-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Import Private Keys #10
Comments
Currently there is no way to import a private key, but public one works fine via the appropriate initialisers, is that what you have in mind? |
No, I'm afraid I need to handle private keys as well as public keys. In my application the keys are (encrypted) stored on the server to allow key synchronization between devices. The android part works fine but with iOS I'm kind of stuck trying to use an key received by the server. |
And the private-public key-pair we are talking about is an RSA pair? It might be possible to create an initialiser to take not only public key data, but also that of the private key. I suppose if that's the case, there's should also be a way to export the private key from an instance. I might look at this later this week/month. As a side note, are you stuck importing the key into Keychain? The number one issue there is the difference in format, iOS is very picky about the different headers/metadata in the data, for example it doesn't like the X.509 headers for public keys when importing. |
I think that would be a great method to allow an self-handled set of keys. Also reported here: |
From what I gather, there are more components to a private key than just the exponent and modulus (which are components of the public key): Assuming one had all of the required components of the private key, on iOS they would then need to convert them into PKCS#12 blob (.p12), which could then be imported into the keychain via SecPKCS12Import function resulting in types that the keychain understands and that can be used. This, however, currently seems like too much work for Heimdall to do, it is meant to be as lightweight as possible and support the most common cases of having access to either locally generated keypair or a stored public key. If a key was somehow imported to a specific tag in the Keychain, Heimdall would be able to search for it, meaning that if you were able to import the private key, Heimdall might be able to work with it. For the time being I think this will be the extent of supporting imported private keys in Heimdall. If you manage to import a private key to the Keychain, feel free to submit a pull request. Even if this functionality should be kept clear of Heimdall (for now, anyway), it could serve as a good category/extension/utility. |
Is there the possibiliy to import a keypair received from a server?
I have all keys in modulus/exponent (String) format.
The text was updated successfully, but these errors were encountered: