Closed hohl closed 9 years ago
Related issues: #23, #17
Hi Michael, Can you let me know how to use RSA in combination with AES in current MIHCrypto ios library?
I don't have any sample, but it's quite simple. Guess you can figure it out by looking at the following steps yourself:
A does: Generate a random key for use with AES (like [MIHAESKeyFactory generateKey]
)
B does: Generate a private/public key pair for RSA (like [MIHRSAKeyFactory generateKeyPair]
)
A does: Download the public key of B (it's up to yours how to transport the key, maybe via HTTP?)
A does: Encrypt the generated AES key via the public RSA key of B (like [MIHRSAPublicKey encrypt:aesKeyData]
)
A does: Send the encrypted AES key to B (again it's up to yours how to send the keys between A and B)
B does: Decrypt the shared AES key with it's private RSA key (like [MIHRSAPrivateKey decrypt:encryptedAesKeyData]
)
A does: Encrypt the data with the shared AES key and send it to B (like [MIHAESSymmetricKey encrypt:yourData]
)
B does: Receive the data and decrypt it with the shared AES key (like [MIHAESSymmetricKey decrypt:yourEncryptedData]
)
Note: For sending keys it may be relevant to know that every key (RSA, AES and every other class which implements MIHCoding) has a -dataValue
and -initWithDataValue:
method which allows you to serialize keys into binary data (NSData
) which can be send over the network.
Thank you for your detailed instructions.
Using RSA with large blocks of data seems to be a common issue. Some wrappers handle this by splitting the data into smaller blocks and encrypting every block separately. But since RSA isn't intended to encrypt large blocks of data this won't be implemented in this wrapper. (Better combine RSA with something like AES if you need features of both worlds.)
At the moment (RELEASE-0.3.2) the error message is:
But it would be more informative if it would be something more descriptive.
Writing some sample and/or wiki page on how to use AES and RSA in combination would be a good idea too.