Delphi DLL
Delphi DLL
RSA Sign String using Private Key of Certificate Type A3 (smart card / token)
See more RSA Examples
Demonstrates RSA signing a string using the private key of a certificate type A3 (smart card, token).Note: This is a Windows-only example.
Chilkat Delphi DLL Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Rsa, Cert, CertStore, JsonObject;
...
procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
certStore: HCkCertStore;
thumbprint: PWideChar;
bReadOnly: Boolean;
json: HCkJsonObject;
cert: HCkCert;
rsa: HCkRsa;
bUsePrivateKey: Boolean;
sigBase64: PWideChar;
begin
success := False;
// First get the A3 certificate that was installed on the Windows system.
certStore := CkCertStore_Create();
thumbprint := '12c1dd8015f3f03f7b1fa619dc24e2493ca8b4b2';
// This is specific to Windows because it is opening the Windows Current-User certificate store.
bReadOnly := True;
success := CkCertStore_OpenCurrentUserStore(certStore,bReadOnly);
if (success <> True) then
begin
Memo1.Lines.Add(CkCertStore__lastErrorText(certStore));
Exit;
end;
// Find the certificate with the desired thumbprint
// (There are many ways to locate a certificate. This example chooses to find by thumbprint.)
json := CkJsonObject_Create();
CkJsonObject_UpdateString(json,'thumbprint',thumbprint);
cert := CkCert_Create();
success := CkCertStore_FindCert(certStore,json,cert);
if (success = False) then
begin
Memo1.Lines.Add('Failed to find the certificate.');
Exit;
end;
Memo1.Lines.Add('Found: ' + CkCert__subjectCN(cert));
rsa := CkRsa_Create();
// Provide the cert's private key
bUsePrivateKey := True;
success := CkRsa_SetX509Cert(rsa,cert,bUsePrivateKey);
if (success <> True) then
begin
Memo1.Lines.Add(CkRsa__lastErrorText(rsa));
Exit;
end;
// Return the RSA signature in base64 encoded form.
CkRsa_putEncodingMode(rsa,'base64');
// Sign the utf-8 byte representation of the string.
CkRsa_putCharset(rsa,'utf-8');
// You can also choose other hash algorithms, such as SHA-1.
sigBase64 := CkRsa__signStringENC(rsa,'text to sign','SHA-256');
if (CkRsa_getLastMethodSuccess(rsa) <> True) then
begin
Memo1.Lines.Add(CkRsa__lastErrorText(rsa));
Exit;
end;
Memo1.Lines.Add('Base64 signature: ' + sigBase64);
CkCertStore_Dispose(certStore);
CkJsonObject_Dispose(json);
CkCert_Dispose(cert);
CkRsa_Dispose(rsa);
end;