[IOS] Swift Cryptokit - P256 ECDSA Signature derRepresentation incompatibility

Hello,

I'm working with Cryptokit and I'm currently unable to export a P256 ECDSA signature data to base64Encoding and convert it back to derRepresentation.

Here is my code:

let privateKey = P256.Signing.PrivateKey()
//Generated successfully
/* For example pemRepresentation:
-----BEGIN PRIVATE KEY-----

MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgK+lUhkqFo637XuvJ

Q6YiqZx04c33UUyWnLnpwfTwrtChRANCAARy55pVFhjgq3jKnQTx7s1XDIaNm20m

29ZEiBJnvzYfQGUQ+4ldzJYm34z8W2X/waqTqXsY4/oSO1sDFSQ6XwrG

-----END PRIVATE KEY-----
*/
let publicKey = privateKey.publicKey
//Picked up successfully
/* For example pemRepresentation:
-----BEGIN PUBLIC KEY-----

MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcueaVRYY4Kt4yp0E8e7NVwyGjZtt

JtvWRIgSZ782H0BlEPuJXcyWJt+M/Ftl/8Gqk6l7GOP6EjtbAxUkOl8Kxg==

-----END PUBLIC KEY-----
*/

//Basic message to test, "something" here
 let messageDigest = "something".data(using: .utf8)!

                

let signature = try privateKey.signature(for: messageDigest)
//Successfully generated
                
//Now from the PublicKey, let's check the signature for the message
let isValidSignature = publicKey.isValidSignature(signature, for: messageDigest)
//Successfully Return true


//So far everything works fine

//Now lets try to export the derRepresentation of the signature we just created to a base64EncodedString and try to use it later

let signDataDerRepresentation = signature.derRepresentation
//Here the signDataDerRepresentation is 70 bytes length

//Here we get the signature derRepresentation to base64EncodedString, perfect to export
let signDataDerRepresentationBase64String = signature.derRepresentation.base64EncodedString()
/*
"MEQCIGVC/zOGKEauy9AetVViTZiMTtFIeNtW9xALMTu6aIjSAiB+QPz9nGwzy51k3p3osu9OY6oQXkuLHTPoSWxPorg8GA=="
*/
//Here the signDataDerRepresentationBase64String is 96 bytes length

//Now when I try to create a signature from a derRepresentation it works fine when I use the original derRepresentation data:
let signature1 = try! P256.Signing.ECDSASignature(derRepresentation: signDataDerRepresentation)
//signature1 is created

//But when I try to create exactly the same signature from the base64EncodedString, an exception is throw

//Convert base64String to Data
let signDataDerRepresentationBase64StringData = signDataDerRepresentationBase64String.data(using: .utf8)!

do {
//Try to create a signature from the base64EncodedData of de the derRepresentation
let signature2 = try P256.Signing.ECDSASignature(derRepresentation: signDataDerRepresentationBase64StringData)
//Here it fails, signature2 is not created
}catch{
//It fails with error: invalidASN1Object
print("Signature failed \(error)")
/*
Signature failed invalidASN1Object
*/
}

So now, I would like to know how to convert de derRepresentation of the signature I created into a base64EncodedString to the derRepresentation the ECDSASignature(derRepresentation:) func is looking for to create a signature from derRepresentation?

I don't understand how I can convert my base64 String into that derRepresentation this func is looking for, I can't find the doc :

/// An ECDSA (Elliptic Curve Digital Signature Algorithm) Signature

@available(iOS 13.0, macOS 10.15, watchOS 6.0, tvOS 13.0, *)

extension P256.Signing {



    public struct ECDSASignature : ContiguousBytes {



        /// Returns the raw signature.

        /// The raw signature format for ECDSA is r || s

        public var rawRepresentation: Data



        /// Initializes ECDSASignature from the raw representation.

        /// The raw signature format for ECDSA is r || s

        /// As defined in https://tools.ietf.org/html/rfc4754

        public init<D>(rawRepresentation: D) throws where D : DataProtocol



        /// Initializes ECDSASignature from the DER representation.

        public init<D>(derRepresentation: D) throws where D : DataProtocol



        /// Calls the given closure with the contents of underlying storage.

        ///

        /// - note: Calling `withUnsafeBytes` multiple times does not guarantee that

        ///         the same buffer pointer will be passed in every time.

        /// - warning: The buffer argument to the body should not be stored or used

        ///            outside of the lifetime of the call to the closure.

        public func withUnsafeBytes<R>(_ body: (UnsafeRawBufferPointer) throws -> R) rethrows -> R



        /// A DER-encoded representation of the signature

        public var derRepresentation: Data { get }

    }

}

Thank you for your help.

Hélie