Sample code for 30+ languages & platforms
Visual FoxPro

Create CAdES (p7m) Signature using ARSS (Aruba Remote Signing Service)

See more Signing in the Cloud Examples

Demonstrates creating a CAdES (p7m) signature using the Aruba Remote Signing Service.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL loCert
LOCAL loJsonArss
LOCAL loCrypt
LOCAL loSignedAttrs
LOCAL lcInputXmlPath
LOCAL lcOutputP7mPath

lnSuccess = 0

* This example assumes the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* Load the certificate used for signing.  The certificate's private key is stored on 
* the Aruba.it server and the signing will happen remotely using the
* ARSS (Aruba Remote Signing Service).
* However, we still need the certificate locally (without private key).
loCert = CreateObject('Chilkat.Cert')
lnSuccess = loCert.LoadFromFile("qa_data/certs/myCert.cer")
IF (lnSuccess = 0) THEN
    ? loCert.LastErrorText
    RELEASE loCert
    CANCEL
ENDIF

* To sign using the Aruba Remote Signing Service, 
* add the following lines of code to specify your authentication credentials,
* and the ID of the certificate w/ private key on the server to be used.
loJsonArss = CreateObject('Chilkat.JsonObject')

* Set the "service" equal to "ARSS" to tell Chilkat to use ARSS for signing.
loJsonArss.UpdateString("service","ARSS")
* Specify the certificate ID, such as "AS0"
* This certificate should match the certificate loaded in the above code.
loJsonArss.UpdateString("certID","YOUR_ARSS_CERT_ID")
loJsonArss.UpdateString("otpPwd","YOUR_OTP_PWD")

* Specifies the OTP authentication environment.
* 
* Common values are:
*   "demoprod" - Demo/Test environment
*   "prod"     - Production environment
* 
* This value is sent to the ARSS service and determines how the OTP
* authentication is validated.  The correct value depends on the type
* of Aruba account and environment that has been provisioned.
* 
* If signing fails with an authentication-related error, verify that
* the typeOtpAuth value matches the environment associated with the
* ARSS account credentials being used.
loJsonArss.UpdateString("typeOtpAuth","demoprod")

loJsonArss.UpdateString("user","YOUR_ARSS_USERNAME")
loJsonArss.UpdateString("userPWD","YOUR_ARSS_PASSWORD")

* The "endpoint" can be specified starting in Chilkat v11.5.0
loJsonArss.UpdateString("endpoint","https://app1.firma-remota.it/ArubaSignerService/webresources/signerservice")

lnSuccess = loCert.SetCloudSigner(loJsonArss)

loCrypt = CreateObject('Chilkat.Crypt2')

lnSuccess = loCrypt.SetSigningCert(loCert)
IF (lnSuccess = 0) THEN
    ? loCrypt.LastErrorText
    RELEASE loCert
    RELEASE loJsonArss
    RELEASE loCrypt
    CANCEL
ENDIF

* The CadesEnabled property applies to all methods that create PKCS7 signatures. 
* To create a CAdES-BES signature, set this property equal to true.
loCrypt.CadesEnabled = 1

loCrypt.HashAlgorithm = "sha256"

loSignedAttrs = CreateObject('Chilkat.JsonObject')
loSignedAttrs.UpdateInt("contentType",1)
loSignedAttrs.UpdateInt("signingTime",1)
loSignedAttrs.UpdateInt("messageDigest",1)
loSignedAttrs.UpdateInt("signingCertificateV2",1)
loCrypt.SigningAttributes = loSignedAttrs.Emit()

* You can sign any type of file..
lcInputXmlPath = "qa_data/e-Invoice.xml"
lcOutputP7mPath = "qa_output/signed.p7m"

* Create the CAdES-BES attached signature, which contains the original data.
* Chilkat will build the .p7m locally, but will (internally) use ARSS
* to do the RSA signing remotely.
lnSuccess = loCrypt.CreateP7M(lcInputXmlPath,lcOutputP7mPath)
IF (lnSuccess = 0) THEN
    ? loCrypt.LastErrorText
    RELEASE loCert
    RELEASE loJsonArss
    RELEASE loCrypt
    RELEASE loSignedAttrs
    CANCEL
ENDIF

? "Success."

RELEASE loCert
RELEASE loJsonArss
RELEASE loCrypt
RELEASE loSignedAttrs