For those reading along at home, here’s a link back to satyaaakana’s original thread.
It would really help if you could post code snippets as code. That means using back quote limiters for inline code and triple back quotes for code blocks. Or select the text and click either the Inline Code or Code Block button.
Let’s focus on your public key at the moment. If I take the Base64 you posted above, decode it, and then dump it with dumpasn1
, I see this:
% xxd public.asn1
00000000: 3082 0131 3081 ea06 072a 8648 ce3d 0201 0..10....*.H.=..
00000010: 3081 de02 0101 302b 0607 2a86 48ce 3d01 0.....0+..*.H.=.
00000020: 0102 207f ffff ffff ffff ffff ffff ffff .. .............
00000030: ffff ffff ffff ffff ffff ffff ffff ffff ................
00000040: ffff ed30 4404 202a aaaa aaaa aaaa aaaa ...0D. *........
00000050: aaaa aaaa aaaa aaaa aaaa aaaa aaaa aaaa ................
00000060: aaaa 9849 14a1 4404 207b 425e d097 b425 ...I..D. {B^...%
00000070: ed09 7b42 5ed0 97b4 25ed 097b 425e d097 ..{B^...%..{B^..
00000080: b426 0b5e 9c77 10c8 6404 4104 2aaa aaaa .&.^.w..d.A.*...
00000090: aaaa aaaa aaaa aaaa aaaa aaaa aaaa aaaa ................
000000a0: aaaa aaaa aaaa aaaa aaad 245a 20ae 19a1 ..........$Z ...
000000b0: b8a0 86b4 e01e dd2c 7748 d14c 923d 4d7e .......,wH.L.=M~
000000c0: 6d7c 61b2 29e9 c5a2 7ece d3d9 0220 1000 m|a.)...~.... ..
000000d0: 0000 0000 0000 0000 0000 0000 0000 14de ................
000000e0: f9de a2f7 9cd6 5812 631a 5cf5 d3ed 0201 ......X.c.\.....
000000f0: 0803 4200 044c ca38 719a a72d 3604 094b ..B..L.8q..-6..K
00000100: 9c9e 7fad fb23 548c 33e6 20f4 f67a 54a1 .....#T.3. ..zT.
00000110: 7cde 1802 0c7d 776d ac84 1e3f 08d6 710f |....}wm...?..q.
00000120: 54ee 697f 2a80 4f13 9c39 04b5 d748 80f5 T.i.*.O..9...H..
00000130: 0253 129b 08 .S...
% dumpasn1 -p -a public.asn1
SEQUENCE {
SEQUENCE {
OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1)
SEQUENCE {
INTEGER 1
SEQUENCE {
OBJECT IDENTIFIER prime-field (1 2 840 10045 1 1)
INTEGER
7F FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ED
}
SEQUENCE {
OCTET STRING
2A AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA 98 49 14 A1 44
OCTET STRING
7B 42 5E D0 97 B4 25 ED 09 7B 42 5E D0 97 B4 25
ED 09 7B 42 5E D0 97 B4 26 0B 5E 9C 77 10 C8 64
}
OCTET STRING
04 2A AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AD 24
5A 20 AE 19 A1 B8 A0 86 B4 E0 1E DD 2C 77 48 D1
4C 92 3D 4D 7E 6D 7C 61 B2 29 E9 C5 A2 7E CE D3
D9
INTEGER
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
14 DE F9 DE A2 F7 9C D6 58 12 63 1A 5C F5 D3 ED
INTEGER 8
}
}
BIT STRING
04 4C CA 38 71 9A A7 2D 36 04 09 4B 9C 9E 7F AD
FB 23 54 8C 33 E6 20 F4 F6 7A 54 A1 7C DE 18 02
0C 7D 77 6D AC 84 1E 3F 08 D6 71 0F 54 EE 69 7F
2A 80 4F 13 9C 39 04 B5 D7 48 80 F5 02 53 12 9B
08
}
This is not a Curve 25519 key. It’s 65 bytes long but Curve 25519 are always 32 bytes long. For example, this code:
import CryptoKit
import Foundation
func main() {
let privateKey = Curve25519.KeyAgreement.PrivateKey()
let publicKey = privateKey.publicKey
debugPrint(publicKey.rawRepresentation as NSData)
}
main()
prints this:
<678742c8 8d39c2ef 3116d40b 51ec20da 0ae07d07 16f78166 a7130953 0588bf6e>
Notably, the leading 04 in your key suggests that the is actually a flavour of SECG.
Also note that the prime-field
indicates that it’s using a custom curve. Such keys are not supported on Apple platforms.
So, in summary, I think you’re having problems here because you think you’re trying to generate a Curve 25519 key but the example you posted isn’t in that format.
ps For more background on the tools and techniques I used to investigate this, see my On Cryptographic Key Formats post.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"