|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Objective-C) SSH HSM Public Key AuthenticationDemonstrates how to authenticate with an SSH server using public key authentication using an HSM (USB token or smartcard).
#import <CkoPkcs11.h> #import <NSString.h> #import <CkoJsonObject.h> #import <CkoSshKey.h> #import <CkoSsh.h> // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: Chilkat's PKCS11 implementation runs on Windows, Linux, MacOs, and other supported operating systems. CkoPkcs11 *pkcs11 = [[CkoPkcs11 alloc] init]; // This would be a path to a .dylib on MacOS, or a path to a .so shared lib on Linux. pkcs11.SharedLibPath = @"C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll"; NSString *pin = @"0000"; int userType = 1; // Establish a PKCS11 logged-on session using the driver (.so, .dylib, or .dll) as specified in the SharedLibPath above. BOOL success = [pkcs11 QuickSession: [NSNumber numberWithInt: userType] pin: pin]; if (success == NO) { NSLog(@"%@",pkcs11.LastErrorText); return; } // Set PKCS11 attributes to find our desired private key object. CkoJsonObject *json = [[CkoJsonObject alloc] init]; [json UpdateString: @"class" value: @"private_key"]; [json UpdateString: @"label" value: @"MySshKey"]; // Get the PKCS11 handle to the private key located on the HSM. unsigned long priv_handle = [pkcs11 FindObject: json]; // Get the PKCS11 handle to the corresponding public key located on the HSM. [json UpdateString: @"class" value: @"public_key"]; unsigned long pub_handle = [pkcs11 FindObject: json]; CkoSshKey *key = [[CkoSshKey alloc] init]; // The key type can be "rsa" or "ec" NSString *keyType = @"rsa"; success = [key UsePkcs11: pkcs11 privKeyHandle: priv_handle pubKeyHandle: pub_handle keyType: keyType]; if (success == NO) { NSLog(@"%@",key.LastErrorText); return; } CkoSsh *ssh = [[CkoSsh alloc] init]; success = [ssh Connect: @"example.com" port: [NSNumber numberWithInt: 22]]; if (success != YES) { NSLog(@"%@",ssh.LastErrorText); return; } // Authenticate with the SSH server using the login and // HSM private key. (The corresponding public key should've // been installed on the SSH server beforehand.) success = [ssh AuthenticatePk: @"myLogin" privateKey: key]; if (success != YES) { NSLog(@"%@",ssh.LastErrorText); return; } NSLog(@"%@",@"Public-Key Authentication Successful!"); |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.