How can I create a raw signature using SecKeyCreateSignature?

Hi there,

I'm trying to do a raw signature but the SecKeyRawSign is deprecated, so I am wondering if there is any way to do it using SecKeyCreateSignature, and EC key and the kSecKeyAlgorithmECDSASignatureMessageX962SHA256 algo. I've noticed that this method applies a hash before signing the data, and I want to avoid that. Is that possible? If not, what other options do i have?

Thanks in advance.

How can I create a raw signature using SecKeyCreateSignature?

This depends on the key type. For RSA, yes. For EC, no.

the kSecKeyAlgorithmECDSASignatureMessageX962SHA256 algo. I've noticed that this method applies a hash before signing the data, and I want to avoid that.

Every Messsage algorithm has a Digest equivalent that accepts the digest rather than the message. In this case that’s kSecKeyAlgorithmECDSASignatureDigestX962SHA256. However, that’s not the same as ‘raw’ signing. You can’t supply an arbitrary value to SecKeyCreateSignature; you must supply a digest. For example, with kSecKeyAlgorithmECDSASignatureDigestX962SHA256 you must supply a value whose size matches that of a SHA-256 digets, that is, 32 bytes.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

How can I create a raw signature using SecKeyCreateSignature?
 
 
Q