loading a key from file:
NSData *privateKeyData = [[NSFileManager defaultManager] contentsAtPath:"mykey.pem"];
MIHRSAPrivateKey *privateKey = [[MIHRSAPrivateKey alloc] initWithData:privateKeyData];
Now sign something:
NSError *signingError = nil;
NSData *message = // load something to sign from somewhere
NSData *signature = [privateKey signWithSHA256:message error:&signingError]
For more examples browse the MIHCrypto page.
-
1Would be great to have a similar example of
SecKeyRawSign
andSecKeyRawVerify
in Swift. If someone succeeded in that, please link to / paste it here. Will do the same when I get it working.– stannieApr 10, 2015 at 5:14 -
Any luck? I really need help! stackoverflow.com/questions/32759385/… Sep 29, 2015 at 17:08
-
2
-
Works great! The only problem is when I verify signature in C#, the result is always false. Is it compatible with RSACryptoServiceProvider in C#?– iz25Sep 2, 2021 at 12:30
It is actually much simpler, no need to create the hash manually
func validateRSASignature(signedData: Data, signature: Data, publicKeyData: Data) -> Bool {
// Create a SecKey instance from the public key data.
let publicKey: SecKey! = SecKeyCreateWithData(publicKeyData as NSData, [
kSecAttrKeyType: kSecAttrKeyTypeRSA,
kSecAttrKeyClass: kSecAttrKeyClassPublic
] as NSDictionary, nil)
// Verify the RSA signature.
return SecKeyVerifySignature(publicKey,
.rsaSignatureMessagePKCS1v15SHA512,
signedData as NSData,
signature as NSData,
nil)
}
This should be possible since iOS 10. You might want to expand on the error handling if your key data and other input varies.
SecKeyRef
(in memory reference which may originate from keychain, PEM or anything else supported by Apple Security Framework). The kind of key shouldn't matter for my question, but at the moment I am storing all the keys (own private key and some public keys) in the device sandboxed keychain.java.security.Signature
.)