iOS swift : SecKeyCreateWithData returns nil

Question

Trying to generate a SecKey from SecKeyCreateWithData function of swift as below. The SecKeyCreateWithData is always returning nil with below error log. Can anyone please help.

Note : Both cekKeyData as CFData and attributes as CFDictionary are not nil and have values in it.

log :

Thread 1: Fatal error: Unexpectedly found nil while unwrapping an Optional value

code

    let keydatalen = 256
    let algorithmID = ""
    let partyUInfo = ""

    let cekKeyData = DHSecretGenerator.createDeriveKey(
        Z: sharedKey,
        KeyLenght: keydatalen,
        AlgorithmID: KDFConcateWithLenght(text: algorithmID, encoding: .ascii),
        PartyUInfo: KDFConcateWithLenght(text: partyUInfo, encoding: .utf8),
        PartyVInfo: KDFConcateWithLenght(text: reference, encoding: .ascii),
        SuppPubInfo: numberToData(number: UInt32(keydatalen)),
        SuppPrivInfo: Data())

    let attributes: [String: Any] = [
                kSecAttrKeyType as String: kSecAttrKeyTypeECSECPrimeRandom,
                kSecAttrKeyClass as String: kSecAttrKeyClassSymmetric
            ]

    var error: Unmanaged<CFError>?
            var test: SecKey =
            let privKey : SecKey = SecKeyCreateWithData(cekKeyData as CFData,
                                                        attributes as CFDictionary, &error)!
            print(privKey)

`kSecAttrKeyTypeECSECPrimeRandom` is definitely not a symmetric key. — Sulthan, Jan 27 '20 at 08:25
@Sulthan what are the right attributes i can try ? please help. — Max, Jan 27 '20 at 08:27
`kSecAttrKeyType: kSecAttrKeyTypeECSECPrimeRandom, kSecAttrKeySizeInBits: 256, kSecAttrKeyClass: kSecAttrKeyClassPrivate`. That should be enough. I am not sure whether you are using a private or a public key. However, note that `SecKeyCreateWithData` expects raw key data. It means the first byte should be `0x04` and then another 64 or 96 bytes. If you don't have the key in raw format, you cannot use that function with a EC key. — Sulthan, Jan 27 '20 at 08:42
any idea how to convert to raw bytes ? currently cekKeyData is array of 32 bytes. Also when you tell first byte should be 0x04 does that mean converting to hexa format ? if then thats not Data type it would become a string type. — Max, Jan 27 '20 at 09:51

score 1 · Answer 1 · answered Jan 25 '20 at 19:59

1

Specify length and type of key Lengths for example 256 and all Type is public or private I guess Symmetric is which public and private is same but not pretty sure abt that.

let attributes: [String: Any] = [ kSecAttrKeyType as String: kSecAttrKeyTypeECSECPrimeRandom, kSecAttrKeyClass as String: kSecAttrKeyClassPublic, kSecAttrKeySizeInBits as String: 256 ]

answered Jan 25 '20 at 19:59

vaibby

1,255
1
9
23

I just tried this and even with this set of attributes the SecKeyCreateWithData returns back nil. I have create the cekKey using a shared key then running a ECDHSecretData on it and then passing that data back to SecKeyCreateWithData to return back key of type SecKey. – Max Jan 25 '20 at 20:20
Is it possible to update questions with cekKeyData value. As per my knowledge ECDH is combination of 1 EC Public key and 1 EC Private key. And that data is used for encryption. ECDH data doesn't means symmetrical key. And that why you are getting this issue because of Length is invalid . – vaibby Jan 25 '20 at 20:39
It really depends on the type of the key and the storage format. iOS can recognize only one specific key encoding for every key type. – Sulthan Jan 25 '20 at 22:27
kindly share cekKeyData or check if cekKeyData can form key. you can use https://keytool.online for that – vaibby Jan 27 '20 at 05:41
@vaibby updated the question how cekKeyData is generated which is a derived ECDH key. – Max Jan 27 '20 at 08:24
@Max your ECDH data will be 32 bits and you cannot convert it to EC key because there is no EC Key which work on 11bits. valid size is bits size is 192,224,256. – vaibby Jan 30 '20 at 09:43

iOS swift : SecKeyCreateWithData returns nil

1 Answers1