|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(DataFlex) ECDSA Sign and VerifyDemonstrates how to create an ECDSA signature on the SHA256 hash of some data, and then verify.
Use ChilkatAx-win32.pkg Procedure Test Variant vPrivKey Handle hoPrivKey Boolean iSuccess Variant vBd Handle hoBd Handle hoCrypt String sHashStr Handle hoEcdsa Variant vPrng Handle hoPrng String sSig Handle hoAsn Handle hoXml String r String s Variant vPubKey Handle hoPubKey Handle hoEcc2 Integer iResult Handle hoXml2 2 Handle hoAsn2 String sEncodedSig String sTemp1 // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // First load an ECDSA private key to be used for signing. Get Create (RefClass(cComChilkatPrivateKey)) To hoPrivKey If (Not(IsComObjectCreated(hoPrivKey))) Begin Send CreateComObject of hoPrivKey End Get ComLoadEncryptedPemFile Of hoPrivKey "qa_data/ecc/secp256r1-key-pkcs8-secret.pem" "secret" To iSuccess If (iSuccess = False) Begin Get ComLastErrorText Of hoPrivKey To sTemp1 Showln sTemp1 Procedure_Return End // Sign the SHA256 hash of some data. Get Create (RefClass(cComChilkatBinData)) To hoBd If (Not(IsComObjectCreated(hoBd))) Begin Send CreateComObject of hoBd End Get ComLoadFile Of hoBd "qa_data/hamlet.xml" To iSuccess If (iSuccess = False) Begin Showln "Failed to load file to be hashed." Procedure_Return End Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt If (Not(IsComObjectCreated(hoCrypt))) Begin Send CreateComObject of hoCrypt End Set ComHashAlgorithm Of hoCrypt To "sha256" Set ComEncodingMode Of hoCrypt To "base64" Get pvComObject of hoBd to vBd Get ComHashBdENC Of hoCrypt vBd To sHashStr Get Create (RefClass(cComChilkatEcc)) To hoEcdsa If (Not(IsComObjectCreated(hoEcdsa))) Begin Send CreateComObject of hoEcdsa End Get Create (RefClass(cComChilkatPrng)) To hoPrng If (Not(IsComObjectCreated(hoPrng))) Begin Send CreateComObject of hoPrng End // Returns ASN.1 signature as a base64 string. Get pvComObject of hoPrivKey to vPrivKey Get pvComObject of hoPrng to vPrng Get ComSignHashENC Of hoEcdsa sHashStr "base64" vPrivKey vPrng To sSig Showln "sig = " sSig // The signature is in ASN.1 format (which may be described as the "encoded DSS signature"). // SEQUENCE (2 elem) // INTEGER (255 bit) 4849395540832462044300553275435608522154141569743642905628579547100940... // INTEGER (255 bit) 3680701124244788134409868118208591399799457104230118295614152238560005... // If you wish, you can get the r and s components of the signature like this: Get Create (RefClass(cComChilkatAsn)) To hoAsn If (Not(IsComObjectCreated(hoAsn))) Begin Send CreateComObject of hoAsn End Get ComLoadEncoded Of hoAsn sSig "base64" To iSuccess Get Create (RefClass(cComChilkatXml)) To hoXml If (Not(IsComObjectCreated(hoXml))) Begin Send CreateComObject of hoXml End Get ComAsnToXml Of hoAsn To sTemp1 Get ComLoadXml Of hoXml sTemp1 To iSuccess Get ComGetXml Of hoXml To sTemp1 Showln sTemp1 // We now have this: // <?xml version="1.0" encoding="utf-8"?> // <sequence> // <int>6650D422D86BA4A228B5617604E59052591B9B2C32EF324C44D09EF67E5F0060</int> // <int>0CFD9F6AC85042FC70F672C141BA6B2A4CAFBB906C3D907BCCC1BED62B28326F</int> // </sequence> // Get the "r" and "s" as hex strings Get ComGetChildContentByIndex Of hoXml 0 To r Get ComGetChildContentByIndex Of hoXml 1 To s Showln "r = " r Showln "s = " s // -------------------------------------------------------------------- // Now verify against the hash of the original data. // Get the corresponding public key. Get Create (RefClass(cComChilkatPublicKey)) To hoPubKey If (Not(IsComObjectCreated(hoPubKey))) Begin Send CreateComObject of hoPubKey End Get ComLoadFromFile Of hoPubKey "qa_data/ecc/secp256r1-pub.pem" To iSuccess If (iSuccess = False) Begin Get ComLastErrorText Of hoPubKey To sTemp1 Showln sTemp1 Procedure_Return End // We already have the SHA256 hash of the original data (hashStr) so no need to re-do it.. Get Create (RefClass(cComChilkatEcc)) To hoEcc2 If (Not(IsComObjectCreated(hoEcc2))) Begin Send CreateComObject of hoEcc2 End Get pvComObject of hoPubKey to vPubKey Get ComVerifyHashENC Of hoEcc2 sHashStr sSig "base64" vPubKey To iResult If (iResult <> 1) Begin Get ComLastErrorText Of hoEcc2 To sTemp1 Showln sTemp1 Procedure_Return End Showln "Verified!" // Note: If we have only r,s and wish to reconstruct the ASN.1 signature, we do it like this: Get Create (RefClass(cComChilkatXml)) To hoXml2 If (Not(IsComObjectCreated(hoXml2))) Begin Send CreateComObject of hoXml2 End Set ComTag Of hoXml2 To "sequence" Send ComNewChild2 To hoXml2 "int" r Send ComNewChild2 To hoXml2 "int" s Get Create (RefClass(cComChilkatAsn)) To hoAsn2 If (Not(IsComObjectCreated(hoAsn2))) Begin Send CreateComObject of hoAsn2 End Get ComGetXml Of hoXml2 To sTemp1 Get ComLoadAsnXml Of hoAsn2 sTemp1 To iSuccess Get ComGetEncodedDer Of hoAsn2 "base64" To sEncodedSig Showln "encoded DSS signature: " sEncodedSig // You can go to https://lapo.it/asn1js/ and copy/paste the base64 encodedSig into the online tool, then press the "decode" button. // You will see the ASN.1 such as this: // SEQUENCE (2 elem) // INTEGER (255 bit) 4849395540832462044300553275435608522154141569743642905628579547100940... // INTEGER (255 bit) 3680701124244788134409868118208591399799457104230118295614152238560005... End_Procedure |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.