How to sign a string with Private Key

Hi, I need help. I have been searching for a solution for past few days to no avail. As per the subject, I need to sign a string with private key and SHA256.


1) I had created a Bridging Header file and in it, i include the code

#import <CommonCrypto/CommonHMAC.h>

#import <CommonCrypto/CommonDigest.h>


2) Have added the path in the Build setting : Project-name/Project-name-Bridging-header.h


3) I used below code on Xcode 8 with Swift3 and I encountered below error messages base on below function :signString


//- Error Msg 1 : use of unresolved identifier 'CC_SHA256_DIGEST_LENGTH'

//- Error Msg 2: Use of unresolved identifier 'CC_SHA256

//- Error Msg 3: Use of unresolved identifier 'CC_LONG'


func signString(string: String, privateKey: SecKey) -> NSData? {


//-1: Error Msg : use of unresolved identifier 'CC_SHA256_DIGEST_LENGTH'


let digest = NSMutableData(length: Int(CC_SHA256_DIGEST_LENGTH))!


let stringData: NSData = string.data(using: String.Encoding.utf8)! NSData


//-2: Error Msg : Use of unresolved identifier 'CC_SHA256

//-3: Error Msg : Use of unresolved identifier 'CC_LONG'


CC_SHA256(stringData.bytes, CC_LONG(stringData.length), UnsafeMutablePointer<UInt8>(digest.mutableBytes))


let signedData: NSMutableData = NSMutableData(length: SecKeyGetBlockSize(privateKey))!


var signedDataLength: Int = signedData.length


let err: OSStatus = SecKeyRawSign(


privateKey,


SecPadding.PKCS1SHA256,


UnsafePointer<UInt8>(digest.bytes),


digest.length,


UnsafeMutablePointer<UInt8>(signedData.mutableBytes),


&signedDataLength


)


switch err {


case noErr:


return signedData


default:


return nil


}


}



Can you help me to correct the code below. your help is much appreciated.



Thanks

Up vote post of SkyWire Down vote post of SkyWire
2.7k views
Posted by
SkyWire
Reply
Add a Comment

Replies

I suppose you have looked at this post :

h ttps://stackoverflow.com/questions/35749197/how-to-use-common-crypto-and-or-calculate-sha256-in-swift-2-3


There's an interesting commnt on how toc create the bridging header (which I never had to do in my apps, so don't know how much relevant it is).

to add bridging header, I just add a new 

Objective-C
file in Swift project, if it's a first Objc file then it will ask whether or not you want to add a bridging header. Yes, then go back to remove that Objc file.


Hope it helps.

Posted by
Claude31
Up vote reply of Claude31 Down vote reply of Claude31
Add a Comment

Hi Claude31,


Thanks for the link. I still dont know how to solve the problem.


for the link you provided:

//swift 3

guard let messageData = string.data(using:String.Encoding.utf8) else { return nil }
var digestData = Data(count: Int(CC_SHA256_DIGEST_LENGTH))

_ = digestData.withUnsafeMutableBytes {digestBytes in
messageData.withUnsafeBytes {messageBytes in
CC_SHA256(messageBytes, CC_LONG(messageData.count), digestBytes)
}
}

How to use this (disgestData) into SecKeyRawSign() ?


is it replacing this line: UnsafePointer<UInt8>(digest.bytes)



let signedData: NSMutableData = NSMutableData(length: SecKeyGetBlockSize(privateKey))!

var signedDataLength: Int = signedData.length

let err: OSStatus = SecKeyRawSign(


privateKey,
SecPadding.PKCS1SHA256,
UnsafePointer<UInt8>(digest.bytes),
digest.length,
UnsafeMutablePointer<UInt8>(signedData.mutableBytes),
&signedDataLength


)


How I will use the swift3 code above into this

func signString(string: String, privateKey: SecKey) -> NSData? { }


Thanks

Posted by
SkyWire
Up vote reply of SkyWire Down vote reply of SkyWire
Add a Comment

Can any1 correct my code as it now not workable.


Thanks

Posted by
SkyWire
Up vote reply of SkyWire Down vote reply of SkyWire
Add a Comment

Hope this will help.

h ttps://codereview.stackexchange.com/questions/139698/signing-a-string-using-an-identity-and-trust-from-a-pkcs-12-bundle

I found this part interesting:

    var signedBytesSize: size_t = SecKeyGetBlockSize(privateKey)
    var signedBytes = [UInt8](count: signedBytesSize, repeatedValue: 0)
    // Sign data
    let requestorData = requestorID.dataUsingEncoding(NSUTF8StringEncoding)!
    // Generate a digital signature for our requestor from our cert
    status = SecKeyRawSign(privateKey, .PKCS1, UnsafePointer(requestorData.bytes),
                                   requestorData.length, &signedBytes, &signedBytesSize)
Posted by
Claude31
Up vote reply of Claude31 Down vote reply of Claude31
Add a Comment