(SQL Server) Duplicate Java Secure Token Creation

Demonstrates how to duplicate some Java code that creates an RSA signature to create a base64 token.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    -- This requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- This example duplicates the following Java code:

    -- public X509Certificate2 cert = new X509Certificate2(@"Some path to p12/p12file_name.p12","Password_for_p12"); 
    -- 
    -- public string GenerateSignToken(double timeValidityMin){ 
    --   string equalsSign = ":="; 
    --   string timeCreated = DateTime.Now.ToString("yyyy-MM-ddTHH:mm:ss.fffzzz"); 
    --   string tokenTimeInfo = "validityTimeMinutes" + equalsSign + timeValidityMin + ";"+"timeCreated" + equalsSign + timeCreated; 
    --   string signature = SignData(tokenTimeInfo); 
    --   string secureToken = tokenTimeInfo + ";" + "signature" + equalsSign + signature; 
    --   return Base64UrlEncode(secureToken); 
    -- } 
    --  
    -- public string SignData(string stringToSign){ 
    --   byte[] dataToSign = Encoding.UTF8.GetBytes(stringToSign); 
    --   RSACryptoServiceProvider privKey = (RSACryptoServiceProvider)cert.PrivateKey; 
    --   CspKeyContainerInfo containerInfo = new RSACryptoServiceProvider().CspKeyContainerInfo; 
    --   CspParameters cspparams = new CspParameters(containerInfo.ProviderType, containerInfo.ProviderName, privKey.CspKeyContainerInfo.KeyContainerName); 
    --   privKey = new RSACryptoServiceProvider(cspparams); 
    --   string id = CryptoConfig.MapNameToOID("SHA256"); 
    --   byte[] sign = privKey.SignData(dataToSign, id); 
    --   bool res = privKey.VerifyData(dataToSign, id, sign); 
    --   return Convert.ToBase64String(sign).Replace('+', '-').Replace('/', '_').Replace("=", ""); 
    -- } 
    --  
    -- private static string Base64UrlEncode(string input){ 
    --   var inputBytes = Encoding.UTF8.GetBytes(input); 
    --   return Convert.ToBase64String(inputBytes).Replace('+', '-').Replace('/', '_').Replace("=", ""); 
    -- } 

    DECLARE @success int

    DECLARE @dt int
    -- Use "Chilkat_9_5_0.CkDateTime" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.CkDateTime', @dt OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    EXEC sp_OAMethod @dt, 'SetFromCurrentSystemTime', @success OUT
    DECLARE @timeCreated nvarchar(4000)
    EXEC sp_OAMethod @dt, 'GetAsTimestamp', @timeCreated OUT, 1

    -- Such as 2019-04-01T19:35:44-05:00

    PRINT @timeCreated

    DECLARE @sbToken int
    -- Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbToken OUT

    EXEC sp_OAMethod @sbToken, 'Append', @success OUT, 'validityTimeMinutes:=10.0;timeCreated:='
    EXEC sp_OAMethod @sbToken, 'Append', @success OUT, @timeCreated

    DECLARE @cert int
    -- Use "Chilkat_9_5_0.Cert" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT

    EXEC sp_OAMethod @cert, 'LoadPfxFile', @success OUT, 'Some path to p12/p12file_name.p12', 'Password_for_p12'
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @dt
        EXEC @hr = sp_OADestroy @sbToken
        EXEC @hr = sp_OADestroy @cert
        RETURN
      END

    DECLARE @rsa int
    -- Use "Chilkat_9_5_0.Rsa" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa OUT

    EXEC sp_OAMethod @rsa, 'SetX509Cert', @success OUT, @cert, 1
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @dt
        EXEC @hr = sp_OADestroy @sbToken
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END

    EXEC sp_OASetProperty @rsa, 'EncodingMode', 'base64url'

    DECLARE @signature nvarchar(4000)
    EXEC sp_OAMethod @sbToken, 'GetAsString', @sTmp0 OUT
    EXEC sp_OAMethod @rsa, 'SignStringENC', @signature OUT, @sTmp0, 'sha256'
    EXEC sp_OAGetProperty @rsa, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 = 0
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @dt
        EXEC @hr = sp_OADestroy @sbToken
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END

    EXEC sp_OAMethod @sbToken, 'Append', @success OUT, ';signature:='
    EXEC sp_OAMethod @sbToken, 'Append', @success OUT, @signature

    -- Base64URL encode the result
    EXEC sp_OAMethod @sbToken, 'Encode', @success OUT, 'base64url', 'utf-8'
    DECLARE @token nvarchar(4000)
    EXEC sp_OAMethod @sbToken, 'GetAsString', @token OUT


    PRINT @token

    EXEC @hr = sp_OADestroy @dt
    EXEC @hr = sp_OADestroy @sbToken
    EXEC @hr = sp_OADestroy @cert
    EXEC @hr = sp_OADestroy @rsa


END
GO