Sample code for 30+ languages & platforms
AutoIt

Create CAdES (p7m) Signature using ARSS (Aruba Remote Signing Service)

See more Signing in the Cloud Examples

Demonstrates creating a CAdES (p7m) signature using the Aruba Remote Signing Service.

Chilkat AutoIt Downloads

AutoIt
Local $bSuccess = False

; This example assumes the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.

; Load the certificate used for signing.  The certificate's private key is stored on 
; the Aruba.it server and the signing will happen remotely using the
; ARSS (Aruba Remote Signing Service).
; However, we still need the certificate locally (without private key).
$oCert = ObjCreate("Chilkat.Cert")
$bSuccess = $oCert.LoadFromFile("qa_data/certs/myCert.cer")
If ($bSuccess = False) Then
    ConsoleWrite($oCert.LastErrorText & @CRLF)
    Exit
EndIf

; To sign using the Aruba Remote Signing Service, 
; add the following lines of code to specify your authentication credentials,
; and the ID of the certificate w/ private key on the server to be used.
$oJsonArss = ObjCreate("Chilkat.JsonObject")

; Set the "service" equal to "ARSS" to tell Chilkat to use ARSS for signing.
$oJsonArss.UpdateString("service","ARSS")
; Specify the certificate ID, such as "AS0"
; This certificate should match the certificate loaded in the above code.
$oJsonArss.UpdateString("certID","YOUR_ARSS_CERT_ID")
$oJsonArss.UpdateString("otpPwd","YOUR_OTP_PWD")

; Specifies the OTP authentication environment.
; 
; Common values are:
;   "demoprod" - Demo/Test environment
;   "prod"     - Production environment
; 
; This value is sent to the ARSS service and determines how the OTP
; authentication is validated.  The correct value depends on the type
; of Aruba account and environment that has been provisioned.
; 
; If signing fails with an authentication-related error, verify that
; the typeOtpAuth value matches the environment associated with the
; ARSS account credentials being used.
$oJsonArss.UpdateString("typeOtpAuth","demoprod")

$oJsonArss.UpdateString("user","YOUR_ARSS_USERNAME")
$oJsonArss.UpdateString("userPWD","YOUR_ARSS_PASSWORD")

; The "endpoint" can be specified starting in Chilkat v11.5.0
$oJsonArss.UpdateString("endpoint","https://app1.firma-remota.it/ArubaSignerService/webresources/signerservice")

$bSuccess = $oCert.SetCloudSigner($oJsonArss)

$oCrypt = ObjCreate("Chilkat.Crypt2")

$bSuccess = $oCrypt.SetSigningCert($oCert)
If ($bSuccess = False) Then
    ConsoleWrite($oCrypt.LastErrorText & @CRLF)
    Exit
EndIf

; The CadesEnabled property applies to all methods that create PKCS7 signatures. 
; To create a CAdES-BES signature, set this property equal to true.
$oCrypt.CadesEnabled = True

$oCrypt.HashAlgorithm = "sha256"

$oSignedAttrs = ObjCreate("Chilkat.JsonObject")
$oSignedAttrs.UpdateInt("contentType",1)
$oSignedAttrs.UpdateInt("signingTime",1)
$oSignedAttrs.UpdateInt("messageDigest",1)
$oSignedAttrs.UpdateInt("signingCertificateV2",1)
$oCrypt.SigningAttributes = $oSignedAttrs.Emit()

; You can sign any type of file..
Local $sInputXmlPath = "qa_data/e-Invoice.xml"
Local $sOutputP7mPath = "qa_output/signed.p7m"

; Create the CAdES-BES attached signature, which contains the original data.
; Chilkat will build the .p7m locally, but will (internally) use ARSS
; to do the RSA signing remotely.
$bSuccess = $oCrypt.CreateP7M($sInputXmlPath,$sOutputP7mPath)
If ($bSuccess = False) Then
    ConsoleWrite($oCrypt.LastErrorText & @CRLF)
    Exit
EndIf

ConsoleWrite("Success." & @CRLF)