Curve25519 digital signature

Question

Level 1

4 points

Curve25519 digital signature

Hello,

I have an iOS app that uses CryptoKit's Curve25519 digital signature technology, but I can't successfully verify the signature on the server side, is the key common or is it only available on iOS?

I want to verify the user's identity by digital signature.

1.The client generates the key and signs the data.

2.The client side signs the data.

3.The client sends the data, signature and public key to the server.

4.The server fails to validate the signature.

Steps:

1.let digest = SHA512.hash(data: data)

2.let sk = Curve25519.Signing.PrivateKey()

3.let sig = try? sk.signature(for: Data(digest))

4.let pk = sk.publicKey.rawRepresentation

5.pk.isValidSignature(sig,for:Data(digest)), result true.

6.Send pk, sig and data to server .

7.Server（Java） cannot verify success.

Thanks

iPhone 13 Pro Max, iOS 16

Posted on Nov 30, 2023 7:39 PM

Reply

Answer 1

MrHoffman

Level 10

152,669 points

Nov 30, 2023 8:55 PM in response to chensongwei

Curve25519 is common, widespread, and well supported by many platforms.

Usual signature here is EdDSA over an equivalent to Curve25519, known as Ed25519 and used for signatures, or uses ECDH over Curve25519, known as X25519 and used for handshakes. Curve25519 itself is not, AFAIK, usually used for signatures.

For a different view of the innards of Apple cryptokit, see Apple swift-crypto: https://github.com/apple/swift-crypto

You’re probably going to need to post (small! concise!) source code reproducers for both ends, if you want somebody here to dig into this. And I’m not much for Java, but maybe you will get lucky.

More generally, I’d also look to use passkeys for authentication:

… https://www.passkeys.com/

… https://github.com/alliedcode/PasskeysRailsDemo (Rails, not Java)

Reply

Curve25519 digital signature

Similar questions