简体繁体 English

iOS：我需要将用户的私钥（RSA）转移到我的应用程序。文件共享是一个好的解决方案吗？

[英]iOS: I need to transfer user's private key (RSA) to my App. Is file sharing a good solution?

原文 2015-07-21 15:51:57 7 1 ios/ objective-c/ security/ cryptography/ rsa

I've asked a similar question here earlier iOS: Is it ok to store a RSA private key (use to decrypt text) in your application document directory? 我在较早的iOS平台上曾问过类似的问题：是否可以在应用程序文档目录中存储RSA私钥（用于解密文本）？

However, the person recommend me to use keychain access. 但是，此人建议我使用钥匙串访问。 This will not work for me because after further research only mac users can use keychains in the first place. 这对我不起作用，因为经过进一步研究，只有Mac用户才可以首先使用钥匙串。 Which limits the people who can do this. 这限制了可以做到这一点的人。

I was wondering if it is secure to use Apple's file sharing https://support.apple.com/en-us/HT201301 to allow the user to use his/her private key with the iOS App? 我想知道使用Apple的文件共享https://support.apple.com/zh-cn/HT201301允许用户在iOS App中使用他/她的私钥是否安全？ According to the documents regarding file sharing only my App should be able to access the private key because it is store in the document directory. 根据有关文件共享的文档，只有我的App才能访问私钥，因为它存储在文档目录中。 There is some text that needs to be decrypted in my App. 我的应用程序中需要解密一些文本。

1 个解决方案

The answer to your original question was correct. 您原来的问题的答案是正确的。

The private key should absolutely be stored in the iOS keychain. 私钥应绝对存储在iOS钥匙串中。 You may use iOS's built in document transfer to transfer the key (or you may import it using a local web-server, dropbox, iCloud or any other number of means). 您可以使用iOS的内置文档传输功能来传输密钥（也可以使用本地网络服务器，保管箱，iCloud或任何其他方式导入密钥）。

But after the transfer is done, the key should be stored in the KeyChain. 但是，在完成转移之后，密钥应存储在KeyChain中。 Keeping the private key in the Documents folder would be a reckless risk. 将私钥保存在“文档”文件夹中将是鲁re的风险。 If the iPhone gets lost or stolen, the raw key could easily be extracted. 如果iPhone丢失或被盗，则可以轻松提取原始密钥。