How to create IEEE P1363 signature

Question

I have tried using the below code but it's not verify for the IEEE P1363

Code Block guard let signData = SecKeyCreateSignature(
					 key,
					 SecKeyAlgorithm.ecdsaSignatureMessageX962SHA256,
					 signatureString.data(using: .utf8)! as CFData, &error) else {
					 let e = error!.takeRetainedValue() as Error
					 print("Signing Error \(	e.localizedDescription)")
					 return nil
			 }
			 let signedData = signData as Data
			 let signedString = signedData.base64EncodedString(options: [])

1.2k

Posted by

dharmesh_dabhi_mobile_developer

Reply

Add a Comment

Answer 1

Are you sure key is a valid SecKey ?

A SecKey instance that represents a key that is stored in a keychain can be safely cast to a SecKeychainItem for manipulation as a keychain item. On the other hand, if the key is not stored in a keychain, casting the object to a SecKeychainItem and passing it to Keychain Services functions returns errors.

Do you get a printed error ? If yes, which ?

Do you get error when calling SecKeyVerifySignature ?

Posted by

Claude31

Add a Comment

Answer 2

yes, SecKey is valid. I have generate the KeyPair and then store it to Keychain.
Here is my Key retrieval code

Code Block  let tag = "com.example.keys.mykey".data(using: .utf8)!
    let getquery: [String: Any] = [kSecClass as String: kSecClassKey,
                    kSecAttrApplicationTag as String: tag,
                    kSecAttrKeyType as String: kSecAttrKeyTypeEC,
                    kSecReturnRef as String: true]
    var item: CFTypeRef?
    let status = SecItemCopyMatching(getquery as CFDictionary, &item)
    guard status == errSecSuccess else { return nil }
    if item == nil {
      return nil
    }
    let key = item as! SecKey

I have printed signature, and didn't get any error
But my API provider guidelines is signature must be 80 length

Signature must be generated in IEEE P1363 format. If you generate
signatures in another format, such as the ASN.1 format, you must convert your signatures before sending

Posted by

dharmesh_dabhi_mobile_developer

Add a Comment

Answer 3

My question was whether SecKeyVerifySignature did return true ?

Posted by

Claude31

Add a Comment

Answer 4

Yes, Signature verified and return true

Code Block  var error1: Unmanaged<CFError>?        guard let verified : Bool? = SecKeyVerifySignature(publicKey,
                      SecKeyAlgorithm.ecdsaSignatureMessageX962SHA256,
                      signatureString.data(using: .utf8)! as CFData,
                      signedData as CFData,
                        &error1) else {
          let e = error1!.takeRetainedValue() as Error
          print("Verify Error \(e.localizedDescription)")
          return signedString
        }

Posted by

dharmesh_dabhi_mobile_developer

Add a Comment

Answer 5

I reached my limits…

Hope this can help, or at least give some hints:
https://stackoverflow.com/questions/50756907/how-to-convert-ecdsa-der-encoded-signature-data-to-microsoft-cng-supported-forma

Posted by

Claude31

Add a Comment

Answer 6

Thank you!
I checked the reference link but but I have just started iOS development 2 weeks ago so I don't know C.
I'm android developer.
But thank you again!.

I'll post solution here if found.

Posted by

dharmesh_dabhi_mobile_developer

Add a Comment

Answer 7

I’m not familiar with IEEE P1363 myself but it would seem that it supports multiple signature schemes. Which one do you want?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by

eskimo

Add a Comment

Answer 8

@dharmesh_dabhi_mobile_developer
Good luck, and don't forget to close the thread once you're done.

Posted by

Claude31

Add a Comment

How to create IEEE P1363 signature

Replies