SecKeyCreateWithData returns nil for public SECP256K1 key

Given the following SECP256K1 public key and using Quinn "The Eskimo!"'s posts (e.g.: https://forums.developer.apple.com/thread/87758) I am unable to get a non-nil result from SecKeyCreateWithData:


"028b8e970585ca3c6d888e99c27aedbb41565fa476da882f424fc7de7161801711"



I keep getting the following error:


2018-06-14 12:59:04.427029-0700 Demo-macOS[83108:2080940] Optional(Swift.Unmanaged<__ObjC.CFError>(_value: Error Domain=NSOSStatusErrorDomain Code=-50 "EC public key creation from data failed" (paramErr: error in user parameter list) UserInfo={NSDescription=EC public key creation from data failed}))



Here is a snippet of the code I am testing with:


            // key below is a b64 representation of this SECP256K1 key:
            //
            //    "028b8e970585ca3c6d888e99c27aedbb41565fa476da882f424fc7de7161801711"
            //
            let key = """
    AouOlwWFyjxtiI6Zwnrtu0FWX6R22ogvQk/H3nFhgBcR
    """
           
            let keyData = Data(base64Encoded: key)!
            var error1: Unmanaged? = nil
            let publicSecKeyEC = SecKeyCreateWithData(keyData as NSData, [
                kSecAttrKeyType: kSecAttrKeyTypeEC,
                kSecAttrKeyClass: kSecAttrKeyClassPublic
                ] as NSDictionary, &error1)
            NSLog("%@", "\(key)")
            NSLog(error1.debugDescription)

            var error2: Unmanaged? = nil
            let publicSecKeyECDSA = SecKeyCreateWithData(keyData as NSData, [
                kSecAttrKeyType: kSecAttrKeyTypeECDSA,
                kSecAttrKeyClass: kSecAttrKeyClassPublic
                ] as NSDictionary, &error2)
            NSLog("%@", "\(key)")
            NSLog(error2.debugDescription)

            var error3: Unmanaged? = nil
            let publicSecKeyECSEC = SecKeyCreateWithData(keyData as NSData, [
                kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
                kSecAttrKeyClass: kSecAttrKeyClassPublic
                ] as NSDictionary, &error3)
            NSLog("%@", "\(key)")
            NSLog(error3.debugDescription)



Here are my specific questions:

  1. Does anyone know what might be going wrong?
  2. How I might get a more detailed error message?
  3. If this is possible with a compressed key (i.e. starting with 02 vs. 04--I was able to get Quinn's example with 04 to work)?
  4. If this will work on iOS?
  5. Will decryption with a private key also be possible--I assume I will need to change kSecAttrKeyClass?


Thanks in advance for any help.

Up vote post of aycarrei Down vote post of aycarrei
3.3k views
Posted by
aycarrei
Reply
Add a Comment

Replies

3. If this is possible with a compressed key …

I believe the fact that this is a compressed key is the problem. Consider this doc comment in 

<Security/SecKey.h>
: 
The requested data format depend on the type of key (kSecAttrKeyType) being created:
 * kSecAttrKeyTypeRSA               PKCS#1 format, public key can be also in x509 public key format
 * kSecAttrKeyTypeECSECPrimeRandom  ANSI X9.63 format (04 || X || Y [ || K])

This is pretty clear about wanting an uncompressed key (starting with an 04).

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment