Sample code for 30+ languages & platforms
Objective-C

Sign JSON to Create CAdES P7S Bytes

See more CAdES Examples

Demonstrates how to sign JSON using a certificate + private key from a .p12/.pfx to create a CAdES P7S byte array.

Chilkat Objective-C Downloads

Objective-C
#import <CkoCrypt2.h>
#import <CkoCert.h>
#import <CkoJsonObject.h>
#import <NSString.h>

BOOL success = NO;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];

CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadPfxFile: @"qa_data/pfx/cert_test123.pfx" password: @"test123"];
if (success != YES) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

// Tell the crypt component to use this cert.
success = [crypt SetSigningCert: cert];
if (success != YES) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

// The CadesEnabled property applies to all methods that create PKCS7 signatures. 
// To create a CAdES-BES signature, set this property equal to true. 
crypt.CadesEnabled = YES;

crypt.HashAlgorithm = @"sha256";

CkoJsonObject *jsonSigningAttrs = [[CkoJsonObject alloc] init];
[jsonSigningAttrs UpdateInt: @"contentType" value: [NSNumber numberWithInt: 1]];
[jsonSigningAttrs UpdateInt: @"signingTime" value: [NSNumber numberWithInt: 1]];
[jsonSigningAttrs UpdateInt: @"messageDigest" value: [NSNumber numberWithInt: 1]];
[jsonSigningAttrs UpdateInt: @"signingCertificateV2" value: [NSNumber numberWithInt: 1]];
crypt.SigningAttributes = [jsonSigningAttrs Emit];

// By default, all the certs in the chain of authentication are included in the signature.
// If desired, we can choose to only include the signing certificate:
crypt.IncludeCertChain = NO;

// Create the CAdES-BES attached signature, which contains the original data.
crypt.Charset = @"utf-8";
NSData cadesP7s;
cadesP7s = [crypt OpaqueSignString: @"{ \"abc\": 123}"];
if (crypt.LastMethodSuccess == NO) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

// Verify the signature and extract the original JSON:
NSString *originalJson = [crypt OpaqueVerifyString: cadesP7s];
if (crypt.LastMethodSuccess == NO) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

NSLog(@"%@%@",@"Original JSON: ",originalJson);

NSLog(@"%@",@"Success!");