login about faq

Can the library verify SHA1withDSA signatures with objective-C on iOS?

asked Apr 26 at 12:46

DanielSchwill's gravatar image

DanielSchwill
11

edited Apr 26 at 12:56


Yes, it can be done with the CkoDsa class: http://www.chilkatsoft.com/refdoc/objcCkoDsaRef.html

I'm sorry there is no example yet. A program would do the following to verify a signature:

  1. Instantiate an instance of the CkoDsa class.
  2. Load a DSA public key via one of the methods: FromPublicDer, FromPublicDerFile, FromPublicPem, etc.
  3. Set the Signature property to the bytes of the signature, or alternatively, call SetEncodedSignature to set via an encoded string, such as base64.
  4. Set the Hash property to the SHA1 hash bytes of the data that was signed, or alternatively call SetEncodedHash. (The SHA1 hash can be computed using Chilkat Crypt2 or by any other means)
  5. Call the CkoDsa.Verify method to verify the signature.
link

answered Apr 26 at 13:17

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

Here's an example that creates a signature and verifies it: http://www.example-code.com/objc/dsa_sign_verify.asp

link

answered Apr 26 at 18:42

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

Thanks a lot for the quick reply and the example.

I'm not able to load the DSA public key with LoadText: and FromPublicPem:

The result from LoadText: with my .pem file is:

-----BEGIN CERTIFICATE-----
MIIC/DCCArqgAwIBAgIEXVhIpjALBgcqhkjOOAQDBQAwTzELMAkGA1UEBhMCREUx
GDAWBgNVBAoTD1BldGVycyBTb2Z0d2FyZTESMBAGA1UECxMJbGljZW5zaW5nMRIw
EAYDVQQDEwltYXN0ZXJrZXkwIBcNMTUwODAzMDg0NDA5WhgPMjI4OTA1MTcwODQ0
MDlaME8xCzAJBgNVBAYTAkRFMRgwFgYDVQQKEw9QZXRlcnMgU29mdHdhcmUxEjAQ
BgNVBAsTCWxpY2Vuc2luZzESMBAGA1UEAxMJbWFzdGVya2V5MIIBtzCCASwGByqG
SM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1A
IlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63
xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUA
l2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC
+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o
4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1Ul
ZAFMO/7PSSoDgYQAAoGAOsWwJEkk/RhwDAO1A7FZGJ45oII/1W6Y+3aCTLsMY5ev
XXUQC8ePNso9qsIgDk5XJFt+hwYJXOcaqu233URwGRG2Ivfr7Bq1+vnCmPzcvZgA
87K3+WmKuTcDpwz1JxHzCN9rMrlTznYPDcY9B4WxGmjfxWX1Ghhh6wFxqGrmQc+j
ITAfMB0GA1UdDgQWBBSMxym50F/IDPk82Kf+Rtw2ddc9hjALBgcqhkjOOAQDBQAD
LwAwLAIUJr1iroSgxhUzU8hYK8377TvFslUCFAsSH4TuUrbKIXlzV5GZm3PDaGuC
-----END CERTIFICATE-----

But using this public key string with FromPublicPem: does not work. The LastErrorText is:

ChilkatLog:
  FromPublicPem:
    DllDate: Mar 12 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: Anything for 30-day trial.
    Architecture: Little Endian; 64-bit
    Language: IOS Objective-C
    VerboseLogging: 0
    loadPem:
      loadPem2:
        loadPem:
          itemType: CERTIFICATE
        --loadPem
      --loadPem2
    --loadPem
    Failed.
  --FromPublicPem
--ChilkatLog

Any idea why this doesn't work?

link

answered Apr 27 at 04:59

DanielSchwill's gravatar image

DanielSchwill
11

Ok, it seems that I can not extract a DSA public key from a pem certificate.

So I extracted the public key from the pem certificate using openssl and now it works fine.

link

answered Apr 27 at 05:50

DanielSchwill's gravatar image

DanielSchwill
11

You can load the cerificate PEM into a CkoCert object and then get the public key from it. Here's an example: http://www.example-code.com/objc/pubkey_from_cert.asp

link

answered Apr 27 at 17:12

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

Ok, this seems to work and I get a XML.

Instead of FromPublicPem: I have to use FromXml: to set the public key in CkoDsa, right?

But Verify fails when I use the XML public key.

ChilkatLog:
  Verify:
    DllDate: Mar 12 2016
    ChilkatVersion: 9.5.0.56
    UnlockPrefix: Anything for 30-day trial.
    Architecture: Little Endian; 64-bit
    Language: IOS Objective-C
    VerboseLogging: 0
    DSA signature is invalid.
    Failed.
  --Verify
--ChilkatLog
link

answered Apr 28 at 06:40

DanielSchwill's gravatar image

DanielSchwill
11

I'll give it a test...

(Apr 28 at 13:22) chilkat ♦♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×21
×5
×3

Asked: Apr 26 at 12:46

Seen: 492 times

Last updated: Apr 28 at 13:22

powered by OSQA