|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Classic ASP) Signing HTTP MessagesDemonstrates how to sign HTTP messages per draft-cavage-http-signatures-10 For more information, see https://tools.ietf.org/html/draft-cavage-http-signatures-10
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body> <% ' This example requires the Chilkat API to have been previously unlocked. ' See Global Unlock Sample for sample code. bCrlf = 1 ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.StringBuilder") set sbPublicKeyPem = Server.CreateObject("Chilkat.StringBuilder") success = sbPublicKeyPem.AppendLine("-----BEGIN PUBLIC KEY-----",bCrlf) success = sbPublicKeyPem.AppendLine("MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3",bCrlf) success = sbPublicKeyPem.AppendLine("6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6",bCrlf) success = sbPublicKeyPem.AppendLine("Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw",bCrlf) success = sbPublicKeyPem.AppendLine("oYi+1hqp1fIekaxsyQIDAQAB",bCrlf) success = sbPublicKeyPem.AppendLine("-----END PUBLIC KEY-----",bCrlf) ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.PublicKey") set pubKey = Server.CreateObject("Chilkat.PublicKey") success = pubKey.LoadFromString(sbPublicKeyPem.GetAsString()) ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.StringBuilder") set sbPrivateKeyPem = Server.CreateObject("Chilkat.StringBuilder") success = sbPrivateKeyPem.AppendLine("-----BEGIN RSA PRIVATE KEY-----",bCrlf) success = sbPrivateKeyPem.AppendLine("MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF",bCrlf) success = sbPrivateKeyPem.AppendLine("NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F",bCrlf) success = sbPrivateKeyPem.AppendLine("UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB",bCrlf) success = sbPrivateKeyPem.AppendLine("AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA",bCrlf) success = sbPrivateKeyPem.AppendLine("QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK",bCrlf) success = sbPrivateKeyPem.AppendLine("kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg",bCrlf) success = sbPrivateKeyPem.AppendLine("f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u",bCrlf) success = sbPrivateKeyPem.AppendLine("412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc",bCrlf) success = sbPrivateKeyPem.AppendLine("mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7",bCrlf) success = sbPrivateKeyPem.AppendLine("kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA",bCrlf) success = sbPrivateKeyPem.AppendLine("gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW",bCrlf) success = sbPrivateKeyPem.AppendLine("G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI",bCrlf) success = sbPrivateKeyPem.AppendLine("7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==",bCrlf) success = sbPrivateKeyPem.AppendLine("-----END RSA PRIVATE KEY-----",bCrlf) ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.PrivateKey") set privKey = Server.CreateObject("Chilkat.PrivateKey") success = privKey.LoadPem(sbPrivateKeyPem.GetAsString()) ' All examples use this request: ' ' POST /foo?param=value&pet=dog HTTP/1.1 ' Host: example.com ' Date: Sun, 05 Jan 2014 21:31:40 GMT ' Content-Type: application/json ' Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= ' Content-Length: 18 ' ' {"hello": "world"} ' C.1. Default Test ' ' If a list of headers is not included, the date is the only header ' that is signed by default. The string to sign would be: ' ' date: Sun, 05 Jan 2014 21:31:40 GMT ' ' The Authorization header would be: ' ' Authorization: Signature keyId="Test",algorithm="rsa-sha256", ' signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz ' 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB ' 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM=" ' ' The Signature header would be: ' ' Signature: keyId="Test",algorithm="rsa-sha256", ' signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz ' 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB ' 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM=" ' ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.CkDateTime") set dtNow = Server.CreateObject("Chilkat.CkDateTime") success = dtNow.SetFromCurrentSystemTime() dateStr = dtNow.GetAsRfc822(0) ' To duplicate the above result, we'll hard-code the date string. dateStr = "Sun, 05 Jan 2014 21:31:40 GMT" ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Rsa") set rsa = Server.CreateObject("Chilkat.Rsa") success = rsa.ImportPrivateKeyObj(privKey) If (success = 0) Then Response.Write "<pre>" & Server.HTMLEncode( rsa.LastErrorText) & "</pre>" Response.End End If ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.StringBuilder") set sbStringToSign = Server.CreateObject("Chilkat.StringBuilder") success = sbStringToSign.Append("date: ") success = sbStringToSign.Append(dateStr) rsa.EncodingMode = "base64" b64Signature = rsa.SignStringENC(sbStringToSign.GetAsString(),"SHA256") Response.Write "<pre>" & Server.HTMLEncode( b64Signature) & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( "---------------------------") & "</pre>" ' The result should be: ' SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM= ' ---------------------------------------------------------------------------------------------------- ' C.2. Basic Test ' ' The minimum recommended data to sign is the (request-target), host, ' and date. In this case, the string to sign would be: ' ' (request-target): post /foo?param=value&pet=dog ' host: example.com ' date: Sun, 05 Jan 2014 21:31:40 GMT ' ' The Authorization header would be: ' ' Authorization: Signature keyId="Test",algorithm="rsa-sha256", ' headers="(request-target) host date", signature="qdx+H7PHHDZgy4 ' y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn ' 7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs ' kLu6kd9Fswtemr3lgdDEmn04swr2Os0=" sbStringToSign.Clear success = sbStringToSign.Append("(request-target): ") success = sbStringToSign.AppendLine("post /foo?param=value&pet=dog",0) success = sbStringToSign.Append("host: ") success = sbStringToSign.AppendLine("example.com",0) success = sbStringToSign.Append("date: ") success = sbStringToSign.Append(dateStr) Response.Write "<pre>" & Server.HTMLEncode( "StringToSign:") & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( sbStringToSign.GetAsString()) & "</pre>" b64Signature = rsa.SignStringENC(sbStringToSign.GetAsString(),"SHA256") Response.Write "<pre>" & Server.HTMLEncode( b64Signature) & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( "---------------------------") & "</pre>" ' The result should be: ' qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0= %> </body> </html> |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.