PureBasic
PureBasic
Signing HTTP Messages
See more RSA Examples
Demonstrates how to sign HTTP messages per draft-cavage-http-signatures-10Chilkat PureBasic Downloads
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkPrivateKey.pb"
IncludeFile "CkRsa.pb"
IncludeFile "CkPublicKey.pb"
IncludeFile "CkDateTime.pb"
Procedure ChilkatExample()
success.i = 0
; This example requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
bCrlf.i = 1
sbPublicKeyPem.i = CkStringBuilder::ckCreate()
If sbPublicKeyPem.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkStringBuilder::ckAppendLine(sbPublicKeyPem,"-----BEGIN PUBLIC KEY-----",bCrlf)
CkStringBuilder::ckAppendLine(sbPublicKeyPem,"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3",bCrlf)
CkStringBuilder::ckAppendLine(sbPublicKeyPem,"6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6",bCrlf)
CkStringBuilder::ckAppendLine(sbPublicKeyPem,"Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw",bCrlf)
CkStringBuilder::ckAppendLine(sbPublicKeyPem,"oYi+1hqp1fIekaxsyQIDAQAB",bCrlf)
CkStringBuilder::ckAppendLine(sbPublicKeyPem,"-----END PUBLIC KEY-----",bCrlf)
pubKey.i = CkPublicKey::ckCreate()
If pubKey.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkPublicKey::ckLoadFromString(pubKey,CkStringBuilder::ckGetAsString(sbPublicKeyPem))
sbPrivateKeyPem.i = CkStringBuilder::ckCreate()
If sbPrivateKeyPem.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"-----BEGIN RSA PRIVATE KEY-----",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==",bCrlf)
CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"-----END RSA PRIVATE KEY-----",bCrlf)
privKey.i = CkPrivateKey::ckCreate()
If privKey.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkPrivateKey::ckLoadPem(privKey,CkStringBuilder::ckGetAsString(sbPrivateKeyPem))
; All examples use this request:
;
; POST /foo?param=value&pet=dog HTTP/1.1
; Host: example.com
; Date: Sun, 05 Jan 2014 21:31:40 GMT
; Content-Type: application/json
; Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
; Content-Length: 18
;
; {"hello": "world"}
; C.1. Default Test
;
; If a list of headers is not included, the date is the only header
; that is signed by default. The string to sign would be:
;
; date: Sun, 05 Jan 2014 21:31:40 GMT
;
; The Authorization header would be:
;
; Authorization: Signature keyId="Test",algorithm="rsa-sha256",
; signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
; 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
; 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
;
; The Signature header would be:
;
; Signature: keyId="Test",algorithm="rsa-sha256",
; signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
; 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
; 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
;
dtNow.i = CkDateTime::ckCreate()
If dtNow.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkDateTime::ckSetFromCurrentSystemTime(dtNow)
dateStr.s = CkDateTime::ckGetAsRfc822(dtNow,0)
; To duplicate the above result, we'll hard-code the date string.
dateStr = "Sun, 05 Jan 2014 21:31:40 GMT"
rsa.i = CkRsa::ckCreate()
If rsa.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkRsa::ckUsePrivateKey(rsa,privKey)
If success = 0
Debug CkRsa::ckLastErrorText(rsa)
CkStringBuilder::ckDispose(sbPublicKeyPem)
CkPublicKey::ckDispose(pubKey)
CkStringBuilder::ckDispose(sbPrivateKeyPem)
CkPrivateKey::ckDispose(privKey)
CkDateTime::ckDispose(dtNow)
CkRsa::ckDispose(rsa)
ProcedureReturn
EndIf
sbStringToSign.i = CkStringBuilder::ckCreate()
If sbStringToSign.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkStringBuilder::ckAppend(sbStringToSign,"date: ")
CkStringBuilder::ckAppend(sbStringToSign,dateStr)
CkRsa::setCkEncodingMode(rsa, "base64")
b64Signature.s = CkRsa::ckSignStringENC(rsa,CkStringBuilder::ckGetAsString(sbStringToSign),"SHA256")
Debug b64Signature
Debug "---------------------------"
; The result should be:
; SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM=
; ----------------------------------------------------------------------------------------------------
; C.2. Basic Test
;
; The minimum recommended data to sign is the (request-target), host,
; and date. In this case, the string to sign would be:
;
; (request-target): post /foo?param=value&pet=dog
; host: example.com
; date: Sun, 05 Jan 2014 21:31:40 GMT
;
; The Authorization header would be:
;
; Authorization: Signature keyId="Test",algorithm="rsa-sha256",
; headers="(request-target) host date", signature="qdx+H7PHHDZgy4
; y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn
; 7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs
; kLu6kd9Fswtemr3lgdDEmn04swr2Os0="
CkStringBuilder::ckClear(sbStringToSign)
CkStringBuilder::ckAppend(sbStringToSign,"(request-target): ")
CkStringBuilder::ckAppendLine(sbStringToSign,"post /foo?param=value&pet=dog",0)
CkStringBuilder::ckAppend(sbStringToSign,"host: ")
CkStringBuilder::ckAppendLine(sbStringToSign,"example.com",0)
CkStringBuilder::ckAppend(sbStringToSign,"date: ")
CkStringBuilder::ckAppend(sbStringToSign,dateStr)
Debug "StringToSign:"
Debug CkStringBuilder::ckGetAsString(sbStringToSign)
b64Signature = CkRsa::ckSignStringENC(rsa,CkStringBuilder::ckGetAsString(sbStringToSign),"SHA256")
Debug b64Signature
Debug "---------------------------"
; The result should be:
; qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0=
CkStringBuilder::ckDispose(sbPublicKeyPem)
CkPublicKey::ckDispose(pubKey)
CkStringBuilder::ckDispose(sbPrivateKeyPem)
CkPrivateKey::ckDispose(privKey)
CkDateTime::ckDispose(dtNow)
CkRsa::ckDispose(rsa)
CkStringBuilder::ckDispose(sbStringToSign)
ProcedureReturn
EndProcedure