DataFlex
DataFlex
Signing HTTP Messages
See more RSA Examples
Demonstrates how to sign HTTP messages per draft-cavage-http-signatures-10Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Boolean iBCrlf
Handle hoSbPublicKeyPem
Handle hoPubKey
Handle hoSbPrivateKeyPem
Variant vPrivKey
Handle hoPrivKey
Handle hoDtNow
String sDateStr
Handle hoRsa
Handle hoSbStringToSign
String sB64Signature
String sTemp1
Move False To iSuccess
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Move True To iBCrlf
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbPublicKeyPem
If (Not(IsComObjectCreated(hoSbPublicKeyPem))) Begin
Send CreateComObject of hoSbPublicKeyPem
End
Get ComAppendLine Of hoSbPublicKeyPem "-----BEGIN PUBLIC KEY-----" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPublicKeyPem "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPublicKeyPem "6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPublicKeyPem "Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPublicKeyPem "oYi+1hqp1fIekaxsyQIDAQAB" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPublicKeyPem "-----END PUBLIC KEY-----" iBCrlf To iSuccess
Get Create (RefClass(cComChilkatPublicKey)) To hoPubKey
If (Not(IsComObjectCreated(hoPubKey))) Begin
Send CreateComObject of hoPubKey
End
Get ComGetAsString Of hoSbPublicKeyPem To sTemp1
Get ComLoadFromString Of hoPubKey sTemp1 To iSuccess
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbPrivateKeyPem
If (Not(IsComObjectCreated(hoSbPrivateKeyPem))) Begin
Send CreateComObject of hoSbPrivateKeyPem
End
Get ComAppendLine Of hoSbPrivateKeyPem "-----BEGIN RSA PRIVATE KEY-----" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==" iBCrlf To iSuccess
Get ComAppendLine Of hoSbPrivateKeyPem "-----END RSA PRIVATE KEY-----" iBCrlf To iSuccess
Get Create (RefClass(cComChilkatPrivateKey)) To hoPrivKey
If (Not(IsComObjectCreated(hoPrivKey))) Begin
Send CreateComObject of hoPrivKey
End
Get ComGetAsString Of hoSbPrivateKeyPem To sTemp1
Get ComLoadPem Of hoPrivKey sTemp1 To iSuccess
// All examples use this request:
//
// POST /foo?param=value&pet=dog HTTP/1.1
// Host: example.com
// Date: Sun, 05 Jan 2014 21:31:40 GMT
// Content-Type: application/json
// Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
// Content-Length: 18
//
// {"hello": "world"}
// C.1. Default Test
//
// If a list of headers is not included, the date is the only header
// that is signed by default. The string to sign would be:
//
// date: Sun, 05 Jan 2014 21:31:40 GMT
//
// The Authorization header would be:
//
// Authorization: Signature keyId="Test",algorithm="rsa-sha256",
// signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
// 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
// 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
//
// The Signature header would be:
//
// Signature: keyId="Test",algorithm="rsa-sha256",
// signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
// 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
// 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
//
Get Create (RefClass(cComCkDateTime)) To hoDtNow
If (Not(IsComObjectCreated(hoDtNow))) Begin
Send CreateComObject of hoDtNow
End
Get ComSetFromCurrentSystemTime Of hoDtNow To iSuccess
Get ComGetAsRfc822 Of hoDtNow False To sDateStr
// To duplicate the above result, we'll hard-code the date string.
Move "Sun, 05 Jan 2014 21:31:40 GMT" To sDateStr
Get Create (RefClass(cComChilkatRsa)) To hoRsa
If (Not(IsComObjectCreated(hoRsa))) Begin
Send CreateComObject of hoRsa
End
Get pvComObject of hoPrivKey to vPrivKey
Get ComUsePrivateKey Of hoRsa vPrivKey To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoRsa To sTemp1
Showln sTemp1
Procedure_Return
End
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbStringToSign
If (Not(IsComObjectCreated(hoSbStringToSign))) Begin
Send CreateComObject of hoSbStringToSign
End
Get ComAppend Of hoSbStringToSign "date: " To iSuccess
Get ComAppend Of hoSbStringToSign sDateStr To iSuccess
Set ComEncodingMode Of hoRsa To "base64"
Get ComGetAsString Of hoSbStringToSign To sTemp1
Get ComSignStringENC Of hoRsa sTemp1 "SHA256" To sB64Signature
Showln sB64Signature
Showln "---------------------------"
// The result should be:
// SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM=
// ----------------------------------------------------------------------------------------------------
// C.2. Basic Test
//
// The minimum recommended data to sign is the (request-target), host,
// and date. In this case, the string to sign would be:
//
// (request-target): post /foo?param=value&pet=dog
// host: example.com
// date: Sun, 05 Jan 2014 21:31:40 GMT
//
// The Authorization header would be:
//
// Authorization: Signature keyId="Test",algorithm="rsa-sha256",
// headers="(request-target) host date", signature="qdx+H7PHHDZgy4
// y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn
// 7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs
// kLu6kd9Fswtemr3lgdDEmn04swr2Os0="
Send ComClear To hoSbStringToSign
Get ComAppend Of hoSbStringToSign "(request-target): " To iSuccess
Get ComAppendLine Of hoSbStringToSign "post /foo?param=value&pet=dog" False To iSuccess
Get ComAppend Of hoSbStringToSign "host: " To iSuccess
Get ComAppendLine Of hoSbStringToSign "example.com" False To iSuccess
Get ComAppend Of hoSbStringToSign "date: " To iSuccess
Get ComAppend Of hoSbStringToSign sDateStr To iSuccess
Showln "StringToSign:"
Get ComGetAsString Of hoSbStringToSign To sTemp1
Showln sTemp1
Get ComGetAsString Of hoSbStringToSign To sTemp1
Get ComSignStringENC Of hoRsa sTemp1 "SHA256" To sB64Signature
Showln sB64Signature
Showln "---------------------------"
// The result should be:
// qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0=
End_Procedure