1

I'm using SecKeyCreateSignature in Swift on iOS to sign my data with a 128 byte private key but the resulting signature has a size of 256 byte.

Here is the function I use for signing:

let algorithm: SecKeyAlgorithm = .rsaSignatureDigestPKCS1v15Raw

       guard SecKeyIsAlgorithmSupported(privateKey, .sign, algorithm) else {
            return nil
        }
        var error: Unmanaged<CFError>?
        guard let signature = SecKeyCreateSignature(privateKey,
                                                    algorithm,
                                                    data as CFData,
                                                    &error) as Data? else {
                                                        return nil
        }

Why is the signature size different to the key size? Shouldn't it be the same size?

Thanks in advance!

Edit: Here is a signature encoded in bas64 generated by a key pair with the keysize of 512 bit:

kMgncWoSSGY0je/b4WhW3WupFo4N83skfvT4kDm2uZigSlSzCfh0NT3tgRR2n5VAEhxxfJxQEhv/LA9VmwOirw6lzwYR7Ori4lr2+dj4Ox3L2aj8VytF13OvuY7dTonQknqRkiZLigyvHZLn9bMYMmAgkC35zvqp3NFJ4BkzLLE=

And the according public key in pkcs#1 format retrieved with SecKeyCopyExternalRepresentation:

3048024100e3a94a8119c5d3e3b36e83a4b30055dea0c23b9cfa2a44228f5ac3ee4d8e5b4d2a26060bd9a09bf6e5bb1b9cbb58e36171584dccbc008d55081ef461e1488be10203010001
ilovemilk
  • 78
  • 12
  • Why do you believe your private key has a "size" property? And why do you believe it has a size of 128 bytes? For RSA, the size of the output will be less than or equal to the size of the modulus. Signatures are typically encoded in a structure that contains metadata about the algorithms used in addition to the signature itself. – President James K. Polk Jul 13 '17 at 23:31
  • I generate a key pair and set the keysize to 1024 bit the modulus should have a length of 128bytes. Right? And considering this [answer](https://stackoverflow.com/a/6662179/7418420) The padded signature size should be equal to the length of modulus. – ilovemilk Jul 14 '17 at 09:04
  • The apple documentation never mentions the format of the signature. Why don't you edit your question and post a base64- or hex-encoded copy of the signature. – President James K. Polk Jul 14 '17 at 13:23
  • 1
    Thanks so far. I added the signature and the according public key. – ilovemilk Jul 14 '17 at 14:43
  • Well, I'm sorry to say I'm flummoxed. I hope someone smarter than I or more familiar with ios can help you. – President James K. Polk Jul 14 '17 at 15:49
  • Okay :( But thank you nevertheless! – ilovemilk Jul 14 '17 at 17:31
  • 1
    Are you following the rules of `rsaSignatureDigestPKCS1v15Raw`? If you're giving un-hashed data it's possible that Apple just is inventing some sort of multi-block signature. You need to do the hashing yourself, then ideally just use `kSecKeyAlgorithmRSASignatureDigestPKCS1v15SHA256` - or whatever the appropriate one is for the digest you've chosen. – bartonjs Jul 14 '17 at 17:37
  • Thanks there was an error with that. Your comment helped alot! Now it works like charm. – ilovemilk Jul 18 '17 at 14:43

0 Answers0