Is there a way in dart to generate a file in the PKCS12 / .p12 / .pfx Format by passing in a Certificate and it's Private Key in pure Dart?
The BouncyCastle Port has no support for PKCS 12
For Android, there is the Bouncy Castle Library (Java), I tested it and it works like a charm.
For iOS I find it difficult to build a Plugin with the Open SSL Library linked to it because there is currently no way to tell Xcode to include C Code inside a Flutter Plugin.
dart:ffi would be an option, but it seems like dart has problems with C pointers, so I am not sure how to tackle this.
Related
I am trying to find a good library to do the following:
Generate RSA public and private key pairs
Encrypt / decrypt using keys
Sign using private key / verify with public key
Generate SHA256 hashes
I tried many libraries, but I can't seem to find something simple and straightforward with all these functions. In python pycrypto covers all this, it's really strange that there doesn't seem to be something like this available for Swift.
If you are using iOS 13 or above as the base SDK for your app then you should look at CryptoKit from Apple as it should cover what you are looking for.
https://developer.apple.com/documentation/cryptokit
If you need to support devices running versions of iOS older than iOS13 then you should look at CommonCrypto (also native to Apple) but if you can afford to only support iOS13 and above then CryptoKit is far better and easier to implement.
Hello I am cosidering using dart for a project, but have a requirement where I need to be able to create a digest by signing a string with a key using SHA1withRSA.
So far the official crypto library in dart does not seem to support RSA encryption. There are other libraries but with very limited documentation.
My iOS app is handling x509 certificates + keys (DER encoded) at runtime. The only way I am able to successfully import them into the keychain is to use PKCS12 using the function: SecPKCS12Import()
I have been trying hard to get it running using only SecItemAdd(). I used that function for the DER encoded certificate and again for the DER encoded key. But even though the call return with success, querying the keychain afterwards didn't yield a SecIdentityRef.
So I ended up using the OpenSSL PKCS12 implementation. I am very keen on getting rid of my dependency on OpenSSL. I have been looking around for alernative implementations of PKCS12. The only alternative lib I found was hosted in apples open source repo:
https://opensource.apple.com/source/Security/Security-57031.10.10/Security/libsecurity_pkcs12/
Though this is an OS X project that has (i suppose) many dependencies to other modules of the security framework. Before I start looking deeper into this
I was wondering:
Is there any chance for me to run libsecurity_pkcs12 on iOS?
Or better: is there any alternative small footprint PKCS12 library that I am not aware of?
Or even better: has anyone imported x509 + key into the iOS keychain (yielding a SecIdentityRef afterwards) without using PKCS12?
I would like to encrypt a plist file at building time (XCode) and then decrypt it at running time when launching the app. As you can see, the purpose is to encrypt the entire plist file, and not just some text inside it.
I've tried to encrypt this file with a run script and OpenSSL, and decrypt it with RNCryptor for Swift, but I couldn't find a good result.
On the other hand, I've seen some posts talking about OpenSSL vs new Mac OS, and maybe this command is not good enough to encrypt due it's deprecated.
Please any idea about it?
Thanks!!
The latest version of Delphi, XE4, allows for the building of iOS applications. There was some discussions on the newsgroups to use native iOS libraries for HTTPS/Posting to avoid issues with OpenSSL libraries and Indy 10. What's the recommended way of using native libraries to perform HTTP Posting? (In my example, JSON document upload and response.)
I figured it out...
Background:
Indy, the "native" code used for webservice calls in XE4, relies on OpenSSL. In most situations, OpenSSL is linked to via dynamic library (in windows a DLL). iOS does not support dynamic libraries, therefore once the code is compiled into a binary and sent to an iOS device, the OpenSSL calls fail because there is no backing library. The solution is to compile OpenSSL into your project. You can do this by downloading the OpenSSL source and adding it to your project, or source the static libraries from somewhere else and add them to your project. I found the static libraries here:
http://indy.fulgan.com/SSL/OpenSSLStaticLibs.7z
That is one of the indy mirrors, so hopefully it should be OK. You need to put the two files somewhere that your project is knowledgeable of and then add IdSSLOpenSSLHeaders_Static to your uses. Now, your compiled code will include the OpenSSL code and your issue should be resolved.