(C) RSA SHA256 Signature using Private Key from Java Keystore

Signs plaintext using RSA SHA256 using a key from a Java keystore.

Duplicatest this code:

KeyStore keystore; // key repository for keys containing signature certificate
String alias; // alias for the certificate in the key repository
String password; // password for the certificate's private key
String plaintext; // text being signed


Signature signature = Signature.getInstance("SHA256withRSA");
signature.initSign((PrivateKey) keystore.getKey(alias, password.toCharArray()));
signature.update(plaintext.getBytes("UTF-8"));
byte[] rsa_text= signature.sign();

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkJavaKeyStore.h>
#include <C_CkPrivateKey.h>
#include <C_CkRsa.h>
#include <C_CkByteData.h>

void ChilkatSample(void)
    {
    HCkJavaKeyStore jks;
    const char *jksPassword;
    BOOL success;
    const char *privKeyPassword;
    BOOL caseSensitive;
    HCkPrivateKey privKey;
    HCkRsa rsa;
    HCkByteData binarySignature;
    const char *plaintext;
    const char *signatureStr;

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    jks = CkJavaKeyStore_Create();

    jksPassword = "secret";

    // Load the Java keystore from a file.  The JKS file password is used
    // to verify the keyed digest that is found at the very end of the keystore.
    // It verifies that the keystore has not been modified.
    success = CkJavaKeyStore_LoadFile(jks,jksPassword,"qa_data/jks/sample_secret.jks");
    if (success != TRUE) {
        printf("%s\n",CkJavaKeyStore_lastErrorText(jks));
        CkJavaKeyStore_Dispose(jks);
        return;
    }

    // Get the private key from the JKS.
    // The private key password may be different than the file password.
    privKeyPassword = "secret";
    caseSensitive = FALSE;
    privKey = CkJavaKeyStore_FindPrivateKey(jks,privKeyPassword,"some.alias",caseSensitive);
    if (CkJavaKeyStore_getLastMethodSuccess(jks) != TRUE) {
        printf("%s\n",CkJavaKeyStore_lastErrorText(jks));
        CkJavaKeyStore_Dispose(jks);
        return;
    }

    // Establish the RSA object and tell it to use the private key..
    rsa = CkRsa_Create();

    success = CkRsa_ImportPrivateKeyObj(rsa,privKey);
    CkPrivateKey_Dispose(privKey);
    if (success != TRUE) {
        printf("%s\n",CkRsa_lastErrorText(rsa));
        CkJavaKeyStore_Dispose(jks);
        CkRsa_Dispose(rsa);
        return;
    }

    // Indicate we'll be signing the utf-8 byte representation of the string..
    CkRsa_putCharset(rsa,"utf-8");

    // Sign some plaintext using RSA-SHA256
    binarySignature = CkByteData_Create();
    plaintext = "this is the text to be signed";
    success = CkRsa_SignString(rsa,plaintext,"SHA256",binarySignature);
    if (CkRsa_getLastMethodSuccess(rsa) != TRUE) {
        printf("%s\n",CkRsa_lastErrorText(rsa));
        CkJavaKeyStore_Dispose(jks);
        CkRsa_Dispose(rsa);
        CkByteData_Dispose(binarySignature);
        return;
    }

    // Alternatively, if the signature is desired in some encoded string form,
    // such as base64, base64-url, hex, etc.
    CkRsa_putEncodingMode(rsa,"base64-url");
    signatureStr = CkRsa_signStringENC(rsa,plaintext,"SHA256");
    printf("base64-url RSA signature: %s\n",signatureStr);


    CkJavaKeyStore_Dispose(jks);
    CkRsa_Dispose(rsa);
    CkByteData_Dispose(binarySignature);

    }