My understanding is that encrypting with the private key is not considered to be best practice and, as such, is not supported by Apple’s APIs.
the client is responsible of creating keypair, and the server validates sign with the public key.
It sounds like you’re doing signing/verification rather than encryption/decryption. Have you looked at using the signing APIs? For example,
SecKeyCreateSignature
takes a private key. It supports a variety of different signature algorithms, and one of those,
kSecKeyAlgorithmRSASignatureRaw
, allows you to effectively craft your own.
WARNING I recommend against crafting your own signature algorithm. Experience has shown that even algorithms crafted by security experts can have nasty vulnerabilities.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"