(PowerShell) RSA Sign String using Private Key of Certificate Type A3 (smart card / token)

Demonstrates RSA signing a string using the private key of a certificate type A3 (smart card, token).

Note: This is a Windows-only example.

Chilkat .NET Downloads Chilkat .NET Assemblies

Add-Type -Path "C:\chilkat\ChilkatDotNet47-9.5.0-x64\ChilkatDotNet47.dll"

# First get the A3 certificate that was installed on the Windows system.
$certStore = New-Object Chilkat.CertStore

$thumbprint = "12c1dd8015f3f03f7b1fa619dc24e2493ca8b4b2"

# This is specific to Windows because it is opening the Windows Current-User certificate store.
$bReadOnly = $true
$success = $certStore.OpenCurrentUserStore($bReadOnly)
if ($success -ne $true) {
    $($certStore.LastErrorText)
    exit
}

# Find the certificate with the desired thumbprint
# (There are many ways to locate a certificate.  This example chooses to find by thumbprint.)
$cert = $certStore.FindCertBySha1Thumbprint($thumbprint)
if ($certStore.LastMethodSuccess -ne $true) {
    $("Failed to find the certificate.")
    exit
}

$("Found: " + $cert.SubjectCN)

$rsa = New-Object Chilkat.Rsa

# Provide the cert's private key
$bUsePrivateKey = $true
$success = $rsa.SetX509Cert($cert,$bUsePrivateKey)

if ($success -ne $true) {
    $($rsa.LastErrorText)
    exit
}

# Return the RSA signature in base64 encoded form.
$rsa.EncodingMode = "base64"

# Sign the utf-8 byte representation of the string.
$rsa.Charset = "utf-8"

# You can also choose other hash algorithms, such as SHA-1.
$sigBase64 = $rsa.SignStringENC("text to sign","SHA-256")
if ($rsa.LastMethodSuccess -ne $true) {
    $($rsa.LastErrorText)
    exit
}

$("Base64 signature: " + $sigBase64)