Sample code for 30+ languages & platforms
C

RSA Sign String using Private Key of Certificate Type A3 (smart card / token)

See more RSA Examples

Demonstrates RSA signing a string using the private key of a certificate type A3 (smart card, token).

Note: This is a Windows-only example.

Chilkat C Downloads

C
#include <C_CkCertStore.h>
#include <C_CkJsonObject.h>
#include <C_CkCert.h>
#include <C_CkRsa.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkCertStore certStore;
    const char *thumbprint;
    BOOL bReadOnly;
    HCkJsonObject json;
    HCkCert cert;
    HCkRsa rsa;
    BOOL bUsePrivateKey;
    const char *sigBase64;

    success = FALSE;

    // First get the A3 certificate that was installed on the Windows system.
    certStore = CkCertStore_Create();

    thumbprint = "12c1dd8015f3f03f7b1fa619dc24e2493ca8b4b2";

    // This is specific to Windows because it is opening the Windows Current-User certificate store.
    bReadOnly = TRUE;
    success = CkCertStore_OpenCurrentUserStore(certStore,bReadOnly);
    if (success != TRUE) {
        printf("%s\n",CkCertStore_lastErrorText(certStore));
        CkCertStore_Dispose(certStore);
        return;
    }

    // Find the certificate with the desired thumbprint
    // (There are many ways to locate a certificate.  This example chooses to find by thumbprint.)
    json = CkJsonObject_Create();
    CkJsonObject_UpdateString(json,"thumbprint",thumbprint);

    cert = CkCert_Create();
    success = CkCertStore_FindCert(certStore,json,cert);
    if (success == FALSE) {
        printf("Failed to find the certificate.\n");
        CkCertStore_Dispose(certStore);
        CkJsonObject_Dispose(json);
        CkCert_Dispose(cert);
        return;
    }

    printf("Found: %s\n",CkCert_subjectCN(cert));

    rsa = CkRsa_Create();

    // Provide the cert's private key
    bUsePrivateKey = TRUE;
    success = CkRsa_SetX509Cert(rsa,cert,bUsePrivateKey);
    if (success != TRUE) {
        printf("%s\n",CkRsa_lastErrorText(rsa));
        CkCertStore_Dispose(certStore);
        CkJsonObject_Dispose(json);
        CkCert_Dispose(cert);
        CkRsa_Dispose(rsa);
        return;
    }

    // Return the RSA signature in base64 encoded form.
    CkRsa_putEncodingMode(rsa,"base64");

    // Sign the utf-8 byte representation of the string.
    CkRsa_putCharset(rsa,"utf-8");

    // You can also choose other hash algorithms, such as SHA-1.
    sigBase64 = CkRsa_signStringENC(rsa,"text to sign","SHA-256");
    if (CkRsa_getLastMethodSuccess(rsa) != TRUE) {
        printf("%s\n",CkRsa_lastErrorText(rsa));
        CkCertStore_Dispose(certStore);
        CkJsonObject_Dispose(json);
        CkCert_Dispose(cert);
        CkRsa_Dispose(rsa);
        return;
    }

    printf("Base64 signature: %s\n",sigBase64);


    CkCertStore_Dispose(certStore);
    CkJsonObject_Dispose(json);
    CkCert_Dispose(cert);
    CkRsa_Dispose(rsa);

    }