1 Reply
      Latest reply on Jun 15, 2018 11:00 AM by eskimo
      aycarrei Level 1 Level 1 (0 points)

        Given the following SECP256K1 public key and using Quinn "The Eskimo!"'s posts (e.g.: https://forums.developer.apple.com/thread/87758) I am unable to get a non-nil result from SecKeyCreateWithData:





        I keep getting the following error:


        2018-06-14 12:59:04.427029-0700 Demo-macOS[83108:2080940] Optional(Swift.Unmanaged<__ObjC.CFError>(_value: Error Domain=NSOSStatusErrorDomain Code=-50 "EC public key creation from data failed" (paramErr: error in user parameter list) UserInfo={NSDescription=EC public key creation from data failed}))



        Here is a snippet of the code I am testing with:


                    // key below is a b64 representation of this SECP256K1 key:
                    //    "028b8e970585ca3c6d888e99c27aedbb41565fa476da882f424fc7de7161801711"
                    let key = """
                    let keyData = Data(base64Encoded: key)!
                    var error1: Unmanaged? = nil
                    let publicSecKeyEC = SecKeyCreateWithData(keyData as NSData, [
                        kSecAttrKeyType: kSecAttrKeyTypeEC,
                        kSecAttrKeyClass: kSecAttrKeyClassPublic
                        ] as NSDictionary, &error1)
                    NSLog("%@", "\(key)")
                    var error2: Unmanaged? = nil
                    let publicSecKeyECDSA = SecKeyCreateWithData(keyData as NSData, [
                        kSecAttrKeyType: kSecAttrKeyTypeECDSA,
                        kSecAttrKeyClass: kSecAttrKeyClassPublic
                        ] as NSDictionary, &error2)
                    NSLog("%@", "\(key)")
                    var error3: Unmanaged? = nil
                    let publicSecKeyECSEC = SecKeyCreateWithData(keyData as NSData, [
                        kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom,
                        kSecAttrKeyClass: kSecAttrKeyClassPublic
                        ] as NSDictionary, &error3)
                    NSLog("%@", "\(key)")



        Here are my specific questions:

        1. Does anyone know what might be going wrong?
        2. How I might get a more detailed error message?
        3. If this is possible with a compressed key (i.e. starting with 02 vs. 04--I was able to get Quinn's example with 04 to work)?
        4. If this will work on iOS?
        5. Will decryption with a private key also be possible--I assume I will need to change kSecAttrKeyClass?


        Thanks in advance for any help.

        • Re: SecKeyCreateWithData returns nil for public SECP256K1 key
          eskimo Apple Staff Apple Staff (9,090 points)

          3. If this is possible with a compressed key …

          I believe the fact that this is a compressed key is the problem.  Consider this doc comment in <Security/SecKey.h>:

          The requested data format depend on the type of key (kSecAttrKeyType) being created:
           * kSecAttrKeyTypeRSA               PKCS#1 format, public key can be also in x509 public key format
           * kSecAttrKeyTypeECSECPrimeRandom  ANSI X9.63 format (04 || X || Y [ || K])

          This is pretty clear about wanting an uncompressed key (starting with an 04).

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"