SecKeyCopyExternalRepresentation returns data in the PKCS #1 format for an RSA key. The RSA Public key PEM file looks like below
----BEGIN RSA PUBLIC KEY
BASE64 ENCODED DATA----END RSA PUBLIC KEY
Within the base64 encoded data the following DER structure is present:
RSAPublicKey ::= SEQUENCE {
		modulus					 INTEGER,	-- n
		publicExponent		INTEGER	 -- e
}
The PKCS #1 format for an RSA key should be preppended by appropriate “precoded” ASN.1 binary data structure. Refer to the pemPrefixBuffer in the example below:
				// creating client public and private key
				var publicKeySec, privateKeySec: SecKey?
				var error: Unmanaged<CFError>?
				let keyattribute = [
						kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
						kSecAttrKeySizeInBits as String : 1024,
						kSecAttrIsPermanent as String: false
						] as CFDictionary
				SecKeyGeneratePair(keyattribute, &publicKeySec, &privateKeySec)
				// client public key to pem string
				let keyData = SecKeyCopyExternalRepresentation(publicKeySec!, &error)
				let data = keyData! as Data
				let pemPrefixBuffer :[UInt8] = [
						0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a,
						0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
						0x05, 0x00, 0x03, 0x81, 0x8d, 0x00
				]
				var finalPemData = Data(bytes: pemPrefixBuffer as [UInt8], count: pemPrefixBuffer.count)
				finalPemData.append(data)
				let finalPemString = finalPemData.base64EncodedString(options: .lineLength64Characters)
				let clientPublicKeyString = "-----BEGIN PUBLIC KEY-----\r\n\(finalPemString)\r\n-----END PUBLIC KEY-----\r\n"
Now you can send clientPublicKeyString to your server expecting a PEM encoded RSA Public key.
sagar.mody@dieboldnixdorf.com
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Last seen
User for