How would one perform a Diffie Helman key exchange with a remote server using the new SecKey API in iOS 10+?
The following is a high level, starting outline:
// 1. get the server's public key
let publicKey: SecKey
// 2. Generate an ECSEC private key
let attributes: [String: Any] = [kSecAttrKeyType as String: kSecAttrKeyTypeECSECPrimeRandom, kSecAttrKeySizeInBits as String: 256]
var error: Unmanaged<CFError>?
let privateKey = SecKeyCreateRandomKey(attributes as CFDictionary, &error)!
// 3. Select an ECDH key exchange algorithm
let algorithm: SecKeyAlgorithm = .ecdhKeyExchangeCofactorX963SHA256
let size: SecKeyKeyExchangeParameter = .requestedSize
let parameters: [SecKeyKeyExchangeParameter: Int] = [size: 16]
// 4. perform the shared secret exchange
let sharedSecret = SecKeyCopyKeyExchangeResult(privateKey, algorithm, publicKey, parameters as CFDictionary, &error) as? Data
What is the format of the data returned from SecKeyCopyKeyExchangeResult?
How would an AES key, operating in GCM mode, be derived from it?
Thanks!