Sample code for 30+ languages & platforms
Swift

Signing HTTP Messages

See more RSA Examples

Demonstrates how to sign HTTP messages per draft-cavage-http-signatures-10

Chilkat Swift Downloads

Swift

func chilkatTest() {
    var success: Bool = false

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    var bCrlf: Bool = true
    let sbPublicKeyPem = CkoStringBuilder()!
    sbPublicKeyPem.appendLine(str: "-----BEGIN PUBLIC KEY-----", crlf: bCrlf)
    sbPublicKeyPem.appendLine(str: "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3", crlf: bCrlf)
    sbPublicKeyPem.appendLine(str: "6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6", crlf: bCrlf)
    sbPublicKeyPem.appendLine(str: "Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw", crlf: bCrlf)
    sbPublicKeyPem.appendLine(str: "oYi+1hqp1fIekaxsyQIDAQAB", crlf: bCrlf)
    sbPublicKeyPem.appendLine(str: "-----END PUBLIC KEY-----", crlf: bCrlf)

    let pubKey = CkoPublicKey()!
    pubKey.load(fromString: sbPublicKeyPem.getAsString())

    let sbPrivateKeyPem = CkoStringBuilder()!
    sbPrivateKeyPem.appendLine(str: "-----BEGIN RSA PRIVATE KEY-----", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==", crlf: bCrlf)
    sbPrivateKeyPem.appendLine(str: "-----END RSA PRIVATE KEY-----", crlf: bCrlf)

    let privKey = CkoPrivateKey()!
    privKey.loadPem(str: sbPrivateKeyPem.getAsString())

    //    All examples use this request:
    // 
    //    POST /foo?param=value&pet=dog HTTP/1.1
    //    Host: example.com
    //    Date: Sun, 05 Jan 2014 21:31:40 GMT
    //    Content-Type: application/json
    //    Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
    //    Content-Length: 18
    // 
    //    {"hello": "world"}

    // C.1.  Default Test
    // 
    //    If a list of headers is not included, the date is the only header
    //    that is signed by default.  The string to sign would be:
    // 
    //    date: Sun, 05 Jan 2014 21:31:40 GMT
    // 
    //    The Authorization header would be:
    // 
    //    Authorization: Signature keyId="Test",algorithm="rsa-sha256",
    //    signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
    //    6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
    //    6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
    // 
    //    The Signature header would be:
    // 
    //    Signature: keyId="Test",algorithm="rsa-sha256",
    //    signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
    //    6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
    //    6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
    // 

    let dtNow = CkoDateTime()!
    success = dtNow.setFromCurrentSystemTime()
    var dateStr: String? = dtNow.get(asRfc822: false)

    // To duplicate the above result, we'll hard-code the date string.
    dateStr = "Sun, 05 Jan 2014 21:31:40 GMT"

    let rsa = CkoRsa()!
    success = rsa.usePrivateKey(privKey: privKey)
    if success == false {
        print("\(rsa.lastErrorText!)")
        return
    }

    let sbStringToSign = CkoStringBuilder()!
    sbStringToSign.append(value: "date: ")
    sbStringToSign.append(value: dateStr)

    rsa.encodingMode = "base64"
    var b64Signature: String? = rsa.signStringENC(str: sbStringToSign.getAsString(), hashAlg: "SHA256")
    print("\(b64Signature!)")
    print("---------------------------")

    // The result should be:
    // SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM=

    // ----------------------------------------------------------------------------------------------------

    // C.2.  Basic Test
    // 
    //    The minimum recommended data to sign is the (request-target), host,
    //    and date.  In this case, the string to sign would be:
    // 
    //    (request-target): post /foo?param=value&pet=dog
    //    host: example.com
    //    date: Sun, 05 Jan 2014 21:31:40 GMT
    // 
    //    The Authorization header would be:
    // 
    //    Authorization: Signature keyId="Test",algorithm="rsa-sha256",
    //    headers="(request-target) host date", signature="qdx+H7PHHDZgy4
    //    y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn
    //    7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs
    //    kLu6kd9Fswtemr3lgdDEmn04swr2Os0="

    sbStringToSign.clear()
    sbStringToSign.append(value: "(request-target): ")
    sbStringToSign.appendLine(str: "post /foo?param=value&pet=dog", crlf: false)
    sbStringToSign.append(value: "host: ")
    sbStringToSign.appendLine(str: "example.com", crlf: false)
    sbStringToSign.append(value: "date: ")
    sbStringToSign.append(value: dateStr)

    print("StringToSign:")
    print("\(sbStringToSign.getAsString()!)")
    b64Signature = rsa.signStringENC(str: sbStringToSign.getAsString(), hashAlg: "SHA256")
    print("\(b64Signature!)")
    print("---------------------------")

    // The result should be:
    // qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0=

}