Sample code for 30+ languages & platforms
Objective-C

Create Egypt ITIDA CAdES-BES .p7s Signature (File to File)

See more Egypt ITIDA Examples

Demonstrates how to create a .p7s signature that fits Egypt's ITIDA requirements.

Chilkat Objective-C Downloads

Objective-C
#import <CkoCrypt2.h>
#import <CkoCert.h>
#import <CkoJsonObject.h>
#import <NSString.h>

BOOL success = NO;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];

CkoCert *cert = [[CkoCert alloc] init];

// There are many ways to load the certificate.  
// This example was created for a customer using an ePass2003 USB token.
// Assuming the USB token is the only source of a hardware-based private key..
success = [cert LoadFromSmartcard: @""];
if (success != YES) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

// Tell the crypt component to use this cert.
success = [crypt SetSigningCert: cert];
if (success != YES) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

CkoJsonObject *cmsOptions = [[CkoJsonObject alloc] init];
[cmsOptions UpdateBool: @"DigestData" value: YES];
[cmsOptions UpdateBool: @"OmitAlgorithmIdNull" value: YES];
crypt.CmsOptions = [cmsOptions Emit];

// The CadesEnabled property applies to all methods that create CMS/PKCS7 signatures. 
// To create a CAdES-BES signature, set this property equal to true. 
crypt.CadesEnabled = YES;

crypt.HashAlgorithm = @"sha256";

CkoJsonObject *jsonSigningAttrs = [[CkoJsonObject alloc] init];
[jsonSigningAttrs UpdateInt: @"contentType" value: [NSNumber numberWithInt: 1]];
[jsonSigningAttrs UpdateInt: @"signingTime" value: [NSNumber numberWithInt: 1]];
[jsonSigningAttrs UpdateInt: @"messageDigest" value: [NSNumber numberWithInt: 1]];
[jsonSigningAttrs UpdateInt: @"signingCertificateV2" value: [NSNumber numberWithInt: 1]];
crypt.SigningAttributes = [jsonSigningAttrs Emit];

// By default, all the certs in the chain of authentication are included in the signature.
// If desired, we can choose to only include the signing certificate:
crypt.IncludeCertChain = NO;

// Make sure we sign the utf-8 byte representation of the JSON string
crypt.Charset = @"utf-8";

// Create the CAdES-BES signature, which does not contain the data being signed.
NSString *pathOfFileToSign = @"someDir/someFile";
NSString *outputPath = @"outDir/someFile.p7s";
success = [crypt CreateP7S: pathOfFileToSign p7sPath: outputPath];
if (success != YES) {
    NSLog(@"%@",crypt.LastErrorText);
    return;
}

NSLog(@"%@",@"Success!");