DataFlex
DataFlex
SSH HSM Public Key Authentication
See more uncategorized Examples
Demonstrates how to authenticate with an SSH server using public key authentication using an HSM (USB token or smartcard).Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Variant vPkcs11
Handle hoPkcs11
String sPin
Integer iUserType
Variant vJson
Handle hoJson
UInteger iPriv_handle
UInteger iPub_handle
Variant vKey
Handle hoKey
String sKeyType
Handle hoSsh
String sTemp1
Move False To iSuccess
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Note: Chilkat's PKCS11 implementation runs on Windows, Linux, MacOs, and other supported operating systems.
Get Create (RefClass(cComChilkatPkcs11)) To hoPkcs11
If (Not(IsComObjectCreated(hoPkcs11))) Begin
Send CreateComObject of hoPkcs11
End
// This would be a path to a .dylib on MacOS, or a path to a .so shared lib on Linux.
Set ComSharedLibPath Of hoPkcs11 To "C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll"
Move "0000" To sPin
Move 1 To iUserType
// Establish a PKCS11 logged-on session using the driver (.so, .dylib, or .dll) as specified in the SharedLibPath above.
Get ComQuickSession Of hoPkcs11 iUserType sPin To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoPkcs11 To sTemp1
Showln sTemp1
Procedure_Return
End
// Set PKCS11 attributes to find our desired private key object.
Get Create (RefClass(cComChilkatJsonObject)) To hoJson
If (Not(IsComObjectCreated(hoJson))) Begin
Send CreateComObject of hoJson
End
Get ComUpdateString Of hoJson "class" "private_key" To iSuccess
Get ComUpdateString Of hoJson "label" "MySshKey" To iSuccess
// Get the PKCS11 handle to the private key located on the HSM.
Get pvComObject of hoJson to vJson
Get ComFindObject Of hoPkcs11 vJson To iPriv_handle
// Get the PKCS11 handle to the corresponding public key located on the HSM.
Get ComUpdateString Of hoJson "class" "public_key" To iSuccess
Get pvComObject of hoJson to vJson
Get ComFindObject Of hoPkcs11 vJson To iPub_handle
Get Create (RefClass(cComChilkatSshKey)) To hoKey
If (Not(IsComObjectCreated(hoKey))) Begin
Send CreateComObject of hoKey
End
// The key type can be "rsa" or "ec"
Move "rsa" To sKeyType
Get pvComObject of hoPkcs11 to vPkcs11
Get ComUsePkcs11 Of hoKey vPkcs11 iPriv_handle iPub_handle sKeyType To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoKey To sTemp1
Showln sTemp1
Procedure_Return
End
Get Create (RefClass(cComChilkatSsh)) To hoSsh
If (Not(IsComObjectCreated(hoSsh))) Begin
Send CreateComObject of hoSsh
End
Get ComConnect Of hoSsh "example.com" 22 To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoSsh To sTemp1
Showln sTemp1
Procedure_Return
End
// Authenticate with the SSH server using the login and
// HSM private key. (The corresponding public key should've
// been installed on the SSH server beforehand.)
Get pvComObject of hoKey to vKey
Get ComAuthenticatePk Of hoSsh "myLogin" vKey To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoSsh To sTemp1
Showln sTemp1
Procedure_Return
End
Showln "Public-Key Authentication Successful!"
End_Procedure