AutoIt
AutoIt
Create CAdES (p7m) Signature using ARSS (Aruba Remote Signing Service)
See more Signing in the Cloud Examples
Demonstrates creating a CAdES (p7m) signature using the Aruba Remote Signing Service.Chilkat AutoIt Downloads
Local $bSuccess = False
; This example assumes the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
; Load the certificate used for signing. The certificate's private key is stored on
; the Aruba.it server and the signing will happen remotely using the
; ARSS (Aruba Remote Signing Service).
; However, we still need the certificate locally (without private key).
$oCert = ObjCreate("Chilkat.Cert")
$bSuccess = $oCert.LoadFromFile("qa_data/certs/myCert.cer")
If ($bSuccess = False) Then
ConsoleWrite($oCert.LastErrorText & @CRLF)
Exit
EndIf
; To sign using the Aruba Remote Signing Service,
; add the following lines of code to specify your authentication credentials,
; and the ID of the certificate w/ private key on the server to be used.
$oJsonArss = ObjCreate("Chilkat.JsonObject")
; Set the "service" equal to "ARSS" to tell Chilkat to use ARSS for signing.
$oJsonArss.UpdateString("service","ARSS")
; Specify the certificate ID, such as "AS0"
; This certificate should match the certificate loaded in the above code.
$oJsonArss.UpdateString("certID","YOUR_ARSS_CERT_ID")
$oJsonArss.UpdateString("otpPwd","YOUR_OTP_PWD")
; Specifies the OTP authentication environment.
;
; Common values are:
; "demoprod" - Demo/Test environment
; "prod" - Production environment
;
; This value is sent to the ARSS service and determines how the OTP
; authentication is validated. The correct value depends on the type
; of Aruba account and environment that has been provisioned.
;
; If signing fails with an authentication-related error, verify that
; the typeOtpAuth value matches the environment associated with the
; ARSS account credentials being used.
$oJsonArss.UpdateString("typeOtpAuth","demoprod")
$oJsonArss.UpdateString("user","YOUR_ARSS_USERNAME")
$oJsonArss.UpdateString("userPWD","YOUR_ARSS_PASSWORD")
; The "endpoint" can be specified starting in Chilkat v11.5.0
$oJsonArss.UpdateString("endpoint","https://app1.firma-remota.it/ArubaSignerService/webresources/signerservice")
$bSuccess = $oCert.SetCloudSigner($oJsonArss)
$oCrypt = ObjCreate("Chilkat.Crypt2")
$bSuccess = $oCrypt.SetSigningCert($oCert)
If ($bSuccess = False) Then
ConsoleWrite($oCrypt.LastErrorText & @CRLF)
Exit
EndIf
; The CadesEnabled property applies to all methods that create PKCS7 signatures.
; To create a CAdES-BES signature, set this property equal to true.
$oCrypt.CadesEnabled = True
$oCrypt.HashAlgorithm = "sha256"
$oSignedAttrs = ObjCreate("Chilkat.JsonObject")
$oSignedAttrs.UpdateInt("contentType",1)
$oSignedAttrs.UpdateInt("signingTime",1)
$oSignedAttrs.UpdateInt("messageDigest",1)
$oSignedAttrs.UpdateInt("signingCertificateV2",1)
$oCrypt.SigningAttributes = $oSignedAttrs.Emit()
; You can sign any type of file..
Local $sInputXmlPath = "qa_data/e-Invoice.xml"
Local $sOutputP7mPath = "qa_output/signed.p7m"
; Create the CAdES-BES attached signature, which contains the original data.
; Chilkat will build the .p7m locally, but will (internally) use ARSS
; to do the RSA signing remotely.
$bSuccess = $oCrypt.CreateP7M($sInputXmlPath,$sOutputP7mPath)
If ($bSuccess = False) Then
ConsoleWrite($oCrypt.LastErrorText & @CRLF)
Exit
EndIf
ConsoleWrite("Success." & @CRLF)