New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Themis iOS and BoringSSL: Objective-C Implementation #336
Comments
@CodeTeamLabs you are doing everything right. I've prepared small test project with themis
|
@vixentael Hi and thx! in my podFile I have download Themis with :
2.I have seen the documentation with the examples but I could not understand well when we use
You can help me to understand ... I currently need to encrypt messages from a chat within my application and decrypt them for the recipient ... I want to specify that I use Firebase Real Time Database.
|
Regarding keys: In our examples we're using base64 encoded keys. Generate keys and encode to base64:
Decode keys from base64:
Server public and client private keys Secure Message helps to encrypt and sign data. We always show example when one party ("client") encrypts data for other party ("server"). In this case, each party generates a key pair: private and public keys, and exchange their public keys. Exchanged keys are usually encoded in base64. To encrypt data on "client" side you use client's private key and server's public key:
Server-side receives encrypted data from client and decrypts it using own private key and client's public key:
|
Thank you, from Can you try to deintegrate pods and to link to Themis with BoringSSL?
Let's test if this is an issue of using both OpenSSL and BoringSSL in one project 🤔 If this won't help, could you please send your example project to our email dev@cossacklabs.com? I'll try to debug and to check other dependencies. |
@vixentael ok but Now I have insert |
Keys are generated as binary (NSData), to transfer them via network or to show in docs, we encode binary to base64. From NSData to base64:
From base64 to NSData:
So, yes, technically, when docs says "clientPrivateKeyString" it means that client generated this key using |
Deintegrating pod, removing DerivedData and cleaning the project should help. |
DerivedData is a temp/cache folder where Xcode stores project cached files. How to delete derived data. Usually, removing pod, removing DerivedData, adding pod back and cleaning project helps to solve temporary issues. |
ok ... now work ... I see the key in NSLog and no have error... now I just need to try playing with themis to learn and manage with firebase: D .. I hope I understand ... I'm sorry for my stupid questions.. now work only |
Yay, great that it helped! 👍 I have a separate example with Themis and Firebase that I used for my workshop. https://github.com/vixentael/zka-example It's a simple Notes application that uses Firebase database as storage. First, students were encrypting their notes and storing them in Firebase. We used Themis Secure Cell to encrypt notes. Then, students were sharing encryption keys with each other to decrypt their friends' notes. Sharing encryption keys in plaintext is always a bad idea, so before sharing they encrypted their keys using Themis Secure Message (using own private key and friend's public key), so only their friend could decrypt their notes. Although it's not a chat, but you might find this example useful for your case. |
I follow the Themis/Firebase tutorial in your documentation and I read this...
can I ask what you mean by this message? Should I save the keys in a keyring such as a third-party library like SSKaychain? |
Block "Next steps" has numerous suggestions how to improve security, including key management.
Yes, it's important to store encryption keys in Keychain. You might use native Keychain API or external library for that. |
Perfect @vixentael ...thanks you have been very kind to me ... Thanks again ... if I have 'other problems I will open a new post: D |
@vixentael last question! :D ... sendPublicKeyToServer:.. did you mean? Public key ---> save in Database right? |
In short, yes. In longterm, read about public key infrastructure (PKI) — architecture how to store and manage public keys, so attackers won’t easily change them. |
@vixentael in fact I was just reading the part where advice keybase.io ... and it 's here that I'm having a lot of difficulty to understand ... I would ask you 2,000 questions because I'm just exploding ... this part of the cryptography for me is completely new ... I can not make clear all the steps I have to do ... besides keybase.io I've never used it ... it's frustrating: D |
but Keybase.io is a chat?? |
@CodeTeamLabs this is an issue tracker for Themis, but not a public chat about cryptography and secure chats :) I agree that cryptography is very exciting! I’d be glad to answer to your questions in my spare time, but it’s limited. If project you're working on has a commercial substance, you might want to talk to our sales team on security consulting. |
no will not be released by payment but the only monetization of the app will be the publicity within it ... But in case the keys are saved in the DB of Firebase why should I have risks ??? the keys are encrypted and therefore protected .. wrong? |
@vixentael hi! I'm trying to figure out how I should use the key to save public keys? can you help me in this? What operations to do to save the public key in keybase as you suggested? Are there any documentations, examples or videos that can help me to understand? I'm looking on the net but I can not find something useful.. also I was thinking of one thing ... if I save the private keys in a keychain and the public keys on Firebase I would have security problems because the private keys can be easily used right? Looking at the Firebase security text we have the ability to set rules for each json node so I was thinking ... If I changed the rules of my node (eg userKeys) forbidding reading and writing to the world but only to the user who did you access my app by going through the Firebase authentication process? in this case the data of the Public Key would be visible only to those who have logged in ... Could it be a valid solution for you? I show you the setting of the Firebase rules to make you better understand what I mean
|
I have: implemented in viewDidLoad the keyGenerator:
I see the NSLog with this error ... where I wrong?
Then I wanted to ask another question ... Are these two specific strings
referring to something in particular? or are the values of
keygenRSA.privateKey
/keygenRSA.publicKey
???Environment info
OS: iOS 12
Installation way:
install with pod 'Themis'
The text was updated successfully, but these errors were encountered: