(MFC) RSA SHA256 Signature using Private Key from Java Keystore

Signs plaintext using RSA SHA256 using a key from a Java keystore.

Duplicatest this code:

KeyStore keystore; // key repository for keys containing signature certificate
String alias; // alias for the certificate in the key repository
String password; // password for the certificate's private key
String plaintext; // text being signed


Signature signature = Signature.getInstance("SHA256withRSA");
signature.initSign((PrivateKey) keystore.getKey(alias, password.toCharArray()));
signature.update(plaintext.getBytes("UTF-8"));
byte[] rsa_text= signature.sign();

Chilkat C/C++ Library Downloads MS Visual C/C++ Libs

See Also: Using MFC CString in Chilkat

#include <CkJavaKeyStore.h>
#include <CkPrivateKey.h>
#include <CkRsa.h>
#include <CkByteData.h>

void ChilkatSample(void)
    {
    CkString strOut;

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkJavaKeyStore jks;

    const char *jksPassword = "secret";

    // Load the Java keystore from a file.  The JKS file password is used
    // to verify the keyed digest that is found at the very end of the keystore.
    // It verifies that the keystore has not been modified.
    bool success = jks.LoadFile(jksPassword,"qa_data/jks/sample_secret.jks");
    if (success != true) {
        strOut.append(jks.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Get the private key from the JKS.
    // The private key password may be different than the file password.
    const char *privKeyPassword = "secret";
    bool caseSensitive = false;
    CkPrivateKey *privKey = jks.FindPrivateKey(privKeyPassword,"some.alias",caseSensitive);
    if (jks.get_LastMethodSuccess() != true) {
        strOut.append(jks.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Establish the RSA object and tell it to use the private key..
    CkRsa rsa;

    success = rsa.ImportPrivateKeyObj(*privKey);
    delete privKey;
    if (success != true) {
        strOut.append(rsa.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Indicate we'll be signing the utf-8 byte representation of the string..
    rsa.put_Charset("utf-8");

    // Sign some plaintext using RSA-SHA256
    CkByteData binarySignature;
    const char *plaintext = "this is the text to be signed";
    success = rsa.SignString(plaintext,"SHA256",binarySignature);
    if (rsa.get_LastMethodSuccess() != true) {
        strOut.append(rsa.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Alternatively, if the signature is desired in some encoded string form,
    // such as base64, base64-url, hex, etc.
    rsa.put_EncodingMode("base64-url");
    const char *signatureStr = rsa.signStringENC(plaintext,"SHA256");
    strOut.append("base64-url RSA signature: ");
    strOut.append(signatureStr);
    strOut.append("\r\n");


    SetDlgItemText(IDC_EDIT1,strOut.getUnicode());

    }