Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Visual FoxPro) Signing HTTP MessagesDemonstrates how to sign HTTP messages per draft-cavage-http-signatures-10 For more information, see https://tools.ietf.org/html/draft-cavage-http-signatures-10
LOCAL lnSuccess LOCAL lnBCrlf LOCAL loSbPublicKeyPem LOCAL loPubKey LOCAL loSbPrivateKeyPem LOCAL loPrivKey LOCAL loDtNow LOCAL lcDateStr LOCAL loRsa LOCAL loSbStringToSign LOCAL lcB64Signature * This example requires the Chilkat API to have been previously unlocked. * See Global Unlock Sample for sample code. lnBCrlf = 1 loSbPublicKeyPem = CreateObject('Chilkat_9_5_0.StringBuilder') loSbPublicKeyPem.AppendLine("-----BEGIN PUBLIC KEY-----",lnBCrlf) loSbPublicKeyPem.AppendLine("MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3",lnBCrlf) loSbPublicKeyPem.AppendLine("6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6",lnBCrlf) loSbPublicKeyPem.AppendLine("Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw",lnBCrlf) loSbPublicKeyPem.AppendLine("oYi+1hqp1fIekaxsyQIDAQAB",lnBCrlf) loSbPublicKeyPem.AppendLine("-----END PUBLIC KEY-----",lnBCrlf) loPubKey = CreateObject('Chilkat_9_5_0.PublicKey') loPubKey.LoadFromString(loSbPublicKeyPem.GetAsString()) loSbPrivateKeyPem = CreateObject('Chilkat_9_5_0.StringBuilder') loSbPrivateKeyPem.AppendLine("-----BEGIN RSA PRIVATE KEY-----",lnBCrlf) loSbPrivateKeyPem.AppendLine("MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF",lnBCrlf) loSbPrivateKeyPem.AppendLine("NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F",lnBCrlf) loSbPrivateKeyPem.AppendLine("UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB",lnBCrlf) loSbPrivateKeyPem.AppendLine("AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA",lnBCrlf) loSbPrivateKeyPem.AppendLine("QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK",lnBCrlf) loSbPrivateKeyPem.AppendLine("kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg",lnBCrlf) loSbPrivateKeyPem.AppendLine("f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u",lnBCrlf) loSbPrivateKeyPem.AppendLine("412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc",lnBCrlf) loSbPrivateKeyPem.AppendLine("mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7",lnBCrlf) loSbPrivateKeyPem.AppendLine("kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA",lnBCrlf) loSbPrivateKeyPem.AppendLine("gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW",lnBCrlf) loSbPrivateKeyPem.AppendLine("G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI",lnBCrlf) loSbPrivateKeyPem.AppendLine("7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==",lnBCrlf) loSbPrivateKeyPem.AppendLine("-----END RSA PRIVATE KEY-----",lnBCrlf) loPrivKey = CreateObject('Chilkat_9_5_0.PrivateKey') loPrivKey.LoadPem(loSbPrivateKeyPem.GetAsString()) * All examples use this request: * * POST /foo?param=value&pet=dog HTTP/1.1 * Host: example.com * Date: Sun, 05 Jan 2014 21:31:40 GMT * Content-Type: application/json * Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= * Content-Length: 18 * * {"hello": "world"} * C.1. Default Test * * If a list of headers is not included, the date is the only header * that is signed by default. The string to sign would be: * * date: Sun, 05 Jan 2014 21:31:40 GMT * * The Authorization header would be: * * Authorization: Signature keyId="Test",algorithm="rsa-sha256", * signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz * 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB * 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM=" * * The Signature header would be: * * Signature: keyId="Test",algorithm="rsa-sha256", * signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz * 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB * 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM=" * loDtNow = CreateObject('Chilkat_9_5_0.CkDateTime') lnSuccess = loDtNow.SetFromCurrentSystemTime() lcDateStr = loDtNow.GetAsRfc822(0) * To duplicate the above result, we'll hard-code the date string. lcDateStr = "Sun, 05 Jan 2014 21:31:40 GMT" loRsa = CreateObject('Chilkat_9_5_0.Rsa') lnSuccess = loRsa.ImportPrivateKeyObj(loPrivKey) IF (lnSuccess = 0) THEN ? loRsa.LastErrorText RELEASE loSbPublicKeyPem RELEASE loPubKey RELEASE loSbPrivateKeyPem RELEASE loPrivKey RELEASE loDtNow RELEASE loRsa CANCEL ENDIF loSbStringToSign = CreateObject('Chilkat_9_5_0.StringBuilder') loSbStringToSign.Append("date: ") loSbStringToSign.Append(lcDateStr) loRsa.EncodingMode = "base64" lcB64Signature = loRsa.SignStringENC(loSbStringToSign.GetAsString(),"SHA256") ? lcB64Signature ? "---------------------------" * The result should be: * SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM= * ---------------------------------------------------------------------------------------------------- * C.2. Basic Test * * The minimum recommended data to sign is the (request-target), host, * and date. In this case, the string to sign would be: * * (request-target): post /foo?param=value&pet=dog * host: example.com * date: Sun, 05 Jan 2014 21:31:40 GMT * * The Authorization header would be: * * Authorization: Signature keyId="Test",algorithm="rsa-sha256", * headers="(request-target) host date", signature="qdx+H7PHHDZgy4 * y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn * 7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs * kLu6kd9Fswtemr3lgdDEmn04swr2Os0=" loSbStringToSign.Clear() loSbStringToSign.Append("(request-target): ") loSbStringToSign.AppendLine("post /foo?param=value&pet=dog",0) loSbStringToSign.Append("host: ") loSbStringToSign.AppendLine("example.com",0) loSbStringToSign.Append("date: ") loSbStringToSign.Append(lcDateStr) ? "StringToSign:" ? loSbStringToSign.GetAsString() lcB64Signature = loRsa.SignStringENC(loSbStringToSign.GetAsString(),"SHA256") ? lcB64Signature ? "---------------------------" * The result should be: * qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0= RELEASE loSbPublicKeyPem RELEASE loPubKey RELEASE loSbPrivateKeyPem RELEASE loPrivKey RELEASE loDtNow RELEASE loRsa RELEASE loSbStringToSign |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.