|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Visual FoxPro) RSASSA-PSS Sign TextSigns text to create a PKCS7/CMS signature. The signature algorithm is RSASSA-PSS with SHA256. Note: This example requires Chilkat v9.5.0.67 or greater.
LOCAL loCrypt LOCAL loPfx LOCAL lnSuccess LOCAL loCert LOCAL loSb LOCAL i LOCAL lcPkcs7sig * This example requires the Chilkat Crypt API to have been previously unlocked. * See Unlock Chilkat Crypt for sample code. * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Crypt2') loCrypt = CreateObject('Chilkat.Crypt2') * Get a digital certificate with private key from a .pfx * (Chilkat has many different ways to provide a cert + private key for siging. * Using a PFX is just one possible option.) * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Pfx') loPfx = CreateObject('Chilkat.Pfx') lnSuccess = loPfx.LoadPfxFile("qa_data/rsassa-pss/privatekey.pfx","PFX_PASSWORD") IF (lnSuccess <> 1) THEN ? loPfx.LastErrorText RELEASE loCrypt RELEASE loPfx CANCEL ENDIF * Get the certificate to be used for signing. * (The typical case for a PFX is that it contains a cert with an associated private key, * as well as other certificates in the chain of authentication. The cert with the private * key should be in the first position at index 0.) loCert = loPfx.GetCert(0) IF (loPfx.LastMethodSuccess <> 1) THEN ? loPfx.LastErrorText RELEASE loCrypt RELEASE loPfx CANCEL ENDIF loCrypt.SetSigningCert(loCert) * Indicate that RSASSA-PSS with SHA256 should be used. loCrypt.SigningAlg = "pss" loCrypt.HashAlgorithm = "sha256" loCrypt.EncodingMode = "base64_mime" * Build a string to sign * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder') loSb = CreateObject('Chilkat.StringBuilder') i = 1 DO WHILE i < 12 loSb.AppendInt(i) loSb.Append(" the quick brown fox jumped over the lazy dog." + CHR(13) + CHR(10)) i = i + 1 ENDDO ? loSb.GetAsString() * The string to be encrypted looks like this: * 1 the quick brown fox jumped over the lazy dog. * 2 the quick brown fox jumped over the lazy dog. * 3 the quick brown fox jumped over the lazy dog. * 4 the quick brown fox jumped over the lazy dog. * ... * Make sure to specify the byte representation (character encoding) loCrypt.Charset = "utf-8" * Sign the string to get a PKCS7 detached signature in base64 format. lcPkcs7sig = loCrypt.SignSbENC(loSb) ? "Detached PCKS7 Signature:" ? lcPkcs7sig * This signature looks like this: * MIIG5wYJKoZIhvcNAQcCoIIG2DCCBtQCAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0BBwGg * ggL4MIIC9DCCAl2gAwIBAgIJAMPsJCT11cniMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJB * VTERMA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEhMB8GA1UECgwYSW50ZXJu * ZXQgV2lkZ2l0cyBQdHkgTHRkMQ8wDQYDVQQDDAZXaWRnZXQxKDAmBgkqhkiG9w0BCQEWGWFkbWlu * QGludGVybmV0d2lkZ2V0cy5jb20wHhcNMTYxMTAxMTY1MjMyWhcNMjExMDMxMTY1MjMyWjCBkjEL * MAkGA1UEBhMCQVUxETAPBgNVBAgMCFZpY3RvcmlhMRIwEAYDVQQHDAlNZWxib3VybmUxITAfBgNV * BAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1UEAwwGV2lkZ2V0MSgwJgYJKoZIhvcN * AQkBFhlhZG1pbkBpbnRlcm5ldHdpZGdldHMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB * gQDGIdoCjyavs+F/Rm0VIB4m6O7VL1j+1IqieoR9NEX2GQvu2VCdceyxf9qaw1bxipEvjLwUkw7M * e+BTlLpWQbBMH87s6KpsC8MVyXhMLpP0oM8NFix/vLz2wdLhUh7CZvJA0plqkJk9bj57QIu+EO1k * tUHM2DFb6sckvCL2yybD1wIDAQABo1AwTjAdBgNVHQ4EFgQUONKKu2zsXIrinWxIGT654vrcQwsw * HwYDVR0jBBgwFoAUONKKu2zsXIrinWxIGT654vrcQwswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B * AQsFAAOBgQArFvdi5u9i2QF1Qw+cdC1l7w2Y3+q6RIkln2W8rWJFje00644o8hXy7v46giJCedmF * ULlhm1n7XIsZGy2W3lJ77v5agn9gFwXu1h3cqkGXkoteE6SQJQXWgsW3GWPveObvTL8LF4y57fgM * 9ZWS+V9MJajeu44Rf/tU17TLYKjvEjGCA7MwggOvAgEBMIGgMIGSMQswCQYDVQQGEwJBVTERMA8G * A1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lk * Z2l0cyBQdHkgTHRkMQ8wDQYDVQQDDAZXaWRnZXQxKDAmBgkqhkiG9w0BCQEWGWFkbWluQGludGVy * bmV0d2lkZ2V0cy5jb20CCQDD7CQk9dXJ4jANBglghkgBZQMEAgEFAKCCAjQwGAYJKoZIhvcNAQkD * MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTcwNDI5MTYzNTQ3WjAvBgkqhkiG9w0BCQQx * IgQgnXqtpfBjs9ZZUJxbNYbwYvpmXTGgIbYErkIA3jQo0EEwXwYJKoZIhvcNAQkPMVIwUDALBglg * hkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsO * AwIHMA0GCCqGSIb3DQMCAgEoMIGxBgkrBgEEAYI3EAQxgaMwgaAwgZIxCzAJBgNVBAYTAkFVMREw * DwYDVQQIDAhWaWN0b3JpYTESMBAGA1UEBwwJTWVsYm91cm5lMSEwHwYDVQQKDBhJbnRlcm5ldCBX * aWRnaXRzIFB0eSBMdGQxDzANBgNVBAMMBldpZGdldDEoMCYGCSqGSIb3DQEJARYZYWRtaW5AaW50 * ZXJuZXR3aWRnZXRzLmNvbQIJAMPsJCT11cniMIGzBgsqhkiG9w0BCRACCzGBo6CBoDCBkjELMAkG * A1UEBhMCQVUxETAPBgNVBAgMCFZpY3RvcmlhMRIwEAYDVQQHDAlNZWxib3VybmUxITAfBgNVBAoM * GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1UEAwwGV2lkZ2V0MSgwJgYJKoZIhvcNAQkB * FhlhZG1pbkBpbnRlcm5ldHdpZGdldHMuY29tAgkAw+wkJPXVyeIwPQYJKoZIhvcNAQEKMDCgDTAL * BglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASAEgYBFgBS1vtBoac6P * /NRcY3jdytoxK7xc8vEYW/PhgsbE+sP7dvu6eoRLVicoQ8RIeMh3CtPZFq1+JcL5NNzQoAotizTX * EKhiceX1mC5ocCeEvgNouxkN2Qr/X12m60rNvNl5r+GEqiqx/1fs2yRAl5sIzwPsMMY3p9tGOpy0 * 5p7sRQ== * The ASN.1 of the signature can be examined by browsing to https://lapo.it/asn1js/ , * then copy-and-paste the Base64 signature into the form and decode.. * The signature can be verified against the original data like this: lnSuccess = loCrypt.VerifySbENC(loSb,lcPkcs7sig) ? "Signature verified: " + STR(lnSuccess) RELEASE loCert RELEASE loCrypt RELEASE loPfx RELEASE loSb |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.