Sample code for 30+ languages & platforms
PureBasic

RSA Sign with PKCS8 Encrypted Key

See more RSA Examples

Demonstrates how to load a private key from an encrypted PKCS8 file and create an RSA digital signature (and then verify it).

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkCert.pb"
IncludeFile "CkPublicKey.pb"
IncludeFile "CkPrivateKey.pb"
IncludeFile "CkRsa.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example assumes the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    privKey.i = CkPrivateKey::ckCreate()
    If privKey.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Load the private key from an RSA PEM file:
    success = CkPrivateKey::ckLoadAnyFormatFile(privKey,"raul_privateKey.key","a0123456789")
    If success = 0
        Debug CkPrivateKey::ckLastErrorText(privKey)
        CkPrivateKey::ckDispose(privKey)
        ProcedureReturn
    EndIf

    rsa.i = CkRsa::ckCreate()
    If rsa.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Import the private key into the RSA component:
    success = CkRsa::ckUsePrivateKey(rsa,privKey)
    If success = 0
        Debug CkRsa::ckLastErrorText(rsa)
        CkPrivateKey::ckDispose(privKey)
        CkRsa::ckDispose(rsa)
        ProcedureReturn
    EndIf

    ; This example will sign a string, and receive the signature
    ; in a hex-encoded string.  Therefore, set the encoding mode
    ; to "hex":
    CkRsa::setCkEncodingMode(rsa, "hex")

    strData.s = "This is the string to be signed."

    ; Sign the string using the sha256 hash algorithm.
    ; Other valid choices are sha1, sha384, sha512 and others.
    hexSig.s = CkRsa::ckSignStringENC(rsa,strData,"sha256")
    If CkRsa::ckLastMethodSuccess(rsa) = 0
        Debug CkRsa::ckLastErrorText(rsa)
        CkPrivateKey::ckDispose(privKey)
        CkRsa::ckDispose(rsa)
        ProcedureReturn
    EndIf

    Debug hexSig

    ; Now verify with the public key.
    ; This example shows how to use the public key from 
    ; a digital certificate (.cer file)
    cert.i = CkCert::ckCreate()
    If cert.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkCert::ckLoadFromFile(cert,"raul_publicKey.cer")
    If success = 0
        Debug CkCert::ckLastErrorText(cert)
        CkPrivateKey::ckDispose(privKey)
        CkRsa::ckDispose(rsa)
        CkCert::ckDispose(cert)
        ProcedureReturn
    EndIf

    pubKey.i = CkPublicKey::ckCreate()
    If pubKey.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkCert::ckGetPublicKey(cert,pubKey)

    rsa2.i = CkRsa::ckCreate()
    If rsa2.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkRsa::ckUsePublicKey(rsa2,pubKey)
    If success = 0
        Debug CkRsa::ckLastErrorText(rsa2)
        CkPrivateKey::ckDispose(privKey)
        CkRsa::ckDispose(rsa)
        CkCert::ckDispose(cert)
        CkPublicKey::ckDispose(pubKey)
        CkRsa::ckDispose(rsa2)
        ProcedureReturn
    EndIf

    ; Verify the signature against the original data:
    CkRsa::setCkEncodingMode(rsa2, "hex")
    success = CkRsa::ckVerifyStringENC(rsa2,strData,"sha256",hexSig)
    If success = 0
        Debug CkRsa::ckLastErrorText(rsa2)
        CkPrivateKey::ckDispose(privKey)
        CkRsa::ckDispose(rsa)
        CkCert::ckDispose(cert)
        CkPublicKey::ckDispose(pubKey)
        CkRsa::ckDispose(rsa2)
        ProcedureReturn
    EndIf

    Debug "Signature verified!"

    ; Verify with incorrect data:
    success = CkRsa::ckVerifyStringENC(rsa2,"something else","sha256",hexSig)
    If success <> 1
        Debug "Signature not verified! (which was expected in this case)"
    Else
        Debug "Hmmm... that's not right..."
    EndIf



    CkPrivateKey::ckDispose(privKey)
    CkRsa::ckDispose(rsa)
    CkCert::ckDispose(cert)
    CkPublicKey::ckDispose(pubKey)
    CkRsa::ckDispose(rsa2)


    ProcedureReturn
EndProcedure