Home/ Questions/Q 8106059
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-06T00:20:46+00:00

I’m new to this topic so sorry if this is a stupid question :\

  • 0

I’m new to this topic so sorry if this is a stupid question :\

I’m trying to decrypt a message with a given public key. Both the message and public key is given from the webservice.

See the following code for how i currently do the decrypting:

 for (NSValue *refVal in keyRefs) {
    SecKeyRef p_key = NULL;
    [refVal getValue:&p_key];
    if (p_key == NULL) continue;

    size_t dataLength = encryptedData.length;
    size_t outPutLength = MAX(dataLength, SecKeyGetBlockSize(p_key));

    void *outPutBuf = malloc(outPutLength);
    if (outPutBuf) {

        //  Error handling
        OSStatus status = SecKeyDecrypt(p_key,
                                        kSecPaddingNone,
                                        encryptedData.bytes,
                                        encryptedData.length,
                                        outPutBuf,
                                        &outPutLength
                                        );


        NSLog(@"decryption result code: %ld (size: %lu)", status, outPutLength);
        NSLog(@"FINAL decrypted text: %s", outPutBuf);

        if (status == errSecSuccess) {
            break;
        }
    } else {

        //Error handling
    }
}

I get no errors, but the decrypted string is displayed like this (the correct output should be a JSON array): 

decryption result code: 0 size:511)  
FINAL decrypted text: ˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇˇ

Is it because I use the “SecKeyDecrypt” with a “public key” instead of a “private key”? In that case, what should i instead use for decrypting?

Thanks for any help regarding this!

EDIT: I’m using code from: http://blog.flirble.org/2011/01/05/rsa-public-key-openssl-ios/ to use the public key i get from the server (this is where “keyRefs” from the code snippet comes from)

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Of course, the public key is something someone else uses to encrypt data so that only someone with the private key can decrypt it.

    The very definition of a public key is that you can give it to anyone. You wouldn’t want anyone to be able to decrypt anyone else’s encrypted message would you?

    It is impossible to tell from your code fragment where your private key is stored, or what the contents (or even class) of keyRefs is.

    EDIT: In response to above OP’s comment. And clarification.

    *”The public key itself is the public part of a RSA-key-pair stored on the server. The encrypted message was created on the server by first JSON-encoding the object, then encrypted with the private-key with OPENSSL_PKCS1_PADDING, then base64-encoded, and then JSON-encoded again as a part of the final message. The message and public key is stored on the client. What i want is to decrypt the message on the client by using the public key. As i said, im not very good at this subject so i might have tried to do this the wrong way”*

    Thats not how public key cryptography works. The server and client exchange public keys. Then each of them use the other’s public key to encrypt data sent to the opposite party. The receiving party always uses their own private key to decrypt the message.

    If you want the server to generate an encrypted response, have the client pass their public key in the request, use that public key to encrypt the response, and then decrypt the response on the client with the client’s private key.

    • 0