PHP Extension
PHP Extension
RSA Sign using a Private Key on a USB Token or Smartcard
See more Apple Keychain Examples
Create an RSA signature using a private key stored on a USB token or smartcard.Note: On MacOS and iOS, this example requires Chilkat v10.1.2 or later when the Apple Keychain is used as the underlying means to do the signing.
Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
// Assuming the smartcard/USB token is installed with the correct drivers from the manufacturer,
// this code can work on multiple platforms including Windows, MacOS, Linux, and iOS.
// Chilkat automatically detects and determines the way in which the HSM is used,
// which can be by PKCS11, Apple Keychain, Microsoft CNG / Crypto API, or ScMinidriver.
$cert = new CkCert();
// Set the token/smartcard PIN prior to loading.
$cert->put_SmartCardPin('123456');
// Specify the certificate by its common name.
$success = $cert->LoadFromSmartcard('cn=chilkat-rsa-2048');
if ($success == false) {
print $cert->lastErrorText() . "\n";
exit;
}
print 'Signing with cert: ' . $cert->subjectCN() . "\n";
// Create data to be hashed and signed.
$bd = new CkBinData();
for ($i = 0; $i <= 100; $i++) {
$bd->AppendEncoded('000102030405060708090A0B0C0D0E0F','hex');
}
$rsa = new CkRsa();
// Use the certificate's private key for signing.
$success = $rsa->SetX509Cert($cert,true);
if ($success == false) {
print $rsa->lastErrorText() . "\n";
exit;
}
// Sign the SHA-256 hash of the contents of bd.
$bdSig = new CkBinData();
$success = $rsa->SignBd($bd,'sha256',$bdSig);
if ($success == false) {
print $rsa->lastErrorText() . "\n";
exit;
}
// The RSA signature is equal in length to the size of the RSA key.
print 'Output signature size in bits = ' . ($bdSig->get_NumBytes() * 8) . "\n";
// We can save the signature for later verification..
$bdSig->WriteFile('rsaSignatures/test1.sig');
// See the example to verify the RSA signature:
// Verfies an RSA Signature
?>