StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p><code>SecKeyRawSign</code> is a private function in Mac OS 10.6 and 10.7, so you shouldn't use it. Its problem with ECC certificates may just be one of the reasons it has not (yet?) been made public. </p> <p>The official high-level API for data signing in 10.7 is <code>SecSignTransformCreate</code> in <a href="http://developer.apple.com/library/mac/#documentation/Security/Conceptual/SecTransformPG/SigningandVerifying/SigningandVerifying.html#//apple_ref/doc/uid/TP40010801-CH4-SW1" rel="nofollow noreferrer">Security Transforms</a>. It should automatically use a suitable digest algorithm; if not, you just set <code>kSecDigestTypeAttribute</code> and <code>kSecDigestLengthAttribute</code> to whatever you need. AFAIK the padding algorithm is not configurable.</p> <p>On 10.6 or below, you have to use CDSA. First, you create a context with <code>CSSM_CSP_CreateSignatureContext</code>. The signature algorithm is <code>CSSM_ALGID_SHA512WithECDSA</code> (or similar); you can get the other arguments from <code>SecKeyGetCSPHandle</code>, <code>SecKeyGetCSSMKey</code>, and <code>SecKeyGetCredentials</code>. Once you have the signing context, you sign your data with <code>CSSM_SignData</code>. The digest algorithm should be <code>CSSM_ALGID_NONE</code>.</p> <p>The padding is best explained by Thomas Pornin's <a href="https://stackoverflow.com/questions/5054036/what-is-the-difference-between-the-different-padding-types-on-ios/5066573#5066573">answer to another question</a>.</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload