P384公钥获取"IncorrectParameterSize“

Question

我正在研究ECDSA算法，在该算法中，我从API中获取签名，并且在常量文件中有一个本地公钥。

下面是我的代码，当我试图运行它并验证签名时，我在这个链接中得到了错误。

let publicKey = try P384.Signing.PublicKey.init(derRepresentation: privateKeyPemBytes)

我从catch块接收到"incorrectParameterSize“这个错误。有人能想到这个加密算法并帮我吗？

func verifySignature(signedData: Data, signature: Data, publicKey: String) -> Bool {
    var result = false
    do {
        if #available(iOS 14.0, *) {
            let decodedData = Data(base64Encoded: publicKey)
            let publicKeyPemBytes = [UInt8](decodedData!)
            let publicKey = try P384.Signing.PublicKey.init(derRepresentation: privateKeyPemBytes)

            let hash = SHA256.hash(data: signedData)
            let signing384 = try P384.Signing.ECDSASignature(derRepresentation: signature)
            if publicKey.isValidSignature(signing384, for: hash) {
                result = true
            }
        } else {
            // Fallback on earlier versions
        }
    } catch {
        print("\(error)")
    }
    return result
}

Answer 1

在讨论中发现，公钥具有X.509/SPKI格式，是ASN.1/DER编码的，可以作为Base64编码字符串使用。

但是，造成错误的原因是P-256键而不是P-384键。修复方法是在代码中使用P256而不是P384。

签名采用ASN.1/DER格式，是Base64编码的字符串。

Swift既支持ASN.1/DER签名格式，也支持用于ECDSA签名的P1363签名格式(区别是. here )。

下面的代码显示了使用示例数据对两种签名格式的验证：

import Foundation
import Crypto

// message to be signed
let msg = "The quick brown fox jumps over the lazy dog".data(using: .utf8)!
let hash = SHA256.hash(data: msg)

// public key import
let publicKeyX509DerB64 = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMpHT+HNKM7zjhx0jZDHyzQlkbLV0xk0H/TFo6gfT23ish58blPNhYrFI51Q/czvkAwCtLZz/6s1n/M8aA9L1Vg=="
let publicKeyX509Der = Data(base64Encoded: publicKeyX509DerB64)
let publicKey = try! P256.Signing.PublicKey.init(derRepresentation: publicKeyX509Der!)

// verifying an ASN.1/DER encoded signature
let signatureDerB64 = "MEYCIQCDMThF51R3S3CfvtVQomSO+kotOMH6HfvVcx04a21QwQIhAP2Patj0N3CVoeB6yiZt/gEVh9qQ7mtyvF4FiWBYtE0a"
let signatureDer = Data(base64Encoded: signatureDerB64)
let signature1 = try! P256.Signing.ECDSASignature(derRepresentation: signatureDer!)
print(publicKey.isValidSignature(signature1, for: hash)) // true

// verifying a P1363 encoded signature
let signatureP1363B64 = "gzE4RedUd0twn77VUKJkjvpKLTjB+h371XMdOGttUMH9j2rY9DdwlaHgesombf4BFYfakO5rcrxeBYlgWLRNGg==" 
let signatureP1363 = Data(base64Encoded: signatureP1363B64)
let signature2 = try! P256.Signing.ECDSASignature(rawRepresentation: signatureP1363!)
print(publicKey.isValidSignature(signature2, for: hash)) // true