(PHP Extension) RSA Sign String using Private Key of Certificate Type A3 (smart card / token)

Demonstrates RSA signing a string using the private key of a certificate type A3 (smart card, token).

Note: This is a Windows-only example.

Chilkat PHP Downloads PHP Extension for Windows, Linux, MacOS, Alpine Linux

<?php

include("chilkat.php");
// Use "chilkat_9_5_0.php" for versions of Chilkat < 10.0.0

// First get the A3 certificate that was installed on the Windows system.
$certStore = new CkCertStore();

$thumbprint = '12c1dd8015f3f03f7b1fa619dc24e2493ca8b4b2';

// This is specific to Windows because it is opening the Windows Current-User certificate store.
$bReadOnly = true;
$success = $certStore->OpenCurrentUserStore($bReadOnly);
if ($success != true) {
    print $certStore->lastErrorText() . "\n";
    exit;
}

// Find the certificate with the desired thumbprint
// (There are many ways to locate a certificate.  This example chooses to find by thumbprint.)
// cert is a CkCert
$cert = $certStore->FindCertBySha1Thumbprint($thumbprint);
if ($certStore->get_LastMethodSuccess() != true) {
    print 'Failed to find the certificate.' . "\n";
    exit;
}

print 'Found: ' . $cert->subjectCN() . "\n";

$rsa = new CkRsa();

// Provide the cert's private key
$bUsePrivateKey = true;
$success = $rsa->SetX509Cert($cert,$bUsePrivateKey);

if ($success != true) {
    print $rsa->lastErrorText() . "\n";
    exit;
}

// Return the RSA signature in base64 encoded form.
$rsa->put_EncodingMode('base64');

// Sign the utf-8 byte representation of the string.
$rsa->put_Charset('utf-8');

// You can also choose other hash algorithms, such as SHA-1.
$sigBase64 = $rsa->signStringENC('text to sign','SHA-256');
if ($rsa->get_LastMethodSuccess() != true) {
    print $rsa->lastErrorText() . "\n";
    exit;
}

print 'Base64 signature: ' . $sigBase64 . "\n";

?>