I'm trying to use SecKeyRawSign on swift to digitally sign a String using SHA256withRSA. I can properly generate the RSA keys, but I'm not sure about what data to send to this function. My goal is to use PKCS1 v1.5 format, which should generate the same signature as long as the private key and content to be signed are the same, i.e., there's no random component in the algorithm.
Also, I (think I) know that the algorith that I should first calculate the SHA256 hash of the message, then I should add a ASN.1 prefix describing the algorithm. And finally I should add the PKCS1 padding (0x00 0x01 0xff .. 0xff 0x00) to complete a 128-byte sequence for a 1024-bit key.
I tried passing the following combinations of data and padding to the function: * message with PKCS1HSA256 padding * sha256(message) with PKCS1HSA256 padding * algorithm identifier + sha256(message) with PKCS1 padding * pkcs1 padding + algorithm identifier + sha256(message) with raw padding
In each case the function returns no error, but each time I call the function with the same key and data, a different signature is generated. Knowing that the algorithm has no random component, shouldn't I be getting the same signature every time?
So can somebody help me by letting me know what should be passed into each parameter to accomplish my goal? How data param should be constructed?
Thanks.
