Objective-C
Objective-C
ECDSA Sign and Verify Data using Different Hash Algorithms
See more ECC Examples
Demonstrates how to create ECDSA signatures on data using different hash algorithms.Note: This example requires Chilkat v9.5.0.85 or greater because the SignBd and VerifyBd methods were added in v9.5.0.85.
Chilkat Objective-C Downloads
#import <CkoPrivateKey.h>
#import <CkoBinData.h>
#import <CkoEcc.h>
#import <CkoPrng.h>
#import <NSString.h>
#import <CkoPublicKey.h>
BOOL success = NO;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// First load an ECDSA private key to be used for signing.
CkoPrivateKey *privKey = [[CkoPrivateKey alloc] init];
success = [privKey LoadEncryptedPemFile: @"qa_data/ecc/secp256r1-key-pkcs8-secret.pem" password: @"secret"];
if (success == NO) {
NSLog(@"%@",privKey.LastErrorText);
return;
}
// Load some data to be signed.
CkoBinData *bd = [[CkoBinData alloc] init];
success = [bd LoadFile: @"qa_data/hamlet.xml"];
if (success == NO) {
NSLog(@"%@",@"Failed to load file to be hashed.");
return;
}
CkoEcc *ecdsa = [[CkoEcc alloc] init];
CkoPrng *prng = [[CkoPrng alloc] init];
// Sign the sha256 hash of the data. Return the ECDSA signature in the base64 encoding.
NSLog(@"%@",@"ECDSA signing the sha256 hash of the data...");
NSString *sig = [ecdsa SignBd: bd hashAlg: @"sha256" encoding: @"base64" privKey: privKey prng: prng];
NSLog(@"%@%@",@"sig = ",sig);
// Verify the signature against the original data.
// (We must use the same hash algorithm that was used when signing.)
// Load the public key that corresponds to the private key used for signing.
CkoPublicKey *pubKey = [[CkoPublicKey alloc] init];
success = [pubKey LoadFromFile: @"qa_data/ecc/secp256r1-pub.pem"];
if (success == NO) {
NSLog(@"%@",pubKey.LastErrorText);
return;
}
CkoEcc *ecc2 = [[CkoEcc alloc] init];
int result = [[ecc2 VerifyBd: bd hashAlg: @"sha256" encodedSig: sig encoding: @"base64" pubkey: pubKey] intValue];
if (result != 1) {
NSLog(@"%@",ecc2.LastErrorText);
return;
}
NSLog(@"%@",@"Verified!");
// ----------------------------------------------------------------------------------------
// Let's do the same thing, but with sha384 hashing...
NSLog(@"%@",@"--------------------------------------------");
NSLog(@"%@",@"ECDSA signing the sha384 hash of the data...");
sig = [ecdsa SignBd: bd hashAlg: @"sha384" encoding: @"base64" privKey: privKey prng: prng];
NSLog(@"%@%@",@"sig = ",sig);
result = [[ecc2 VerifyBd: bd hashAlg: @"sha384" encodedSig: sig encoding: @"base64" pubkey: pubKey] intValue];
if (result != 1) {
NSLog(@"%@",ecc2.LastErrorText);
return;
}
NSLog(@"%@",@"Verified!");