Sample code for 30+ languages & platforms
Objective-C

ECDSA Sign and Verify Data using Different Hash Algorithms

See more ECC Examples

Demonstrates how to create ECDSA signatures on data using different hash algorithms.

Note: This example requires Chilkat v9.5.0.85 or greater because the SignBd and VerifyBd methods were added in v9.5.0.85.

Chilkat Objective-C Downloads

Objective-C
#import <CkoPrivateKey.h>
#import <CkoBinData.h>
#import <CkoEcc.h>
#import <CkoPrng.h>
#import <NSString.h>
#import <CkoPublicKey.h>

BOOL success = NO;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// First load an ECDSA private key to be used for signing.
CkoPrivateKey *privKey = [[CkoPrivateKey alloc] init];
success = [privKey LoadEncryptedPemFile: @"qa_data/ecc/secp256r1-key-pkcs8-secret.pem" password: @"secret"];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

// Load some data to be signed.
CkoBinData *bd = [[CkoBinData alloc] init];
success = [bd LoadFile: @"qa_data/hamlet.xml"];
if (success == NO) {
    NSLog(@"%@",@"Failed to load file to be hashed.");
    return;
}

CkoEcc *ecdsa = [[CkoEcc alloc] init];
CkoPrng *prng = [[CkoPrng alloc] init];

// Sign the sha256 hash of the data.  Return the ECDSA signature in the base64 encoding.
NSLog(@"%@",@"ECDSA signing the sha256 hash of the data...");
NSString *sig = [ecdsa SignBd: bd hashAlg: @"sha256" encoding: @"base64" privKey: privKey prng: prng];
NSLog(@"%@%@",@"sig = ",sig);

// Verify the signature against the original data.
// (We must use the same hash algorithm that was used when signing.)

// Load the public key that corresponds to the private key used for signing.
CkoPublicKey *pubKey = [[CkoPublicKey alloc] init];
success = [pubKey LoadFromFile: @"qa_data/ecc/secp256r1-pub.pem"];
if (success == NO) {
    NSLog(@"%@",pubKey.LastErrorText);
    return;
}

CkoEcc *ecc2 = [[CkoEcc alloc] init];
int result = [[ecc2 VerifyBd: bd hashAlg: @"sha256" encodedSig: sig encoding: @"base64" pubkey: pubKey] intValue];
if (result != 1) {
    NSLog(@"%@",ecc2.LastErrorText);
    return;
}

NSLog(@"%@",@"Verified!");

// ----------------------------------------------------------------------------------------
// Let's do the same thing, but with sha384 hashing...

NSLog(@"%@",@"--------------------------------------------");
NSLog(@"%@",@"ECDSA signing the sha384 hash of the data...");

sig = [ecdsa SignBd: bd hashAlg: @"sha384" encoding: @"base64" privKey: privKey prng: prng];
NSLog(@"%@%@",@"sig = ",sig);

result = [[ecc2 VerifyBd: bd hashAlg: @"sha384" encodedSig: sig encoding: @"base64" pubkey: pubKey] intValue];
if (result != 1) {
    NSLog(@"%@",ecc2.LastErrorText);
    return;
}

NSLog(@"%@",@"Verified!");