Sample code for 30+ languages & platforms
Delphi DLL

Signing HTTP Messages

See more RSA Examples

Demonstrates how to sign HTTP messages per draft-cavage-http-signatures-10

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, StringBuilder, PrivateKey, Rsa, PublicKey, CkDateTime;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
bCrlf: Boolean;
sbPublicKeyPem: HCkStringBuilder;
pubKey: HCkPublicKey;
sbPrivateKeyPem: HCkStringBuilder;
privKey: HCkPrivateKey;
dtNow: HCkDateTime;
dateStr: PWideChar;
rsa: HCkRsa;
sbStringToSign: HCkStringBuilder;
b64Signature: PWideChar;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

bCrlf := True;
sbPublicKeyPem := CkStringBuilder_Create();
CkStringBuilder_AppendLine(sbPublicKeyPem,'-----BEGIN PUBLIC KEY-----',bCrlf);
CkStringBuilder_AppendLine(sbPublicKeyPem,'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3',bCrlf);
CkStringBuilder_AppendLine(sbPublicKeyPem,'6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6',bCrlf);
CkStringBuilder_AppendLine(sbPublicKeyPem,'Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw',bCrlf);
CkStringBuilder_AppendLine(sbPublicKeyPem,'oYi+1hqp1fIekaxsyQIDAQAB',bCrlf);
CkStringBuilder_AppendLine(sbPublicKeyPem,'-----END PUBLIC KEY-----',bCrlf);

pubKey := CkPublicKey_Create();
CkPublicKey_LoadFromString(pubKey,CkStringBuilder__getAsString(sbPublicKeyPem));

sbPrivateKeyPem := CkStringBuilder_Create();
CkStringBuilder_AppendLine(sbPrivateKeyPem,'-----BEGIN RSA PRIVATE KEY-----',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==',bCrlf);
CkStringBuilder_AppendLine(sbPrivateKeyPem,'-----END RSA PRIVATE KEY-----',bCrlf);

privKey := CkPrivateKey_Create();
CkPrivateKey_LoadPem(privKey,CkStringBuilder__getAsString(sbPrivateKeyPem));

//    All examples use this request:
// 
//    POST /foo?param=value&pet=dog HTTP/1.1
//    Host: example.com
//    Date: Sun, 05 Jan 2014 21:31:40 GMT
//    Content-Type: application/json
//    Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
//    Content-Length: 18
// 
//    {"hello": "world"}

// C.1.  Default Test
// 
//    If a list of headers is not included, the date is the only header
//    that is signed by default.  The string to sign would be:
// 
//    date: Sun, 05 Jan 2014 21:31:40 GMT
// 
//    The Authorization header would be:
// 
//    Authorization: Signature keyId="Test",algorithm="rsa-sha256",
//    signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
//    6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
//    6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
// 
//    The Signature header would be:
// 
//    Signature: keyId="Test",algorithm="rsa-sha256",
//    signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
//    6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
//    6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
// 

dtNow := CkDateTime_Create();
success := CkDateTime_SetFromCurrentSystemTime(dtNow);
dateStr := CkDateTime__getAsRfc822(dtNow,False);

// To duplicate the above result, we'll hard-code the date string.
dateStr := 'Sun, 05 Jan 2014 21:31:40 GMT';

rsa := CkRsa_Create();
success := CkRsa_UsePrivateKey(rsa,privKey);
if (success = False) then
  begin
    Memo1.Lines.Add(CkRsa__lastErrorText(rsa));
    Exit;
  end;

sbStringToSign := CkStringBuilder_Create();
CkStringBuilder_Append(sbStringToSign,'date: ');
CkStringBuilder_Append(sbStringToSign,dateStr);

CkRsa_putEncodingMode(rsa,'base64');
b64Signature := CkRsa__signStringENC(rsa,CkStringBuilder__getAsString(sbStringToSign),'SHA256');
Memo1.Lines.Add(b64Signature);
Memo1.Lines.Add('---------------------------');

// The result should be:
// SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM=

// ----------------------------------------------------------------------------------------------------

// C.2.  Basic Test
// 
//    The minimum recommended data to sign is the (request-target), host,
//    and date.  In this case, the string to sign would be:
// 
//    (request-target): post /foo?param=value&pet=dog
//    host: example.com
//    date: Sun, 05 Jan 2014 21:31:40 GMT
// 
//    The Authorization header would be:
// 
//    Authorization: Signature keyId="Test",algorithm="rsa-sha256",
//    headers="(request-target) host date", signature="qdx+H7PHHDZgy4
//    y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn
//    7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs
//    kLu6kd9Fswtemr3lgdDEmn04swr2Os0="

CkStringBuilder_Clear(sbStringToSign);
CkStringBuilder_Append(sbStringToSign,'(request-target): ');
CkStringBuilder_AppendLine(sbStringToSign,'post /foo?param=value&pet=dog',False);
CkStringBuilder_Append(sbStringToSign,'host: ');
CkStringBuilder_AppendLine(sbStringToSign,'example.com',False);
CkStringBuilder_Append(sbStringToSign,'date: ');
CkStringBuilder_Append(sbStringToSign,dateStr);

Memo1.Lines.Add('StringToSign:');
Memo1.Lines.Add(CkStringBuilder__getAsString(sbStringToSign));
b64Signature := CkRsa__signStringENC(rsa,CkStringBuilder__getAsString(sbStringToSign),'SHA256');
Memo1.Lines.Add(b64Signature);
Memo1.Lines.Add('---------------------------');

// The result should be:
// qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0=

CkStringBuilder_Dispose(sbPublicKeyPem);
CkPublicKey_Dispose(pubKey);
CkStringBuilder_Dispose(sbPrivateKeyPem);
CkPrivateKey_Dispose(privKey);
CkDateTime_Dispose(dtNow);
CkRsa_Dispose(rsa);
CkStringBuilder_Dispose(sbStringToSign);

end;