Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Delphi ActiveX) Authenticode Sign using Smartcard or USB TokenSee more Code Signing ExamplesDemonstrates how to Authenticode sign an EXE or DLL using a smartcard or USB token, such as a Yubikey. Note: Chilkat's code signing class was added in v9.5.0.97
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB; ... procedure TForm1.Button1Click(Sender: TObject); var success: Integer; json: TChilkatJsonObject; cert: TChilkatCert; exePath: WideString; signer: TChilkatCodeSign; begin // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // First create the following JSON to specify that SHA256 is to be used, // and provide timestamp server information. // { // "hashAlg": "sha256", // "timestampToken": { // "enabled": true, // "tsaUrl": "http://timestamp.digicert.com", // "requestTsaCert": true, // "hashAlg": "sha256" // } // } json := TChilkatJsonObject.Create(Self); json.UpdateString('hashAlg','sha256'); json.UpdateBool('timestampToken.enabled',1); json.UpdateString('timestampToken.tsaUrl','http://timestamp.digicert.com'); json.UpdateBool('timestampToken.requestTsaCert',1); json.UpdateString('timestampToken.hashAlg','sha256'); // The only difference in signing with a smartcard or USB token // is that the cert is loaded from a smartcard or USB token, instead of a PFX or from elsewhere // such as from the Windows certificate store. cert := TChilkatCert.Create(Self); // Yubico YubiKey OTP+FIDO+CCID 0, default PIN = 123456 cert.SmartCardPin := '123456'; // Assuming you have the Yubikey inserted into the USB on the computer... // and there is only 1 signing certificate on the Yubikey, then just load from // the "smartcard". (assuming you don't have additional smartcards or USB tokens plugged in) success := cert.LoadFromSmartcard(''); if (success = 0) then begin Memo1.Lines.Add(cert.LastErrorText); Exit; end; // If the smartcard/token has several possible certificates that can be used for signing, // then see the online documentation for the LoadFromSmartcard method, // and also see the online documentation and examples for Chilkat Pkcs11 and ScMinidriver. // There are many possible ways to load a Chilkat certificate object with a cert (and associated private key) // from a variety of sources. The only coding difference for any signing function in Chilkat, // whether it be a PDF, XmlDSig, CMS, etc. is in how the cert is loaded. // You can sign .exe or .dll files. exePath := 'C:/someOtherDir/HelloWorld.exe'; signer := TChilkatCodeSign.Create(Self); // If successful, the following call will apply the signature to the EXE (or DLL). success := signer.AddSignature(exePath,cert.ControlInterface,json.ControlInterface); if (success = 0) then begin Memo1.Lines.Add(signer.LastErrorText); Exit; end; Memo1.Lines.Add('Successfully applied the Authenticode signature.'); end; |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.