(Visual FoxPro) DSA Signature Create and Verify

Shows how to create a DSA (DSS) signature for the contents of a file. The first step is to create an SHA-1 hash of the file contents. The hash is signed using the Digital Signature Algorithm and the signature bytes are retrieved as a hex-encoded string.

The 2nd part of the example loads the signature and verifies it against the hash.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

LOCAL loCrypt
LOCAL lcHashStr
LOCAL loDsa
LOCAL lcPemPrivateKey
LOCAL lnSuccess
LOCAL lcHexSig
LOCAL loDsa2
LOCAL lcPemPublicKey

* This example requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Crypt2')
loCrypt = CreateObject('Chilkat.Crypt2')

loCrypt.EncodingMode = "hex"
loCrypt.HashAlgorithm = "sha-1"

* Return the SHA-1 hash of a file.  The file may be any size.
* The Chilkat Crypt component will stream the file when 
* computing the hash, keeping the memory usage constant
* and reasonable.
* The 20-byte SHA-1 hash is returned as a hex-encoded string.
lcHashStr = loCrypt.HashFileENC("hamlet.xml")

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Dsa')
loDsa = CreateObject('Chilkat.Dsa')

* Load a DSA private key from a PEM file.  Chilkat DSA
* provides the ability to load and save DSA public and private
* keys from encrypted or non-encrypted PEM or DER.
* The LoadText method is for convenience only.  You may
* use any means to load the contents of a PEM file into
* a string.

lcPemPrivateKey = loDsa.LoadText("dsa_priv.pem")
lnSuccess = loDsa.FromPem(lcPemPrivateKey)
IF (lnSuccess <> 1) THEN
    ? loDsa.LastErrorText
    RELEASE loCrypt
    RELEASE loDsa
    CANCEL
ENDIF

* You may optionally verify the key to ensure that it is a valid
* DSA key.
lnSuccess = loDsa.VerifyKey()
IF (lnSuccess <> 1) THEN
    ? loDsa.LastErrorText
    RELEASE loCrypt
    RELEASE loDsa
    CANCEL
ENDIF

* Load the hash to be signed into the DSA object:
lnSuccess = loDsa.SetEncodedHash("hex",lcHashStr)
IF (lnSuccess <> 1) THEN
    ? loDsa.LastErrorText
    RELEASE loCrypt
    RELEASE loDsa
    CANCEL
ENDIF

* Now that the DSA object contains both the private key and hash,
* it is ready to create the signature:
lnSuccess = loDsa.SignHash()
IF (lnSuccess <> 1) THEN
    ? loDsa.LastErrorText
    RELEASE loCrypt
    RELEASE loDsa
    CANCEL
ENDIF

* If SignHash is successful, the DSA object contains the
* signature.  It may be accessed as a hex or base64 encoded
* string.  (It is also possible to access directly in byte array form via
* the "Signature" property.)
lcHexSig = loDsa.GetEncodedSignature("hex")
? "Signature:"
? lcHexSig

* -----------------------------------------------------------
* Step 2: Verify the DSA Signature
* -----------------------------------------------------------

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Dsa')
loDsa2 = CreateObject('Chilkat.Dsa')

* Load the DSA public key to be used for verification:

lcPemPublicKey = loDsa2.LoadText("dsa_pub.pem")
lnSuccess = loDsa2.FromPublicPem(lcPemPublicKey)
IF (lnSuccess <> 1) THEN
    ? loDsa2.LastErrorText
    RELEASE loCrypt
    RELEASE loDsa
    RELEASE loDsa2
    CANCEL
ENDIF

* Load the hash to be verified against the signature.
lnSuccess = loDsa2.SetEncodedHash("hex",lcHashStr)
IF (lnSuccess <> 1) THEN
    ? loDsa2.LastErrorText
    RELEASE loCrypt
    RELEASE loDsa
    RELEASE loDsa2
    CANCEL
ENDIF

* Load the signature:
lnSuccess = loDsa2.SetEncodedSignature("hex",lcHexSig)
IF (lnSuccess <> 1) THEN
    ? loDsa2.LastErrorText
    RELEASE loCrypt
    RELEASE loDsa
    RELEASE loDsa2
    CANCEL
ENDIF

* Verify:
lnSuccess = loDsa2.Verify()
IF (lnSuccess <> 1) THEN
    ? loDsa2.LastErrorText
ELSE
    ? "DSA Signature Verified!"
ENDIF

RELEASE loCrypt
RELEASE loDsa
RELEASE loDsa2