What is com.company.tag_private

Here is my code, and what is supposed to do, is encrypt text with imported certificate as .pem. I imported RSAUtils.swift in the code, and both certificates but I havent done anything in .plist file (I'm not sure if something should be done or not) and the other doubdt that I have is about the com.company.tag_private line. What should I put there instead of 'company'? I tried with my name, but didn't work.

Everything seems to be fine (no errors) untill I launch the app and try to encrypt text, the just nothing happens - no text is output. What am I missing?


This is my code:

@IBOutlet weak var messageToDecrypt: UITextView!
    @IBOutlet weak var decryptedMessageLabel: UITextView!
  
    /
    let privatekey = "com.company.tag_private"
    /
    let publickey = "com.company.tag_public"
  
  
    @IBAction func decrypt(sender: AnyObject) {
      
        func decrypt() {
          
            let privatekey = getKeyStringFromPEM(name: "private_key_pkcs8")
          
            let message = messageToDecrypt.text
            let data = message?.data(using: String.Encoding(rawValue: String.Encoding.utf8.rawValue))
            let decryptedData:NSData? = RSAUtils.decryptWithRSAPrivateKey(data!, privkeyBase64: privatekey, keychainTag: privatekey) as NSData?
            let decryptedMessage = decryptedData?.base64EncodedString(options: NSData.Base64EncodingOptions())
          
            decryptedMessageLabel.text = decryptedMessage
        }
      
    }
  
    override func viewDidLoad() {
        super.viewDidLoad()
        messageToDecrypt.delegate = self
        decryptedMessageLabel.delegate = self
    }
Up vote post of dmnov Down vote post of dmnov
402 views
Posted by
dmnov
Reply
Add a Comment

Replies

… what is supposed to do, is encrypt text with imported certificate as .pem.

I’m not familiar with 

RSAUtils.swift
(it’s not an Apple thing AFAICT) but it seems likely that these tags values relate to the keychain (probably used by 
kSecAttrApplicationTag
). Which is weird because you don’t need to mess with the keychain in order to encrypt data with a certificate. What you need to do is:

  1. Convert the certificate from PEM format into DER format

  2. Create a certificate object (SecCertificate) from that

  3. Extract the public key from that

  4. Encrypt using that public key

I’ll break down each step in turn.

The difficulty of step 1 depends on the source of your certificate. If you’re dealing with one fixed certificate, you can just do the conversion on your Mac (using Keychain Access) and then add the 

.cer
file to your app’s bundle. OTOH, if you have to deal with some arbitrary PEM, you’ll have to write (or acquire) a PEM parser.

To create a certificate object from DER data, call 

SecCertificateCreateWithData
.

To extract a public key from a certificate:

  1. Create a trust object using 

    SecTrustCreateWithCertificates

  2. Evaluate that trust object using 

    SecTrustEvaluate
    (you can ignore the result, but step 3 won’t work unless you’ve done an evaluation)

  3. Get the public key via 

    SecTrustCopyPublicKey

To see how to encrypt using a public key, take a look at the CryptoCompatibility sample code.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment