(Objective-C) Sign a Byte Array to Create an Opaque Signature in a Byte Array

Signs data contained in a byte array to produce an opaque signature (also in a byte array). An opaque signature is a PKCS7 signature (also known as CAdES) that embeds the signed data. Also shows how to verify the signature and extract the original data.

Chilkat Objective-C Library Downloads MAC OS X (Cocoa) Libs iOS Libs

#import <CkoCert.h>
#import <CkoFileAccess.h>
#import <CkoCrypt2.h>

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

CkoCert *cert = [[CkoCert alloc] init];
BOOL success = [cert LoadPfxFile: @"qa_data/pfx/cert_test123.pfx" password: @"test123"];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

CkoFileAccess *fac = [[CkoFileAccess alloc] init];

NSData fileBytes;
fileBytes = [fac ReadEntireFile: @"qa_data/pdf/sample.pdf"];
if (fac.LastMethodSuccess != YES) {
    NSLog(@"%@",fac.LastErrorText);
    return;
}

CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];

success = [crypt SetSigningCert: cert];

// We can sign any type of file.

NSData sigBytes;
sigBytes = [crypt OpaqueSignBytes: fileBytes];
if (crypt.LastMethodSuccess != YES) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

success = [fac WriteEntireFile: @"qa_output/sample.pdf.p7m" fileData: sigBytes];
if (fac.LastMethodSuccess != YES) {
    NSLog(@"%@",fac.LastErrorText);
    return;
}

// We can verify the opaque signature and extract the original data like this
NSData originalData;
originalData = [crypt OpaqueVerifyBytes: sigBytes];
if (crypt.LastMethodSuccess != YES) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

success = [fac WriteEntireFile: @"qa_output/sample.pdf" fileData: originalData];
if (fac.LastMethodSuccess != YES) {
    NSLog(@"%@",fac.LastErrorText);
    return;
}

NSLog(@"%@",@"Signature is verified and the original data was extracted.");