
                    
                    
                    isPartialHash()

Returns true if the key must be used with partial hashing (qualified signature key). Available only for private keys.

Declaration

Swift

public func isPartialHash() -> Bool

Return Value

true if the key must be used with partial hashing; false otherwise.


                    
                    
                    hashAndSign(data:algorithm:completionHandler:)

Hashes the provided data and signs the hash using a private key.

Example:

func signDataSHA384(privateKey: PrivateKey, dataToSign: Data) throws -> Data {
    // verify that the private key use partial hash.
    if privateKey.isPartialHash() {
        throw NSError(domain: "com.idopte", code: 0, userInfo: [NSLocalizedDescriptionKey: "no sha384 with partial hash"])
    }
    var err: NSError? = nil
    var signedData: Data? = nil
    let group = DispatchGroup() // used to make the function synchronous
    group.enter()
    DispatchQueue.global(qos: .background).async {
        privateKey.hashAndSign(data: dataToSign, algorithm: "sha384", completionHandler: { (signature, error) in
            err = error
            signedData = signature
            group.leave()
        }
    }
    group.wait()
    if let err = err {
        throw err!
    }
    else {
        return signedData!
    }
}

Declaration

Swift

public func hashAndSign(
	data: Data,
	algorithm: Any,
	completionHandler: @escaping (_ signature: Data?, _ error: NSError?) -> Void) -> Void

Parameters

`data`	Data to hash and sign.
`algorithm`	Indicates the hash algorithm to use and takes the following value: For RSA PKCS#1 padding and ECDSA: `algorithm` parameter is a string defines which hash algorithm to use: “sha1” or “sha256” available for all keys (SHA-1 may be forbidden with qualified signature keys depending on the card profile). The API will automatically take care of the partial hashing requirement when used with a qualified signature key. “sha384” or “sha512” not available for qualified signature. For RSA PSS padding, `algorithm` parameter is a `Dictionary` object with the following attributes: hashAlg: hash algorithm to use as a string. Can be `"sha1"`, `"sha256"`, `"sha384"` or `"sha512"`. mgf: mask generation function to use as a string. Can be `"sha1"`, `"sha256"`, `"sha384"` or `"sha512"`. saltLen: salt length to use as an integer.
`completionHandler`	The completion handler to call when the signature is complete. It takes the following parameters: signature `Data?`: containing the signature. error `NSError?`: `nil` if the signature is completed successfully; otherwise an error encapsulates the reason of failure. Note The completion handler is executed on the same type of `DispatchQueue` as in the calling code.


                    
                    
                    sign(hash:algorithm:completionHandler:)

Signs the provided data with the given algorithm.

Example:

let messageToSign = "message to sign"
let inputData = Data(messageToSign.utf8)
var hash:[UInt8]
hash = [UInt8](repeating: 0, count: Int(CC_SHA256_DIGEST_LENGTH))
CC_SHA256((inputData as NSData).bytes, CC_LONG(inputData.count), &hash)
let pssAlgorithm = ["hashAlg": "sha256", "mgf": "sha256", "saltLen": CC_SHA256_DIGEST_LENGTH]
privatekey.sign(hash: hash, algorithm: pssAlgorithm) { signature, error in
    if let error = error {
        // an error occurred while signing the data.
    }
    else {
        // you have signed data
    }
}

Declaration

Swift

public func sign(
	hash: Data,
	algorithm: Any,
	completionHandler: @escaping (_ signature: Data?, _ error: NSError?) -> Void) -> Void

Parameters

`data`	Data to sign.
`algorithm`	Indicates the hash algorithm to use and takes the following value: For RSA PKCS#1 padding and ECDSA: `algorithm` parameter is a string defines which hash algorithm to use: “sha1” or “sha256” available for all keys (SHA-1 may be forbidden with qualified signature keys depending on the card profile). The API will automatically take care of the partial hashing requirement when used with a qualified signature key. “sha384” or “sha512” not available for qualified signature. For RSA PSS padding, `algorithm` parameter is a `Dictionary` object with the following attributes: hashAlg: hash algorithm to use as a string. Can be `"sha1"`, `"sha256"`, `"sha384"` or `"sha512"`. mgf: mask generation function to use as a string. Can be `"sha1"`, `"sha256"`, `"sha384"` or `"sha512"`. saltLen: salt length to use as an integer.
`completionHandler`	The completion handler to call when the signature is complete. It takes the following parameters: signature `Data?`: containing the signature. error `NSError?`: `nil` if the signature is completed successfully; otherwise an esrror encapsulates the reason of failure. Note The completion handler is executed on the same type of `DispatchQueue` as in the calling code.


                    
                    
                    decrypt(data:algorithm:completionHandler:)

Decrypts the provided data using a private key.

Example:

privateKey.decrypt(data: dataToDecrypt, algorithm: "pkcs1") { dataDecrypted, error in
    if let error = error {
        print("Error while decrypting data : " + error.localizedDescription)
    }
    else {
        // decrypted data can be used from here
    }
}

Declaration

Swift

public func decrypt(data: Data, algorithm: String, completionHandler: @escaping (_ dataDecrypted: Data?, _ error: NSError?) -> Void)

Parameters

`data`	Data containing the ciphertext data to decrypt.
`algorithm`	Can be `"pkcs1"` or `"raw"`. This represent the algorithm that was used to encrypt the data.
`completionHandler`	The completion handler to call when the decryption is complete. It takes the following parameters: dataDecrypted `Data?`: containing the decrypted data. error `NSError?`: `nil` if the decryption is completed successfully; otherwise an error encapsulates the reason of failure. Note The completion handler is executed on the same type of `DispatchQueue` as in the calling code.