|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PowerBuilder) (PKCS11) Use a Smart Card Certificate + Private Key for SSL/TLS AuthenticationSee more ScMinidriver ExamplesDemonstrates how to use a certificate + private key located on a smart card for the TLS client certificate in an HTTPS request.
integer li_rc oleobject loo_Pkcs11 integer li_Success integer li_SlotID integer li_ReadWrite integer li_UserType string ls_Pin oleobject loo_Cert oleobject loo_Http string ls_ResponseBody // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems. loo_Pkcs11 = create oleobject // Use "Chilkat_9_5_0.Pkcs11" for versions of Chilkat < 10.0.0 li_rc = loo_Pkcs11.ConnectToNewObject("Chilkat.Pkcs11") if li_rc < 0 then destroy loo_Pkcs11 MessageBox("Error","Connecting to COM object failed") return end if // Set your shared lib path -- either a full path to the DLL, .so, or .dylib, // or just the filename if the driver is in a location that can be automatically found. (Such as in C:\Windows\System32) loo_Pkcs11.SharedLibPath = "C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll" li_Success = loo_Pkcs11.Initialize() if li_Success = 0 then Write-Debug loo_Pkcs11.LastErrorText destroy loo_Pkcs11 return end if // Pass -1 for the slotID to open a session on the first non-empty slot. li_SlotID = -1 // Open a session. li_ReadWrite = 1 li_Success = loo_Pkcs11.OpenSession(li_SlotID,li_ReadWrite) if li_Success = 0 then Write-Debug loo_Pkcs11.LastErrorText destroy loo_Pkcs11 return end if // Make it an authenticated session by calling Login. // // If we don't authenticate, then we won't be able to see the private keys, and thus // we won't know which certificates have an associated private key stored on the smart card. // The smart card PIN is passed to the Login method. // userType 1 indicates a "Normal User". li_UserType = 1 ls_Pin = "0000" li_Success = loo_Pkcs11.Login(li_UserType,ls_Pin) if li_Success = 0 then Write-Debug loo_Pkcs11.LastErrorText li_Success = loo_Pkcs11.CloseSession() destroy loo_Pkcs11 return end if loo_Cert = create oleobject // Use "Chilkat_9_5_0.Cert" for versions of Chilkat < 10.0.0 li_rc = loo_Cert.ConnectToNewObject("Chilkat.Cert") // Find a certificate by the Subject Common Name li_Success = loo_Pkcs11.FindCert("subjectCN","BadSSL Client Certificate",loo_Cert) if li_Success = 1 then Write-Debug "Found: " + loo_Cert.SubjectCN else Write-Debug "Not found: " + loo_Cert.SubjectCN li_Success = loo_Pkcs11.CloseSession() destroy loo_Pkcs11 destroy loo_Cert return end if Write-Debug "Successfully loaded the cert object from the smart card / USB token." // Note: When successful, the cert object is internally linked to the Pkcs11 object's authenticated session. // The cert object can now be used to sign or do other cryptographic operations that occur on the smart card / USB token. // ------------------------------------------------------------------------------------------------------------ // Send an HTTPS request to https://client.badssl.com // https://client.badssl.com (part of the badssl.com service) lets you test authentication using client SSL certificates. // The client certificate can be downloaded from https://badssl.com/download/. // This server returns 200 OK if the correct client certificate is provided, and 400 Bad Request otherwise. loo_Http = create oleobject // Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0 li_rc = loo_Http.ConnectToNewObject("Chilkat.Http") // Provide the client certificate (linked internally to our authenticated smartcard session) li_Success = loo_Http.SetSslClientCert(loo_Cert) if li_Success = 0 then Write-Debug loo_Http.LastErrorText li_Success = loo_Pkcs11.CloseSession() destroy loo_Pkcs11 destroy loo_Cert destroy loo_Http return end if ls_ResponseBody = loo_Http.QuickGetStr("https://client.badssl.com/") if loo_Http.LastMethodSuccess = 0 then Write-Debug loo_Http.LastErrorText li_Success = loo_Pkcs11.CloseSession() destroy loo_Pkcs11 destroy loo_Cert destroy loo_Http return end if Write-Debug "Response status code: " + string(loo_Http.LastStatus) Write-Debug "Response body: " Write-Debug ls_ResponseBody // ------------------------------------------------------------------------------------------------------------ // Revert to an unauthenticated session by calling Logout. li_Success = loo_Pkcs11.Logout() if li_Success = 0 then Write-Debug loo_Pkcs11.LastErrorText li_Success = loo_Pkcs11.CloseSession() destroy loo_Pkcs11 destroy loo_Cert destroy loo_Http return end if // When finished, close the session. // It is important to close the session (memory leaks will occur if the session is not properly closed). li_Success = loo_Pkcs11.CloseSession() if li_Success = 0 then Write-Debug loo_Pkcs11.LastErrorText destroy loo_Pkcs11 destroy loo_Cert destroy loo_Http return end if Write-Debug "Success." destroy loo_Pkcs11 destroy loo_Cert destroy loo_Http |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.