输出 SecKeyCopyExternalRepresentation [英] Output SecKeyCopyExternalRepresentation

问题描述

我正在尝试将公钥从我的 iPhone 传递给其他方，但是我无法使用来自 iOS 的输出.

I'm trying to pass around a public key from my iPhone to other parties, however I am unable to use the output from iOS.

let parameters: [String: Any] = [
    kSecAttrKeySizeInBits as String: 384,
    kSecAttrKeyType as String: kSecAttrKeyTypeEC,
    kSecPrivateKeyAttrs as String: [
        kSecAttrIsPermanent as String: false
    ]
]

var error: Unmanaged<CFError>?
let privateKey = SecKeyCreateRandomKey(parameters as CFDictionary, &error)
let publicKey = SecKeyCopyPublicKey(privateKey!)

let pub = SecKeyCopyExternalRepresentation(publicKey!, &error)
let pubData = pub as Data?
print(pubData!.base64EncodedString())

示例输出:

BJSCZtBatd2BYEHtyLB0qTZNlphKf3ZTGI6Nke3dSxIDpyP9FWMZbG0zcdIXWENyndskfxV0No/yz369ngL2EHZYw6ggNysOnZ5IQSPOLFFl44m1njRXTVo

BJSCZtBatd2BYEHtyLB0qTZNlphKf3ZTGI6Nke3dSxIDpyP9FWMZbG0zcdIXWENyndskfxV0No/yz369ngL2EHZYw6ggNysOnZ5IQSPOLFFl44m1aAk0o0NdaRXTVAz4jQ==

在 python(我的第二方所在的地方)中，我有以下内容:

In python (where my second party is) I have the following:

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization

pub_key = serialisation.load_pem_public_key(
    data=xcode_data.encode(),
    backend=default_backend()
)

我得到的错误是ValueError:无法反序列化关键数据.

那么文档中描述的 SecKeyCopyExternalRepresentation 的输出究竟是什么:

So what exactly is the output of the SecKeyCopyExternalRepresentation as described by the documentation:

该方法以 PCKS #1 格式返回 RSA 密钥的数据.对于椭圆曲线公钥，格式遵循ANSI X9.63标准，使用字节串04 ||X||Y. 对于椭圆曲线私钥，输出格式为公钥与秘密标量的大端编码连接，或 04 ||X||是||K. 所有这些表示都使用固定大小的整数，根据需要包括前导零.

The method returns data in the PCKS #1 format for an RSA key. For an elliptic curve public key, the format follows the ANSI X9.63 standard using a byte string of 04 || X || Y. For an elliptic curve private key, the output is formatted as the public key concatenated with the big endian encoding of the secret scalar, or 04 || X || Y || K. All of these representations use constant size integers, including leading zeros as needed.

如何描述 X6.93 格式?我将如何将它转换为我可以在 python 代码中使用的东西?

How would one describe the X6.93 format? And how would I go about converting it to something I can use in the python code?

附言我试图将诸如 -----BEGIN PUBLIC KEY----- 之类的标题添加到 xcode 输出中.

P.S. I have tried to add headers such as -----BEGIN PUBLIC KEY----- to the xcode output.

推荐答案

我还没有完全找到问题的答案，因为我仍然不知道 Apple 提供的输出到底是什么，但是，我想出了一个解决方案在此密钥导入导出管理器中找到.

I havent quite found the answer to the question as I still don't know what exactly the output is that Apple provides, however, I came up with a solution found in this key import export manager.

let parameters: [String: Any] = [
    kSecAttrKeySizeInBits as String: 384,
    kSecAttrKeyType as String: kSecAttrKeyTypeEC,
    kSecPrivateKeyAttrs as String: [
        kSecAttrIsPermanent as String: false
    ]
]

var pubKey: SecKey?
var priKey: SecKey?
var error: Unmanaged<CFError>?
let keyPair = SecKeyGeneratePair(parameters as CFDictionary, &pubKey, &priKey)

let publicKeyData = SecKeyCopyExternalRepresentation(pubKey!, &error)
// Code from the library
let ieManager = CryptoExportImportManager()
if let exportPEM = ieManager.exportPublicKeyToPEM(publicKeyData as Data!, keyType: kSecAttrKeyTypeEC as String, keySize: 384) {
    print(exportPEM)
} else {
    print("Error exporting to PEM")
}

示例输出:

<代码>出口EC原始键:97个字节----- BEGIN PUBLIC KEY ----- MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEFpCnTrJFQq0mZBvy + vzl9noKLZ4/s1cf I6hygug6s8dvBreMhabAcAbbhSa1losjCxV450nq92W9ZymonYasaAuhshDWjmvx 2qTXHEpVEVb9GawqX6XqpWtIBf + meHKS ----- END PUBLIC KEY -----

在 python 中的实现 使用密码学

Implementation in python using cryptography

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization

xcode = '-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEFpCnTrJFQq0mZBvy+vzl9noKLZ4/s1cf\nI6hygug6s8dvBreMhabAcAbbhSa1losjCxV450nq92W9ZymonYasaAuhshDWjmvx2\nqTXHEpVEVb9GawqX6XqpWtIBf+meHKS\n-----END PUBLIC KEY-----'
pub_key = serialization.load_pem_public_key(xcode.encode(), default_backend())
xcode

输出以下内容:

请注意，您必须自己在 python 中添加新行才能使这一切正常工作.

Note that you do have to add the new lines yourself in python in order for this all to work.

更新

ECC 密钥的 SecKeyCopyExternalRepresentation 的输出是密钥的 X9.62 或 X9.63 格式(未压缩形式).这与 DER 和 PEM 编码非常不同.

The output of the SecKeyCopyExternalRepresentation for ECC keys is the X9.62 or X9.63 format of the key (in uncompressed form). This is very different from DER and therefor PEM encoding.

编码为 04 ||X||Y 用于公钥和 04 ||X||是||K 表示私钥.04 是这种格式的固定字节.X、Y 和可选的 K 值是定义此键曲线的点或坐标.有关更多信息，请参阅此处.

The encoding is 04 || X || Y for a public key and 04 || X || Y || K for a private key. 04 is a fixed byte for this format. The X, Y and optionally K value are points or coordinates that define the curve of this key. More info about that over here.

这篇关于输出 SecKeyCopyExternalRepresentation的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！