DataFlex
DataFlex
RSA Sign using a Private Key on a USB Token or Smartcard
See more Apple Keychain Examples
Create an RSA signature using a private key stored on a USB token or smartcard.Note: On MacOS and iOS, this example requires Chilkat v10.1.2 or later when the Apple Keychain is used as the underlying means to do the signing.
Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Variant vCert
Handle hoCert
Variant vBd
Handle hoBd
Integer i
Handle hoRsa
Variant vBdSig
Handle hoBdSig
String sTemp1
Integer iTemp1
Move False To iSuccess
// Assuming the smartcard/USB token is installed with the correct drivers from the manufacturer,
// this code can work on multiple platforms including Windows, MacOS, Linux, and iOS.
// Chilkat automatically detects and determines the way in which the HSM is used,
// which can be by PKCS11, Apple Keychain, Microsoft CNG / Crypto API, or ScMinidriver.
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
// Set the token/smartcard PIN prior to loading.
Set ComSmartCardPin Of hoCert To "123456"
// Specify the certificate by its common name.
Get ComLoadFromSmartcard Of hoCert "cn=chilkat-rsa-2048" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
Get ComSubjectCN Of hoCert To sTemp1
Showln "Signing with cert: " sTemp1
// Create data to be hashed and signed.
Get Create (RefClass(cComChilkatBinData)) To hoBd
If (Not(IsComObjectCreated(hoBd))) Begin
Send CreateComObject of hoBd
End
For i From 0 To 100
Get ComAppendEncoded Of hoBd "000102030405060708090A0B0C0D0E0F" "hex" To iSuccess
Loop
Get Create (RefClass(cComChilkatRsa)) To hoRsa
If (Not(IsComObjectCreated(hoRsa))) Begin
Send CreateComObject of hoRsa
End
// Use the certificate's private key for signing.
Get pvComObject of hoCert to vCert
Get ComSetX509Cert Of hoRsa vCert True To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoRsa To sTemp1
Showln sTemp1
Procedure_Return
End
// Sign the SHA-256 hash of the contents of bd.
Get Create (RefClass(cComChilkatBinData)) To hoBdSig
If (Not(IsComObjectCreated(hoBdSig))) Begin
Send CreateComObject of hoBdSig
End
Get pvComObject of hoBd to vBd
Get pvComObject of hoBdSig to vBdSig
Get ComSignBd Of hoRsa vBd "sha256" vBdSig To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoRsa To sTemp1
Showln sTemp1
Procedure_Return
End
// The RSA signature is equal in length to the size of the RSA key.
Get ComNumBytes Of hoBdSig To iTemp1
Showln "Output signature size in bits = " (iTemp1 * 8)
// We can save the signature for later verification..
Get ComWriteFile Of hoBdSig "rsaSignatures/test1.sig" To iSuccess
// See the example to verify the RSA signature:
// Verfies an RSA Signature
End_Procedure