User Profile

I've went through all the posts with similar info about signature or keys used not working with openssll. But I haven't been able to patch it all together. I will use some sample keys for what I tried, let privPem = """ -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgIUSrwhllMSminPZZ Gx0YHUsL12IWIGI+4yhejpq90HihRANCAAT6pxKtIKm4VbfXeKpQ7rxITlC6b18Q 0X+Iz1UVDolyjx79bt5vUp0mPJ6hHBnK/Ap5gXpv89wmLPp7/O2NconE -----END PRIVATE KEY----- """ let privKey = try! P256.Signing.PrivateKey(pemRepresentation: privPem) let pubKey = privKey.publicKey let challengeDev = "1122334455667788" let dataToSignDev = challengeDev.hexadecimal let digest = SHA256.hash(data: dataToSignDev!) let signatureForDigest = try! privKey.signature( for: digest) let signature1 = try! P256.Signing.ECDSASignature(derRepresentation: signatureForDigest.derRepresentation) let isValidSignature = pubKey.isValidSignature(signatureForDigest, for: digest) I have tried the same using Security framework also to no avail. What I tried is a direct application of what the openssl part does, So I have a device that will verify the signature that the iOS app will be sending. The public key is taken from a certificate I would share with the device. All data sent to the device including signature is in DER format. openssl dgst -sha256 -sign app_private.key -out %OUT_RESOURCES_DIR%\signature.der -binary device_challenge.hex openssl x509 -inform der -in cert.der -out cert.pem openssl x509 -pubkey -noout -in cert.pem > public_key.pem openssl dgst -sha256 -verify public_key.pem -signature signature.der challenge.hex Here on the iOS side If I were to sign and verify everything is fine. But if the same signature is verified on OpenSSL it fails. I tried to create a DER file on the terminal but asn1parse fails on it, Test % echo 30450220198944e2a8352941036f227225940392cbd1bc720358ce29db29a2a85f2b2a30022100b4e75ceb0335e4b1955aab01edc8e7347f78dc627f8d02a78103cd9165571d57 > signature1.der Test % openssl asn1parse -inform DER -in signature1.der 0:d=0 hl=2 l= 48 cons: PRINTABLESTRING Error in encoding 140704639042368:error:0DFFF09B:asn1 encoding routines:CRYPTO_internal:too long:/AppleInternal/Library/BuildRoots/97f6331a-ba75-11ed-a4bc-863efbbaf80d/Library/Caches/com.apple.xbs/Sources/libressl/libressl-3.3/crypto/asn1/asn1_lib.c:143: I'm assuming I need to manually do some changes to make them inter compatible? Like this post Can't export EC kSecAttrTokenIDSecureEnclave public key Not sure how to get there though. All help appreciated.