Support RSA.PKCS1 on Apple provider

[StefanOltmann]

I wish support for RSA.PKCS1 on the -apple provider. The openssl3-prebuilt works fine on iOS for me, but I fear that I will have to provide a export compliance, because it's additional cryptography to the apple build-in:
https://developer.apple.com/documentation/security/complying_with_encryption_export_regulations

As far as I understand I do not need to fill this form I just use cryptography provided by Apples framework.

My use case is verification of RS256 JWT signatures.

[whyoleg]

Hey!
Thanks for raising the issue here!

First, regarding RSA in apple provider.
I will add RSA for apple provider in coming release (in several weeks, I have a prototype already in some old branch). But keep in mind, that Security Framework (where RSA is implemented out-of-the-box) have minimal support for key encoding/decoding, and until we will have some kind of ASN.1 (DER) encoder/decoder implemented in cryptography-kotlin (there is no such kind of things for Kotlin Multiplatform, yet), there will be only PKCS#1 format (it differs from standard DER/PEM encoding).
Some links for context about difference between RSA key formats:

• https://www.starkandwayne.com/blog/credhub-keysmust-be-pem-encoded-pkcs1-keys/index.html#:~:text=The%20difference%20between%20these%20two,released%20after%20PKCS%231%20chronologically.
• https://stackoverflow.com/questions/48958304/pkcs1-and-pkcs8-format-for-rsa-private-key
• https://crypto.stackexchange.com/questions/103582/confusion-over-pkcs1-and-traditional-options-with-openssl

Second, regarding Apple export regulations.
As far as I found, if you are using open source solutions (like cryptography-kotlin which is using openssl, which are both open-source) - you are falling into exemption, and so there should be no problems. Still, AFAIU you will still need to send annual (year-end) self-classification report to the US government to comply with the encryption export regulations, though, as far as I see, this step is needed even if you use standard Apple encryption, or even just do HTTPS requests - they all are treated as exemption, and so you will need only to submit this report. Looks like Google Play has the same policy for encryption, so it should be something standard (I believe).
Still, Im not a lawyer, Im not an expert in iOS development and distribution - so it's better to contact someone regarding this, even if you use Apple provided encryption.
Also, here I also have some links, which I found useful, and so may be it will be useful for you/your team. But, please look carefully, as articles/answers have rather different date of publication, and there were a lot of changes to U.S. laws (somewhen in 2016-2017), so be careful and patient:

• Using CryptoSwift and US Export Law krzyzanowskim/CryptoSwift#928
• https://developer.apple.com/help/app-store-connect/reference/export-compliance-documentation-for-encryption
• https://stackoverflow.com/questions/56296001/does-apple-accept-ios-apps-with-statically-linked-openssl-in-the-app-store
• https://www.reddit.com/r/swift/comments/cyektl/am_i_exempt_from_complying_with_encryption_export/
• https://kitefaster.com/2017/08/10/encryption-export-compliance-ios-apps/
• https://medium.com/@cossacklabs/apple-export-regulations-on-crypto-6306380682e1
• https://stackoverflow.com/a/45888609
• https://docs.cossacklabs.com/themis/regulations/us-crypto-regulations/

May be this (a lot of links) is not what you expected when you've posted the question, but Im trying my best to at least understand what are the consequences of this and how it will affect end-users.

[StefanOltmann]

Thank you a lot for your research!
Yes, I indeed need to understand this topic far better.

[michalkierasinski]

When do you plan to release a new version with support for RSA.PKCS1?

[whyoleg]

Hey @michalkierasinski, implementation for RSA.PKCS1 for Apple provider is already merged in dev and available in the latest snapshot (0.3.0-SNAPSHOT). So at least you can try it there.
Still, it doesn't yet support standard DER/PEM encoding/decoding (only older ones). I'm now investigating/prototyping this.
Hopefully the release containing RSA.PKCS1 for Apple provider (and other features) will be available in the end of January / mid February.

[JesusMcCloud]

Regarding encoding: https://github.com/a-sit-plus/kmp-crypto

[whyoleg]

Thank you @JesusMcCloud ! Nice library! I will definitely take a closer look!

[whyoleg]

0.3.0 is released!
Now Apple provider supports all RSA algorithms!