Unknown 116-byte ECDSA private key format - McMap

About

Unknown 116-byte ECDSA private key format

Asked 26/7, 2019 at 19:2 Answered 13/8, 2019 at 16:24

swift binary-data ecdsa key-pair apple-cryptokit

T

1

10

iOS 13's CryptoKit framework provides a .rawRepresentation value for ECDSA public and private keys. I've been trying to reverse-engineer the rawRepresentation data type to convert between it and JWK. Judging by the 64-byte length of the public key representation, it seems to be a simple x || y concatenation. I would guess that the private key would then be x || y || d, but this doesn't seem to be the case, as doing so should yield a 96-byte string, while the actual rawRepresentation is 144 bytes. It also doesn't seem to be a valid DER/ASN.1 string either. I haven't managed to find a spec that lines up with the actual values I'm getting.

As you could guess, Apple's docs are very descriptive.

rawRepresentation: A representation of the private key as a collection of bytes.

An example key pair in hex is provided.

Private: 988f8187ff7f00007466815b0d6b02ae1a063198fd1e4923fb1e413195126cc00d30483284186b435726c0c69cc774274ea32eb6a17cbaf2ea88dd7f3a5a2a3ce637bc4b96523c2795035bd2fbeb093b010000000000000000000000000000000000000000000000000000000000000012b2b61abe8beae5aeb6d0bda739235364de96c7f498813cfb0336198dcf9063
Public:  2774c79cc6c02657436b18843248300dc06c129531411efb23491efd9831061a3b09ebfbd25b0395273c52964bbc37e63c2a5a3a7fdd88eaf2ba7ca1b62ea34e

What format could this be?

Tailpiece answered 26/7, 2019 at 19:2 Comment(5)

My SWAG would be that it's the binary form of the actual key itself, not any of the surrounding metadata that is usually included. – Golfer 31/7, 2019 at 19:5

I thought so too and that's what I originally coded for, but that would be 96 bytes though (32 for x, 32 for y, and 32 for d). iOS seems to expect 144 bytes and throws an error when I try to use 96 bytes. – Tailpiece 31/7, 2019 at 19:8

Hard to really explain everything. They key is roughly beetween the "02" (the beginning of a SHA256 EDCSA private key according to RFC, and the end of long line of 0's. Rest is headers / Hash function. Count that out it should be 96. Sorry I can't give you better answer right now, but I guarantee all the code you need is in here from this WWDC playground. You shouldn't have to parse through the raw representation yourself. Use the full API's. I can hopefully write full demo later. – Dividivi 2/8, 2019 at 0:1

What RFC defines this format? – Tailpiece 6/8, 2019 at 16:35

Which Curve is this? – Tammitammie 18/5, 2022 at 16:58

T

1

I was unable to figure out rawRepresentation, so I ended up using x963Representation, which is 0x04 + x + y + d for the private key (97 bytes), and 04 + x + y for the public key (65 bytes).

Tailpiece answered 13/8, 2019 at 16:24 Comment(1)

How did you then get from the x963Representation to get the x and y values? – Dorothi 20/6 at 13:48

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.