(Objective-C) CMS Sign Hash

Demonstrates how to use the SignHashENC method to sign a pre-computed hash. This method creates a CMS signature (PKCS7 detached signature).

This example requires Chilkat v9.5.0.90 or later.

Chilkat Objective-C Library Downloads MAC OS X (Cocoa) Libs iOS Libs

#import <CkoCrypt2.h>
#import <NSString.h>
#import <CkoCert.h>

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];

// Create the hash to be signed...
crypt.HashAlgorithm = @"sha256";
crypt.EncodingMode = @"base64";
crypt.Charset = @"utf-8";
// Create the SHA256 hash of a string using the utf-8 byte representation.
// Return the hash as base64.
NSString *base64Hash = [crypt HashStringENC: @"This is the string to be hashed"];

// Load a certificate for signing.
CkoCert *cert = [[CkoCert alloc] init];
BOOL success = [cert LoadPfxFile: @"qa_data/pfx/cert_test123.pfx" password: @"test123"];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

[crypt SetSigningCert: cert];

// Sign the hash to create a base64 CMS signature (which does not contain the original data).
// We can get the signature in a single line of base64 by specifying "base64", or 
// we can get multi-line base64 by specifying "base64_mime".
crypt.EncodingMode = @"base64_mime";
NSString *base64CmsSig = [crypt SignHashENC: base64Hash hashAlg: @"sha256" hashEncoding: @"base64"];
if (crypt.LastMethodSuccess == NO) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

// Note: In the above call to SignHashENC, the encoding of the returned CMS signature is specified by the EncodingMode property.
// However, the encoding of the passed-in hash is indicated by the 3rd argument.

NSLog(@"%@%@",@"CMS Signature: ",base64CmsSig);