Sample code for 30+ languages & platforms
C

Apple Keychain - Create RSA Signature

See more Apple Keychain Examples

Using an RSA private key stored in the Apple Keychain, create a signature by signing the SHA-256 hash of the provided string, then return the signature encoded in Base64 format.

Note: This example requires Chilkat v10.0.0 or greater.

Chilkat C Downloads

C
#include <C_CkCert.h>
#include <C_CkRsa.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkCert cert;
    HCkRsa rsa;
    const char *sigBase64;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    cert = CkCert_Create();

    // On MacOS and iOS, the LoadByCommonName function will search the Apple Keychain for the matching certificate.

    // A digital certificate's Common Name (CN) is a field in the certificate that specifies the name of the entity the 
    // certificate is issued to. It is often used to identify the domain name, hostname, or organization the certificate represents. 

    // For example:
    // - In an SSL/TLS certificate for a website, the CN typically contains the domain name (e.g., "www.example.com").
    // - For certificates representing individuals or organizations, the CN might include the person's name or the organization's name.

    // The CN is part of the certificate's Subject field and is crucial for verifying that the certificate corresponds 
    // to the intended entity, especially in SSL/TLS communications.

    success = CkCert_LoadByCommonName(cert,"Example, Inc.");
    if (success == FALSE) {
        printf("%s\n",CkCert_lastErrorText(cert));
        CkCert_Dispose(cert);
        return;
    }

    rsa = CkRsa_Create();
    success = CkRsa_SetX509Cert(rsa,cert,TRUE);
    if (success == FALSE) {
        printf("%s\n",CkRsa_lastErrorText(rsa));
        CkCert_Dispose(cert);
        CkRsa_Dispose(rsa);
        return;
    }

    // Generate an RSA signature by signing the SHA-256 hash of the provided string, 
    // then return the signature encoded in Base64 format.
    CkRsa_putEncodingMode(rsa,"base64");
    sigBase64 = CkRsa_signStringENC(rsa,"to be signed","sha256");
    if (CkRsa_getLastMethodSuccess(rsa) == FALSE) {
        printf("%s\n",CkRsa_lastErrorText(rsa));
        CkCert_Dispose(cert);
        CkRsa_Dispose(rsa);
        return;
    }

    printf("RSA Signature:\n");
    printf("%s\n",sigBase64);


    CkCert_Dispose(cert);
    CkRsa_Dispose(rsa);

    }