Post

Replies

Boosts

Views

Activity

How to use public key exported from Secure Enclave
I'm trying to send secure message between our server and iOS app. I see the following forum post about how to do this:https://forums.developer.apple.com/message/84684#84684except it doesn't work. I even use the sample code in the git repo which also fails key verification:https://github.com/hfossli/EskimoKeys/tree/masterFWIW, here is my output of running the sample code:#! /bin/sh echo 36ead61ad53f77e2222223cbb71dfae17cfd1ad92a86457a6b051dfcce323cc6 | xxd -r -p > digest.dat echo 304502207c71eb3c78c658d0677c845cfacdb1f9ff3af79269abc34d4028842000316600022100edab9c28e7dd1f9bb041ddf535b9f12c1b0a4d69c43563289a223f493471b746 | xxd -r -p > signature.dat cat > key.pem <<EOF -----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAER9cNNUo+aE5URYaETT9K9clKstFt +/1X5qP8f2NxDQgP7VBkRArwzRlyltp8rh668JUPwWYKCjdtHqLFA/h3KA== -----END PUBLIC KEY----- EOF openssl dgst -ecdsa-with-SHA1 -verify key.pem -signature signature.dat digest.datRuning the script I get the following error message:"Verification Failure"Unfortunately, I don't know enough about openssl to figure what the problem is. FWIW I can analyze the public key with the following script:$ openssl asn1parse -in tempkey.b64 -inform PEM 0:d=0 hl=2 l= 89 cons: SEQUENCE 2:d=1 hl=2 l= 19 cons: SEQUENCE 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 23:d=1 hl=2 l= 66 prim: BIT STRING So the public key looks valid, but I can't do the digest verification as the above-mentioned forum post describes.Any ideas? Thanks.Doug Hill
5
0
4.3k
May ’17