Strech Goal: NeoCrypto in Pure Swift

[saltyskip]

NeoCrypto library with full ECC support written in pure Swift...currently required to cross compile through GoLang, but this would be a huge achievement for anyone interested in cryptography

[lm2s]

Given the work load required to fully implement a crypto lib that would encompass key generation, signing and verification in pure Swift, I propose the creation of a Swift lib that would make use of the already available security features in iOS and macOS (in Security framework, et al).

I don't know if it is the objective of this project to be also compatible with Linux. If that is the case then using the iOS/macOS Security framework would not be possible in the end, but I can see it as a mid-term solution in the road to a pure Swift implementation.

[saltyskip]

I had similar thoughts at the beginning, but one issue with the Security Framework is that it seems to be relatively difficult to retrieve Private Key values, and use them effectively. They are guarded very heavily by KeyStore which is not desirable.

If we want to do any custom operations for example converting the privatekey to WIF format, it appears to be not possible? I haven't researched as extensively as I could, but it seems Security framework is not suited to cryptocurrency applications for this reason

[lm2s]

I'll have to study it a bit more, in the documentation I don't see anything making it impossible for our use-case. Around the web I see some big no-no's, but I'm left wondering if it's just people misinterpreting the documentation.

Necessary operations:

• Generation of key pairs
• Import of private key / public key
• Export of private key / public key
• Signing / Verification

If the Security framework allows these operations, I think everything can be implemented, no?
I think the encoding or decoding in the WIF format can be accomplished in pure Swift if the above operations are possible.

[saltyskip]

Basically right, but some stricter requirements

• Generation,Import, Export of public/private keys as a Hexadecimal String or Raw Byte Data
• Verification Specific to Neo network protocol, there's a special prefix/suffix that goes on to the public key
• Signing using specifically p256 curve, and being able to specify the random seed

[saltyskip]

I agree, that if the security framework works than it is a very good mid term solution

[lm2s]

What I gathered:

• It's possible to generate, import and export, but not as raw bytes or hexadecimal. So a middle step to convert to and from PEM would be necessary.
• The verification I assume would work correctly, since I believe the prefix/suffix should be stripped before using the key, but I'm not sure that's how it works.
• The curve is available but not the option to set the seed.

So it doesn't seem possible (lack of custom seed support), but since the Security framework is a bit obscure and documentation lacking, I might have missed something.

[saltyskip]

Disappointing, but you conclusion matches my original research. It's very much in line with Apple's security policy to not expose to much to the user like that