|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PureBasic) Create a CAdES-T SignatureDemonstrates how to create a signature with an external timestamp that certifies the time of signing. This requires an online TSA (Time Stamping Authority) service that is capable of producing RFC 3161 compliant timestamps. Note: This example requires Chilkat v9.5.0.78 or greater.
IncludeFile "CkCert.pb" IncludeFile "CkJsonObject.pb" IncludeFile "CkCrypt2.pb" Procedure ChilkatExample() ; This example requires the Chilkat API to have been previously unlocked. ; See Global Unlock Sample for sample code. crypt.i = CkCrypt2::ckCreate() If crypt.i = 0 Debug "Failed to create object." ProcedureReturn EndIf ; This example will use a certificate + private key from a .pfx/.p12 file. ; On Windows systems, it is also possible to use certs on smartcards/usb tokens or certs pre-installed in the Windows registry. cert.i = CkCert::ckCreate() If cert.i = 0 Debug "Failed to create object." ProcedureReturn EndIf pfxPath.s = "qa_data/pfx/myCertAndKey.p12" pfxPassword.s = "test123" success.i = CkCert::ckLoadPfxFile(cert,pfxPath,pfxPassword) If success <> 1 Debug CkCert::ckLastErrorText(cert) CkCrypt2::ckDispose(crypt) CkCert::ckDispose(cert) ProcedureReturn EndIf success = CkCrypt2::ckSetSigningCert(crypt,cert) ; Use SHA-256 rather than the default of SHA-1 CkCrypt2::setCkHashAlgorithm(crypt, "sha256") ; Create JSON that tells Chilkat what signing attributes to include: attrs.i = CkJsonObject::ckCreate() If attrs.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkJsonObject::ckUpdateBool(attrs,"contentType",1) CkJsonObject::ckUpdateBool(attrs,"signingTime",1) CkJsonObject::ckUpdateBool(attrs,"messageDigest",1) CkJsonObject::ckUpdateBool(attrs,"signingCertificateV2",1) ; A CAdES-T signature is one that includes a timestampToken created by an online TSA (time stamping authority). ; We must include the TSA's URL, as well as a few options to indicate what is desired. ; Except for the TSA URL, the options shown here are typically what you would need. CkJsonObject::ckUpdateBool(attrs,"timestampToken.enabled",1) CkJsonObject::ckUpdateString(attrs,"timestampToken.tsaUrl","https://freetsa.org/tsr") CkJsonObject::ckUpdateBool(attrs,"timestampToken.addNonce",0) CkJsonObject::ckUpdateBool(attrs,"timestampToken.requestTsaCert",1) CkJsonObject::ckUpdateString(attrs,"timestampToken.hashAlg","sha256") CkCrypt2::setCkSigningAttributes(crypt, CkJsonObject::ckEmit(attrs)) inFile.s = "qa_data/json/sample.json" outFile.s = "qa_output/sample_cades_t.p7m" ; This creates the CAdES-T signature. During the signature creation, it ; communicates with the TSA to get a timestampToken. success = CkCrypt2::ckCreateP7M(crypt,inFile,outFile) If success <> 1 Debug CkCrypt2::ckLastErrorText(crypt) CkCrypt2::ckDispose(crypt) CkCert::ckDispose(cert) CkJsonObject::ckDispose(attrs) ProcedureReturn EndIf Debug "Success." CkCrypt2::ckDispose(crypt) CkCert::ckDispose(cert) CkJsonObject::ckDispose(attrs) ProcedureReturn EndProcedure |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.