IOS-4136 Ad verification tests into demo

tangem · Aug 7, 2023 · 6579315 · 6579315
1 parent 0196f15
commit 6579315
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 2 deletions.
diff --git a/Example/TangemSdkExample/AppModel.swift b/Example/TangemSdkExample/AppModel.swift
@@ -64,6 +64,14 @@ class AppModel: ObservableObject {
         } else {
             config.logConfig = .verbose
         }
+
+        config.defaultDerivationPaths = [
+            .secp256k1: [try! DerivationPath(rawPath: "m/0'/1")],
+            .secp256r1: [try! DerivationPath(rawPath: "m/0'/1")],
+            .ed25519: [try! DerivationPath(rawPath: "m/0'/1")],
+            .ed25519_slip0010: [try! DerivationPath(rawPath: "m/0'/1'")],
+            .bip0340: [try! DerivationPath(rawPath: "m/0'/1")]
+        ]
         _tangemSdk.config = config
         return _tangemSdk
     }
@@ -243,6 +251,8 @@ extension AppModel {
             self.complete(with: "Scan card before")
             return
         }
+
+        let verifyKey = (path.flatMap { wallet.derivedKeys[$0] })?.publicKey ?? walletPublicKey
 
         let hashSize = wallet.curve == .ed25519 ? 64 : 32
         let hash = getRandomHash(size: hashSize)
@@ -251,8 +261,20 @@ extension AppModel {
                        walletPublicKey: walletPublicKey,
                        cardId: nil,
                        derivationPath: path,
-                       initialMessage: Message(header: "Signing hash"),
-                       completion: handleCompletion)
+                       initialMessage: Message(header: "Signing hash")) { result in
+
+            if case .success(let response) = result {
+                if #available(iOS 16.0, *), wallet.curve == .secp256r1 {
+                    let isValid = try? CryptoUtils.verifySecp256r1Signature(publicKey: verifyKey, hash: hash, signature: response.signature)
+                    self.logger.log("signature status: \(String(describing: isValid))")
+                } else  {
+                    let isValid = try? CryptoUtils.verify(curve: wallet.curve, publicKey: verifyKey, hash: hash, signature: response.signature)
+                    self.logger.log("signature status: \(String(describing: isValid))")
+                }
+            }
+
+            self.handleCompletion(result)
+        }
     }
 
     func signHashes(walletPublicKey: Data) {

diff --git a/TangemSdk/TangemSdk/Crypto/CryptoUtils.swift b/TangemSdk/TangemSdk/Crypto/CryptoUtils.swift
@@ -145,6 +145,18 @@ public enum CryptoUtils {
         }
     }
 
+    /// Verify secp256r1 signature
+    @available(iOS 16.0, *)
+    public static func verifySecp256r1Signature(publicKey: Data, hash: Data, signature: Data) throws -> Bool {
+        if publicKey.count == Constants.p256CompressedKeySize {
+            let pubKey = try P256.Signing.PublicKey(compressedRepresentation: publicKey)
+            let sig = try P256.Signing.ECDSASignature(rawRepresentation: signature)
+            return pubKey.isValidSignature(sig, for: CustomSha256Digest(hash: hash))
+        }
+
+        return try verify(curve: .secp256r1, publicKey: publicKey, hash: hash, signature: signature)
+    }
+
     public static func crypt(operation: Int, algorithm: Int, options: Int, key: Data, dataIn: Data) throws -> Data {
         return try key.withUnsafeBytes { keyUnsafeRawBufferPointer in
             return try dataIn.withUnsafeBytes { dataInUnsafeRawBufferPointer in