Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Import Private Keys #10

Closed
chrstnwhlrt opened this issue Jun 10, 2015 · 5 comments
Closed

Import Private Keys #10

chrstnwhlrt opened this issue Jun 10, 2015 · 5 comments

Comments

@chrstnwhlrt
Copy link

Is there the possibiliy to import a keypair received from a server?
I have all keys in modulus/exponent (String) format.
@henrinormak
Copy link
Owner

Currently there is no way to import a private key, but public one works fine via the appropriate initialisers, is that what you have in mind?

@chrstnwhlrt
Copy link
Author

No, I'm afraid I need to handle private keys as well as public keys. In my application the keys are (encrypted) stored on the server to allow key synchronization between devices. The android part works fine but with iOS I'm kind of stuck trying to use an key received by the server.

@henrinormak
Copy link
Owner

And the private-public key-pair we are talking about is an RSA pair? It might be possible to create an initialiser to take not only public key data, but also that of the private key. I suppose if that's the case, there's should also be a way to export the private key from an instance. I might look at this later this week/month.

As a side note, are you stuck importing the key into Keychain? The number one issue there is the difference in format, iOS is very picky about the different headers/metadata in the data, for example it doesn't like the X.509 headers for public keys when importing.

@chrstnwhlrt
Copy link
Author

I think that would be a great method to allow an self-handled set of keys.
The format is a real headache using swift/ios, I'm still not sure how to
convert an existing modulus/exponent key in string/decimal format to a SecKeyRef.
Happy for any advise..

Also reported here:
http://stackoverflow.com/questions/30759803/get-seckeyref-from-modulus-exponent

@henrinormak
Copy link
Owner

From what I gather, there are more components to a private key than just the exponent and modulus (which are components of the public key):
http://stackoverflow.com/questions/25066752/how-do-i-extract-the-private-key-components-n-and-d-from-a-private-rsa-key
http://www.herongyang.com/Cryptography/OpenSSL-RSA-Viewing-Components-of-RSA-Keys.html

Assuming one had all of the required components of the private key, on iOS they would then need to convert them into PKCS#12 blob (.p12), which could then be imported into the keychain via SecPKCS12Import function resulting in types that the keychain understands and that can be used.

This, however, currently seems like too much work for Heimdall to do, it is meant to be as lightweight as possible and support the most common cases of having access to either locally generated keypair or a stored public key. If a key was somehow imported to a specific tag in the Keychain, Heimdall would be able to search for it, meaning that if you were able to import the private key, Heimdall might be able to work with it. For the time being I think this will be the extent of supporting imported private keys in Heimdall.

If you manage to import a private key to the Keychain, feel free to submit a pull request. Even if this functionality should be kept clear of Heimdall (for now, anyway), it could serve as a good category/extension/utility.

@henrinormak henrinormak changed the title Import Keys Import Private Keys Jun 13, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chrstnwhlrt @henrinormak