P521.Signing

Privacy & Security General
pjstirling OP
Created Sep ’21
Replies 2
Boosts 0
Views 676
Participants 2

So, I've been trying to inter-operate with CryptoKit, and my backend running on Linux, and it appears that the documentation here is incorrect. It claims that the data is first digested with SHA256, but my testing seems to say that the convenience Data functions is actually done with SHA512

import CryptoKit

import Foundation

typealias Key = P521.Signing.PrivateKey

func verify1() throws {
    let key = Key()
    let data = "1 2 3 4 5 6 7 8 9 0".data(using: .ascii)!
    let digest = SHA256.hash(data: data)
    let signature = try key.signature(for: digest)
    let verified = key.publicKey.isValidSignature(signature, for: data)
    print("verified \(verified)")
}

func verify2() throws {
    let key = Key()
    let data = "1 2 3 4 5 6 7 8 9 0".data(using: .ascii)!
    let digest = SHA512.hash(data: data)
    let signature = try key.signature(for: digest)
    let verified = key.publicKey.isValidSignature(signature, for: data)
    print("verified \(verified)")
}

func main() {
    do {
        try verify1()
        try verify2()
    }

    catch {
        print(error.localizedDescription)
    }
}

main()

(My Generic-Fu was insufficient to avoid the copy paste)

When the above is run on my machine I get:

% swift test.swift
verified false
verified true

Is my diagnosis correct?

Replies  2
Boosts  0
Views  676
Participants  2
DTS Engineer OP
Apple
Sep ’21

Is my diagnosis correct?

I believe so. I’d apreciate you filing a bug against about this. And please post your bug number, just for the record.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
pjstirling OP
Sep ’21

FB9621401

0
P521.Signing
First post date Last post date
 
 
Q