|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(SQL Server) PKCS11 Generate Secret Key (such as AES)See more PKCS11 ExamplesGenerates a symmetric secret key such as AES on the HSM. Note: This example requires Chilkat v9.5.0.96 or later.
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls. -- CREATE PROCEDURE ChilkatSample AS BEGIN DECLARE @hr int -- Important: Do not use nvarchar(max). See the warning about using nvarchar(max). DECLARE @sTmp0 nvarchar(4000) -- This example requires the Chilkat API to have been previously unlocked. -- See Global Unlock Sample for sample code. -- Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems. DECLARE @pkcs11 int -- Use "Chilkat_9_5_0.Pkcs11" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Pkcs11', @pkcs11 OUT IF @hr <> 0 BEGIN PRINT 'Failed to create ActiveX component' RETURN END -- Use the PKCS11 driver (.dll, .so, .dylib) for your particular HSM. -- (The format of the path will change with the operating system. Obviously, "C:/" is not used on non-Windows systems. EXEC sp_OASetProperty @pkcs11, 'SharedLibPath', 'C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll' -- Establish a logged-on session. DECLARE @pin nvarchar(4000) SELECT @pin = '0000' DECLARE @userType int SELECT @userType = 1 DECLARE @success int EXEC sp_OAMethod @pkcs11, 'QuickSession', @success OUT, @userType, @pin IF @success = 0 BEGIN EXEC sp_OAGetProperty @pkcs11, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @pkcs11 RETURN END -- Let's generate a 256-bit AES key on the token, which will exist for the duration of this session. -- Symmetric keys, such as AES keys, are typically created (or imported) and used during a single session. -- Other possible values for keyType are "AES XTS", "Blowfish", "Twofish", "ChaCha20", and others. -- In virtually all cases, you'll want to create an AES key. DECLARE @keyType nvarchar(4000) SELECT @keyType = 'AES' -- Specify attributes and abilities (how this key can be used) by providing a JSON template. DECLARE @json int -- Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT -- The key can be extracted or wrapped. EXEC sp_OAMethod @json, 'UpdateBool', @success OUT, 'extractable', 1 -- Allow the key to be used for encryption, decryption, wrapping other keys, and unwrapping other keys. EXEC sp_OAMethod @json, 'UpdateBool', @success OUT, 'encrypt', 1 EXEC sp_OAMethod @json, 'UpdateBool', @success OUT, 'decrypt', 1 EXEC sp_OAMethod @json, 'UpdateBool', @success OUT, 'wrap', 1 EXEC sp_OAMethod @json, 'UpdateBool', @success OUT, 'unwrap', 1 -- Indicate a 256-bit AES key is to be generated by setting the value_len attribute equal to the key size in bytes. -- (32 bytes * 8 bits/byte = 256 bits) EXEC sp_OAMethod @json, 'UpdateInt', @success OUT, 'value_len', 32 DECLARE @keyHandle int EXEC sp_OAMethod @pkcs11, 'GenSecretKey', @keyHandle OUT, @keyType, @json IF @keyHandle = 0 BEGIN EXEC sp_OAGetProperty @pkcs11, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 PRINT 'Failed to generate an AES key.' END ELSE BEGIN PRINT 'key handle = ' + @keyHandle PRINT 'Success.' END EXEC sp_OAMethod @pkcs11, 'Logout', @success OUT EXEC sp_OAMethod @pkcs11, 'CloseSession', @success OUT EXEC @hr = sp_OADestroy @pkcs11 EXEC @hr = sp_OADestroy @json END GO |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.