AutoIt
AutoIt
Sign String to create a CAdES-T Signature
See more CAdES Examples
This example will sign a string to create a CAdEST-T signature.Note: This example requires Chilkat v9.5.0.78 or greater.
Chilkat AutoIt Downloads
Local $bSuccess = False
; This example requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
$oCrypt = ObjCreate("Chilkat.Crypt2")
; This example will use the certificate + private key currently inserted into a smartcard reader.
$oCert = ObjCreate("Chilkat.Cert")
; If we wish to provide the smartcard PIN (otherwise the user will be prompted by the operating system).
$oCert.SmartCardPin = "000000"
$bSuccess = $oCert.LoadFromSmartcard("")
If ($bSuccess <> True) Then
ConsoleWrite($oCert.LastErrorText & @CRLF)
Exit
EndIf
; Note: It is also possible to use certs from .pfx/.p12, .pem, or other sources such as
; pre-installed Windows certificates.
$bSuccess = $oCrypt.SetSigningCert($oCert)
; Use SHA-256 rather than the default of SHA-1
$oCrypt.HashAlgorithm = "sha256"
; Create JSON that tells Chilkat what signing attributes to include:
$oAttrs = ObjCreate("Chilkat.JsonObject")
$oAttrs.UpdateBool("contentType",True)
$oAttrs.UpdateBool("signingTime",True)
$oAttrs.UpdateBool("messageDigest",True)
$oAttrs.UpdateBool("signingCertificateV2",True)
; A CAdES-T signature is one that includes a timestampToken created by an online TSA (time stamping authority).
; We must include the TSA's URL, as well as a few options to indicate what is desired.
; Except for the TSA URL, the options shown here are typically what you would need.
$oAttrs.UpdateBool("timestampToken.enabled",True)
$oAttrs.UpdateString("timestampToken.tsaUrl","https://freetsa.org/tsr")
$oAttrs.UpdateBool("timestampToken.addNonce",False)
$oAttrs.UpdateBool("timestampToken.requestTsaCert",True)
$oAttrs.UpdateString("timestampToken.hashAlg","sha256")
$oCrypt.SigningAttributes = $oAttrs.Emit()
Local $strToSign = "THIS IS MY ID"
$oBd = ObjCreate("Chilkat.BinData")
$oBd.AppendString($strToSign,"utf-8")
; This creates the CAdES-T signature. During the signature creation, it
; communicates with the TSA to get a timestampToken.
; The contents of bd are signed and replaced with the CAdES-T signature (which embeds the original content).
$bSuccess = $oCrypt.OpaqueSignBd($oBd)
If ($bSuccess <> True) Then
ConsoleWrite($oCrypt.LastErrorText & @CRLF)
Exit
EndIf
; Get the signature in base64 format:
ConsoleWrite($oBd.GetEncoded("base64_mime") & @CRLF)
; Or save the signature to a file.
$oBd.WriteFile("qa_output/cades-t_sample.p7m")
ConsoleWrite("Success." & @CRLF)