|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Visual FoxPro) (PKCS11) Use a Smart Card Certificate + Private Key for SSL/TLS AuthenticationSee more ScMinidriver ExamplesDemonstrates how to use a certificate + private key located on a smart card for the TLS client certificate in an HTTPS request.
LOCAL loPkcs11 LOCAL lnSuccess LOCAL lnSlotID LOCAL lnReadWrite LOCAL lnUserType LOCAL lcPin LOCAL loCert LOCAL loHttp LOCAL lcResponseBody * This example requires the Chilkat API to have been previously unlocked. * See Global Unlock Sample for sample code. * Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems. * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Pkcs11') loPkcs11 = CreateObject('Chilkat.Pkcs11') * Set your shared lib path -- either a full path to the DLL, .so, or .dylib, * or just the filename if the driver is in a location that can be automatically found. (Such as in C:\Windows\System32) loPkcs11.SharedLibPath = "C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll" lnSuccess = loPkcs11.Initialize() IF (lnSuccess = 0) THEN ? loPkcs11.LastErrorText RELEASE loPkcs11 CANCEL ENDIF * Pass -1 for the slotID to open a session on the first non-empty slot. lnSlotID = -1 * Open a session. lnReadWrite = 1 lnSuccess = loPkcs11.OpenSession(lnSlotID,lnReadWrite) IF (lnSuccess = 0) THEN ? loPkcs11.LastErrorText RELEASE loPkcs11 CANCEL ENDIF * Make it an authenticated session by calling Login. * * If we don't authenticate, then we won't be able to see the private keys, and thus * we won't know which certificates have an associated private key stored on the smart card. * The smart card PIN is passed to the Login method. * userType 1 indicates a "Normal User". lnUserType = 1 lcPin = "0000" lnSuccess = loPkcs11.Login(lnUserType,lcPin) IF (lnSuccess = 0) THEN ? loPkcs11.LastErrorText lnSuccess = loPkcs11.CloseSession() RELEASE loPkcs11 CANCEL ENDIF * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Cert') loCert = CreateObject('Chilkat.Cert') * Find a certificate by the Subject Common Name lnSuccess = loPkcs11.FindCert("subjectCN","BadSSL Client Certificate",loCert) IF (lnSuccess = 1) THEN ? "Found: " + loCert.SubjectCN ELSE ? "Not found: " + loCert.SubjectCN lnSuccess = loPkcs11.CloseSession() RELEASE loPkcs11 RELEASE loCert CANCEL ENDIF ? "Successfully loaded the cert object from the smart card / USB token." * Note: When successful, the cert object is internally linked to the Pkcs11 object's authenticated session. * The cert object can now be used to sign or do other cryptographic operations that occur on the smart card / USB token. * ------------------------------------------------------------------------------------------------------------ * Send an HTTPS request to https://client.badssl.com * https://client.badssl.com (part of the badssl.com service) lets you test authentication using client SSL certificates. * The client certificate can be downloaded from https://badssl.com/download/. * This server returns 200 OK if the correct client certificate is provided, and 400 Bad Request otherwise. * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Http') loHttp = CreateObject('Chilkat.Http') * Provide the client certificate (linked internally to our authenticated smartcard session) lnSuccess = loHttp.SetSslClientCert(loCert) IF (lnSuccess = 0) THEN ? loHttp.LastErrorText lnSuccess = loPkcs11.CloseSession() RELEASE loPkcs11 RELEASE loCert RELEASE loHttp CANCEL ENDIF lcResponseBody = loHttp.QuickGetStr("https://client.badssl.com/") IF (loHttp.LastMethodSuccess = 0) THEN ? loHttp.LastErrorText lnSuccess = loPkcs11.CloseSession() RELEASE loPkcs11 RELEASE loCert RELEASE loHttp CANCEL ENDIF ? "Response status code: " + STR(loHttp.LastStatus) ? "Response body: " ? lcResponseBody * ------------------------------------------------------------------------------------------------------------ * Revert to an unauthenticated session by calling Logout. lnSuccess = loPkcs11.Logout() IF (lnSuccess = 0) THEN ? loPkcs11.LastErrorText lnSuccess = loPkcs11.CloseSession() RELEASE loPkcs11 RELEASE loCert RELEASE loHttp CANCEL ENDIF * When finished, close the session. * It is important to close the session (memory leaks will occur if the session is not properly closed). lnSuccess = loPkcs11.CloseSession() IF (lnSuccess = 0) THEN ? loPkcs11.LastErrorText RELEASE loPkcs11 RELEASE loCert RELEASE loHttp CANCEL ENDIF ? "Success." RELEASE loPkcs11 RELEASE loCert RELEASE loHttp |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.