Sample code for 30+ languages & platforms
Delphi DLL

RSA Signature with Certificate's Private Key from PFX

See more RSA Examples

Demonstrates how to use a certificate's private key from a PFX file to create an RSA signature.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, PrivateKey, Rsa, Cert, CertStore, JsonObject;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
certStore: HCkCertStore;
jsonCN: HCkJsonObject;
cert: HCkCert;
privKey: HCkPrivateKey;
rsa: HCkRsa;
strData: PWideChar;
hexSig: PWideChar;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Create an instance of a certificate store object, load a PFX file,
// locate the certificate we need, and use it for signing.
// (a PFX file may contain more than one certificate.)
certStore := CkCertStore_Create();

// The 1st argument is the filename, the 2nd arg is the 
// PFX file's password:
success := CkCertStore_LoadPfxFile(certStore,'chilkat.pfx','test');
if (success = False) then
  begin
    Memo1.Lines.Add(CkCertStore__lastErrorText(certStore));
    Exit;
  end;

// Find the certificate by the subject common name:
jsonCN := CkJsonObject_Create();
CkJsonObject_UpdateString(jsonCN,'CN','cert common name');

cert := CkCert_Create();
success := CkCertStore_FindCert(certStore,jsonCN,cert);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCertStore__lastErrorText(certStore));
    Exit;
  end;

privKey := CkPrivateKey_Create();
success := CkCert_GetPrivateKey(cert,privKey);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

rsa := CkRsa_Create();

success := CkRsa_UsePrivateKey(rsa,privKey);
if (success = False) then
  begin
    Memo1.Lines.Add(CkRsa__lastErrorText(rsa));
    Exit;
  end;

// Encode the signature as a hex string
CkRsa_putEncodingMode(rsa,'hex');

strData := 'This is the string to be signed.';

// Sign the string using the sha-1 hash algorithm.
// Other valid choices are "sha-256", "md2" and "md5".
hexSig := CkRsa__signStringENC(rsa,strData,'sha-1');

Memo1.Lines.Add(hexSig);

Memo1.Lines.Add('Success!');

CkCertStore_Dispose(certStore);
CkJsonObject_Dispose(jsonCN);
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
CkRsa_Dispose(rsa);

end;