(Swift 2) Sign JSON (or any Text) to Create a Detached PKCS7 Signature

Demonstrates how to sign JSON or any string using a certificate + private key from a .p12/.pfx to create a detached PKCS7 signature. (A detached signature is one that does not embed the original signed data.)

Chilkat Downloads for the Swift Programming Language MAC OS X (Cocoa) Objective-C/Swift Libs iOS Objective-C/Swift Libs

func chilkatTest() {
    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    let crypt = CkoCrypt2()

    let cert = CkoCert()
    var success: Bool = cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx", password: "test123")
    if success != true {
        print("\(cert.LastErrorText)")
        return
    }

    // Tell the crypt component to use this cert.
    success = crypt.SetSigningCert(cert)
    if success != true {
        print("\(crypt.LastErrorText)")
        return
    }

    crypt.HashAlgorithm = "sha256"

    // By default, all the certs in the chain of authentication are included in the signature.
    // If desired, we can choose to only include the signing certificate:
    crypt.IncludeCertChain = false

    // Create the detached signature, which does NOT contain the original data.
    // To create a PKCS7 signature that contains the original data, see CAdES Sign JSON
    crypt.Charset = "utf-8"
    var detachedSig: NSData
    var stringToSign: String? = "{ \"abc\": 123}"
    detachedSig = crypt.SignString(stringToSign)
    if crypt.LastMethodSuccess == false {
        print("\(crypt.LastErrorText)")
        return
    }

    // Verify the signature against the original data.
    var verified: Bool = crypt.VerifyString(stringToSign, sigData: detachedSig)
    if verified == false {
        print("\(crypt.LastErrorText)")
        return
    }

    print("Success!")

}