Sample code for 30+ languages & platforms
AutoIt

RSA Sign using a Private Key on a USB Token or Smartcard

See more Apple Keychain Examples

Create an RSA signature using a private key stored on a USB token or smartcard.

Note: On MacOS and iOS, this example requires Chilkat v10.1.2 or later when the Apple Keychain is used as the underlying means to do the signing.

Chilkat AutoIt Downloads

AutoIt
Local $bSuccess = False

; Assuming the smartcard/USB token is installed with the correct drivers from the manufacturer,
; this code can work on multiple platforms including Windows, MacOS, Linux, and iOS.

; Chilkat automatically detects and determines the way in which the HSM is used,
; which can be by PKCS11, Apple Keychain, Microsoft CNG / Crypto API, or ScMinidriver.

$oCert = ObjCreate("Chilkat.Cert")

; Set the token/smartcard PIN prior to loading.
$oCert.SmartCardPin = "123456"

; Specify the certificate by its common name.
$bSuccess = $oCert.LoadFromSmartcard("cn=chilkat-rsa-2048")
If ($bSuccess = False) Then
    ConsoleWrite($oCert.LastErrorText & @CRLF)
    Exit
EndIf

ConsoleWrite("Signing with cert: " & $oCert.SubjectCN & @CRLF)

; Create data to be hashed and signed.
$oBd = ObjCreate("Chilkat.BinData")
Local $i
For $i = 0 To 100
    $oBd.AppendEncoded("000102030405060708090A0B0C0D0E0F","hex")
Next

$oRsa = ObjCreate("Chilkat.Rsa")

; Use the certificate's private key for signing.
$bSuccess = $oRsa.SetX509Cert($oCert,True)
If ($bSuccess = False) Then
    ConsoleWrite($oRsa.LastErrorText & @CRLF)
    Exit
EndIf

; Sign the SHA-256 hash of the contents of bd.
$oBdSig = ObjCreate("Chilkat.BinData")
$bSuccess = $oRsa.SignBd($oBd,"sha256",$oBdSig)
If ($bSuccess = False) Then
    ConsoleWrite($oRsa.LastErrorText & @CRLF)
    Exit
EndIf

; The RSA signature is equal in length to the size of the RSA key.
ConsoleWrite("Output signature size in bits = " & ($oBdSig.NumBytes * 8) & @CRLF)

; We can save the signature for later verification..
$oBdSig.WriteFile("rsaSignatures/test1.sig")

; See the example to verify the RSA signature:
; Verfies an RSA Signature