I have implemented RSA encryption on kotlin backend and iOS client I am trying to decrypt some data encrypted using public key generated from iOS, the encryption works but decryption fails on iOS using the iOS private key for some reasons 🤔 But the same process works with a jvm app and android app. Has anyone successfully implemented something similar at their end ?

More details needed. What API are you using to perform encryption? And is there a ios-native API under its hood?

On jvm I’m using the built in packages https://github.com/oianmol/capillary-kmp/blob/development/src/jvmMain/kotlin/dev/baseio/security/CapillaryEncryption.kt On ios i am using swiftyrsa

I could not say what is going wrong without proper debugging. Sorry. Also I can see that you are using

Tink

library for iOS, however, there is embedded

CryptoKit

Swift framework to perform identical operations.

Thanks for your reply! I really appreciate it! I’m using tink on android and jvm platform also. So ended up using it,, will checkout cryptokit if it helps.. but my problem is related to padding on ios i guess, the encrypted data from jvm backend doesn’t get decrypted on ios .. will update this thread if i get something..

Yep, the guy used

Security

framework, which is Ok, but a bit outdated. Unlike

CryptoKit

, this framework is accessible directly from Kotlin as it has good old C interface.

Good read https://www.andyibanez.com/posts/cryptokit-not-enough/

I've implemented an (unfortunate) amount of cross platform cryptographic operations to iOS, however never in Kotlin. Assumed padding was a bugbear on one system. Bad key lengths were another issue with a different system. I strongly suggest manually copying keys from one system to the other to ensure this isn't key generation issue first off, then, if it's actually an encryption problem, double check you're not double encoding/double decoding data through base64 or something like that. It's not at all surprising when a cryptographic api is like "here, lets also toss in a base64 decode and not document it well". AES GCM is natively supported in CryptoKit although I understand it will be a bit of an interop pain for you due to the swift package. https://developer.apple.com/documentation/cryptokit/symmetrickey I do see your preferred library is specifying SHA1 at one place (the mask generation function). The number of libraries which wholesale pull SHA1 out to make passing security audits go well mean there is a decent chance you're accidentally getting a different mask gen function on iOS. If you're considerably more familiar with the Kotlin/Java side of things, attempting to decrypt things by adjusting your kotlin/backend code first to figure out what parameters iOS keygen is giving you for the key their then figuring out how to fix it is an approach that can work well. With crossplatform frameworks and the iOS keychain, it's also worth a spot check to verify you're not pulling out something really weird that isn't a key at all. The c interface to the iOS keychain is full of footguns.

Thanks for the detailed info @Michael Langford ! I am gonna try manually copy pasting the keys from ios platform for enc/dec on jvm and vice versa and will check if that fails.. will double check if base64 is causing these issues too! Thanks again!