Sample code for 30+ languages & platforms
Delphi ActiveX

RSA Sign with PKCS8 Encrypted Key

See more RSA Examples

Demonstrates how to load a private key from an encrypted PKCS8 file and create an RSA digital signature (and then verify it).

Chilkat Delphi ActiveX Downloads

Delphi ActiveX
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
privKey: TPrivateKey;
rsa: TChilkatRsa;
strData: WideString;
hexSig: WideString;
cert: TChilkatCert;
pubKey: TPublicKey;
rsa2: TChilkatRsa;

begin
success := 0;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

privKey := TPrivateKey.Create(Self);

// Load the private key from an RSA PEM file:
success := privKey.LoadAnyFormatFile('raul_privateKey.key','a0123456789');
if (success = 0) then
  begin
    Memo1.Lines.Add(privKey.LastErrorText);
    Exit;
  end;

rsa := TChilkatRsa.Create(Self);

// Import the private key into the RSA component:
success := rsa.UsePrivateKey(privKey.ControlInterface);
if (success = 0) then
  begin
    Memo1.Lines.Add(rsa.LastErrorText);
    Exit;
  end;

// This example will sign a string, and receive the signature
// in a hex-encoded string.  Therefore, set the encoding mode
// to "hex":
rsa.EncodingMode := 'hex';

strData := 'This is the string to be signed.';

// Sign the string using the sha256 hash algorithm.
// Other valid choices are sha1, sha384, sha512 and others.
hexSig := rsa.SignStringENC(strData,'sha256');
if (rsa.LastMethodSuccess = 0) then
  begin
    Memo1.Lines.Add(rsa.LastErrorText);
    Exit;
  end;

Memo1.Lines.Add(hexSig);

// Now verify with the public key.
// This example shows how to use the public key from 
// a digital certificate (.cer file)
cert := TChilkatCert.Create(Self);
success := cert.LoadFromFile('raul_publicKey.cer');
if (success = 0) then
  begin
    Memo1.Lines.Add(cert.LastErrorText);
    Exit;
  end;

pubKey := TPublicKey.Create(Self);
cert.GetPublicKey(pubKey.ControlInterface);

rsa2 := TChilkatRsa.Create(Self);
success := rsa2.UsePublicKey(pubKey.ControlInterface);
if (success = 0) then
  begin
    Memo1.Lines.Add(rsa2.LastErrorText);
    Exit;
  end;

// Verify the signature against the original data:
rsa2.EncodingMode := 'hex';
success := rsa2.VerifyStringENC(strData,'sha256',hexSig);
if (success = 0) then
  begin
    Memo1.Lines.Add(rsa2.LastErrorText);
    Exit;
  end;

Memo1.Lines.Add('Signature verified!');

// Verify with incorrect data:
success := rsa2.VerifyStringENC('something else','sha256',hexSig);
if (success <> 1) then
  begin
    Memo1.Lines.Add('Signature not verified! (which was expected in this case)');
  end
else
  begin
    Memo1.Lines.Add('Hmmm... that''s not right...');
  end;
end;