Implement PKCS1 V1.5 in iOS.

Which type of SecPadding are you using for PKCS1 and what are the methods you are using for RSA Encryption/Decryption in iOS? What is the failure message or logs you are seeing?

Matt Eaton

DTS Engineering, CoreOS

meaton3 at apple.com

Hi Matt,

I had run into a similar problem.

When we use tool - SwiftyRSA to encrypt and decrypt data and send it to backend, it was working successfully until I have updated Xcode to 11.4

Using the same code which compiled from Xcode 11.3.1 can encrypt and decrypt, but failed randomly in the release environment on v11.4.

Do you have any ideas or suggestions on how we should solve this issue?

Tool:SwiftyRSA

Github:https://github.com/TakeScoop/SwiftyRSA

RSA 4096

func startTest() {

        var pubKey: PublicKey?

        var priKey: PrivateKey?

        do {

               //RSA Public Key AAA.pem

            pubKey = try PublicKey(pemNamed: "AAA")

               //RSA Private Key BBB.pem

            priKey = try PrivateKey(pemNamed: "BBB")

        } catch {

        }

        var errorCount = 0

        let testCount = 1000

        var round = 0

        var testTimer: Timer?

        testTimer = Timer.scheduledTimer(withTimeInterval: 0.01, repeats: true) { (timer) in

            round += 1

            if round < testCount {

                guard let publicKey = pubKey, let privateKey = priKey else {return}

                let time = Date().timeIntervalSince1970

                let timeStr = String(Int(time * 1000))

                var plainStr = ""

                do {

                    let clear = try ClearMessage(string: timeStr, using: .utf8)

                    let encrypted = try clear.encrypted(with: publicKey, padding: .PKCS1)

                    let cypherStr = encrypted.base64String

                    let encryptedB = try EncryptedMessage(base64Encoded: cypherStr)

                    let clearB = try encryptedB.decrypted(with: privateKey, padding: .PKCS1)

                    plainStr = try clearB.string(encoding: .utf8)

                } catch {

                    plainStr = error.localizedDescription

                }

                if timeStr != plainStr {

                    errorCount += 1

                    print("string: \(timeStr), plainStr: \(plainStr)")

                    print("round: \(round), errorCount: \(errorCount)")

                } else {

                    print("round: \(round), errorCount: \(errorCount)")

                }

            } else {

                testTimer?.invalidate()

                testTimer = nil

                print("round: \(round), errorCount: \(errorCount) failed: \(Float(Float(errorCount)/Float(round)))")

            }

        }

    }

When we use tool - SwiftyRSA to encrypt and decrypt data …

I recommend that you escalate this via the support channel for that library. It’s hard for folks to offer an opinion on this sort of thing without a deep understanding of the code.

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Hi,

if you read carefuly the issues on the Swifty Repo, you will find that the error is due to Swift5.2. There is a fix :

https://github.com/TakeScoop/SwiftyRSA/issues/183