Skip to content

Commit

Permalink
Don't extract private key for signing
Browse files Browse the repository at this point in the history 
This also ensures that we can use secure enclave-stored keys.
  • Loading branch information
@sbihel
sbihel committed Mar 11, 2024
1 parent 848c7e1 commit 297a149
Showing 1 changed file with 7 additions and 5 deletions.
12 changes: 7 additions & 5 deletions Sources/WalletSdk/MDoc.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,15 +91,17 @@ public class BLESessionManager {
return
}
var error: Unmanaged<CFError>?
guard let data = SecKeyCopyExternalRepresentation(secKey, &error) as Data? else {
self.callback.update(state: .error("Failed to cast key: \(error.debugDescription)"))
guard let derSignature = SecKeyCreateSignature(secKey,
.ecdsaSignatureMessageX962SHA256,
payload as CFData,
&error) as Data? else {
self.callback.update(state: .error("Failed to sign message: \(error.debugDescription)"))
self.cancel()
return
}
let privateKey = try P256.Signing.PrivateKey(x963Representation: data)
let signature = try privateKey.signature(for: payload)
let signature = try P256.Signing.ECDSASignature(derRepresentation: derSignature)
let response = try SpruceIDWalletSdkRs.submitSignature(sessionManager: sessionManager!,
signature: signature.rawRepresentation)
signature: signature.rawRepresentation)
self.bleManager.writeOutgoingValue(data: response)
} catch {
self.callback.update(state: .error("\(error)"))
Expand Down

0 comments on commit 297a149

Please sign in to comment.