PowerBuilder
PowerBuilder
Signing HTTP Messages
See more RSA Examples
Demonstrates how to sign HTTP messages per draft-cavage-http-signatures-10Chilkat PowerBuilder Downloads
integer li_rc
integer li_Success
integer li_BCrlf
oleobject loo_SbPublicKeyPem
oleobject loo_PubKey
oleobject loo_SbPrivateKeyPem
oleobject loo_PrivKey
oleobject loo_DtNow
string ls_DateStr
oleobject loo_Rsa
oleobject loo_SbStringToSign
string ls_B64Signature
li_Success = 0
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
li_BCrlf = 1
loo_SbPublicKeyPem = create oleobject
li_rc = loo_SbPublicKeyPem.ConnectToNewObject("Chilkat.StringBuilder")
if li_rc < 0 then
destroy loo_SbPublicKeyPem
MessageBox("Error","Connecting to COM object failed")
return
end if
loo_SbPublicKeyPem.AppendLine("-----BEGIN PUBLIC KEY-----",li_BCrlf)
loo_SbPublicKeyPem.AppendLine("MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3",li_BCrlf)
loo_SbPublicKeyPem.AppendLine("6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6",li_BCrlf)
loo_SbPublicKeyPem.AppendLine("Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw",li_BCrlf)
loo_SbPublicKeyPem.AppendLine("oYi+1hqp1fIekaxsyQIDAQAB",li_BCrlf)
loo_SbPublicKeyPem.AppendLine("-----END PUBLIC KEY-----",li_BCrlf)
loo_PubKey = create oleobject
li_rc = loo_PubKey.ConnectToNewObject("Chilkat.PublicKey")
loo_PubKey.LoadFromString(loo_SbPublicKeyPem.GetAsString())
loo_SbPrivateKeyPem = create oleobject
li_rc = loo_SbPrivateKeyPem.ConnectToNewObject("Chilkat.StringBuilder")
loo_SbPrivateKeyPem.AppendLine("-----BEGIN RSA PRIVATE KEY-----",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==",li_BCrlf)
loo_SbPrivateKeyPem.AppendLine("-----END RSA PRIVATE KEY-----",li_BCrlf)
loo_PrivKey = create oleobject
li_rc = loo_PrivKey.ConnectToNewObject("Chilkat.PrivateKey")
loo_PrivKey.LoadPem(loo_SbPrivateKeyPem.GetAsString())
// All examples use this request:
//
// POST /foo?param=value&pet=dog HTTP/1.1
// Host: example.com
// Date: Sun, 05 Jan 2014 21:31:40 GMT
// Content-Type: application/json
// Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
// Content-Length: 18
//
// {"hello": "world"}
// C.1. Default Test
//
// If a list of headers is not included, the date is the only header
// that is signed by default. The string to sign would be:
//
// date: Sun, 05 Jan 2014 21:31:40 GMT
//
// The Authorization header would be:
//
// Authorization: Signature keyId="Test",algorithm="rsa-sha256",
// signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
// 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
// 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
//
// The Signature header would be:
//
// Signature: keyId="Test",algorithm="rsa-sha256",
// signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
// 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
// 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
//
loo_DtNow = create oleobject
li_rc = loo_DtNow.ConnectToNewObject("Chilkat.CkDateTime")
li_Success = loo_DtNow.SetFromCurrentSystemTime()
ls_DateStr = loo_DtNow.GetAsRfc822(0)
// To duplicate the above result, we'll hard-code the date string.
ls_DateStr = "Sun, 05 Jan 2014 21:31:40 GMT"
loo_Rsa = create oleobject
li_rc = loo_Rsa.ConnectToNewObject("Chilkat.Rsa")
li_Success = loo_Rsa.UsePrivateKey(loo_PrivKey)
if li_Success = 0 then
Write-Debug loo_Rsa.LastErrorText
destroy loo_SbPublicKeyPem
destroy loo_PubKey
destroy loo_SbPrivateKeyPem
destroy loo_PrivKey
destroy loo_DtNow
destroy loo_Rsa
return
end if
loo_SbStringToSign = create oleobject
li_rc = loo_SbStringToSign.ConnectToNewObject("Chilkat.StringBuilder")
loo_SbStringToSign.Append("date: ")
loo_SbStringToSign.Append(ls_DateStr)
loo_Rsa.EncodingMode = "base64"
ls_B64Signature = loo_Rsa.SignStringENC(loo_SbStringToSign.GetAsString(),"SHA256")
Write-Debug ls_B64Signature
Write-Debug "---------------------------"
// The result should be:
// SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM=
// ----------------------------------------------------------------------------------------------------
// C.2. Basic Test
//
// The minimum recommended data to sign is the (request-target), host,
// and date. In this case, the string to sign would be:
//
// (request-target): post /foo?param=value&pet=dog
// host: example.com
// date: Sun, 05 Jan 2014 21:31:40 GMT
//
// The Authorization header would be:
//
// Authorization: Signature keyId="Test",algorithm="rsa-sha256",
// headers="(request-target) host date", signature="qdx+H7PHHDZgy4
// y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn
// 7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs
// kLu6kd9Fswtemr3lgdDEmn04swr2Os0="
loo_SbStringToSign.Clear()
loo_SbStringToSign.Append("(request-target): ")
loo_SbStringToSign.AppendLine("post /foo?param=value&pet=dog",0)
loo_SbStringToSign.Append("host: ")
loo_SbStringToSign.AppendLine("example.com",0)
loo_SbStringToSign.Append("date: ")
loo_SbStringToSign.Append(ls_DateStr)
Write-Debug "StringToSign:"
Write-Debug loo_SbStringToSign.GetAsString()
ls_B64Signature = loo_Rsa.SignStringENC(loo_SbStringToSign.GetAsString(),"SHA256")
Write-Debug ls_B64Signature
Write-Debug "---------------------------"
// The result should be:
// qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0=
destroy loo_SbPublicKeyPem
destroy loo_PubKey
destroy loo_SbPrivateKeyPem
destroy loo_PrivKey
destroy loo_DtNow
destroy loo_Rsa
destroy loo_SbStringToSign