diff --git a/Cargo.toml b/Cargo.toml
index 99cfe27..5017746 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "swift-secure-enclave-tool-rs"
-version = "1.2.0"
+version = "1.2.1"
 edition = "2024"
 authors = ["Hatter Jiang"]
 repository = "https://git.hatter.ink/hatter/swift-secure-enclave-tool-rs"
diff --git a/src/lib.rs b/src/lib.rs
index 05dc0d8..356fe40 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -34,6 +34,22 @@ impl ControlFlag {
     }
 }
 
+#[derive(Debug, Clone, Copy, Eq, PartialEq)]
+pub enum DigestType {
+    Raw, Sha256, Sha384, Sha512,
+}
+
+impl DigestType {
+    fn to_str(&self) -> &'static str {
+        match self {
+            DigestType::Raw => "raw",
+            DigestType::Sha256 => "sha256",
+            DigestType::Sha384 => "sha384",
+            DigestType::Sha512 => "sha512",
+        }
+    }
+}
+
 #[derive(Debug)]
 pub struct KeyMaterial {
     pub public_key_point: Vec<u8>,
@@ -140,12 +156,20 @@ pub fn recover_keypair(
 }
 
 pub fn private_key_sign(private_key_representation: &[u8], content: &[u8]) -> XResult<Vec<u8>> {
+    private_key_sign_digested(private_key_representation, content, DigestType::Raw)
+}
+
+pub fn private_key_sign_digested(private_key_representation: &[u8], content: &[u8], digest_type: DigestType) -> XResult<Vec<u8>> {
     let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
     cmd.arg("compute_p256_ecsign");
     cmd.arg("--private-key");
     cmd.arg(STANDARD.encode(private_key_representation));
     cmd.arg("--message-base64");
     cmd.arg(STANDARD.encode(content));
+    if digest_type != DigestType::Raw {
+        cmd.arg("--message-type");
+        cmd.arg(digest_type.to_str());
+    }
 
     let cmd_stdout = run_command_stdout(cmd)?;
     parse_sign_result(&cmd_stdout)