|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PureBasic) Sign String to create a CAdES-T SignatureThis example will sign a string to create a CAdEST-T signature. Note: This example requires Chilkat v9.5.0.78 or greater.
IncludeFile "CkBinData.pb" IncludeFile "CkCert.pb" IncludeFile "CkJsonObject.pb" IncludeFile "CkCrypt2.pb" Procedure ChilkatExample() ; This example requires the Chilkat API to have been previously unlocked. ; See Global Unlock Sample for sample code. crypt.i = CkCrypt2::ckCreate() If crypt.i = 0 Debug "Failed to create object." ProcedureReturn EndIf ; This example will use the certificate + private key currently inserted into a smartcard reader. cert.i = CkCert::ckCreate() If cert.i = 0 Debug "Failed to create object." ProcedureReturn EndIf ; If we wish to provide the smartcard PIN (otherwise the user will be prompted by the operating system). CkCert::setCkSmartCardPin(cert, "000000") success.i = CkCert::ckLoadFromSmartcard(cert,"") If success <> 1 Debug CkCert::ckLastErrorText(cert) CkCrypt2::ckDispose(crypt) CkCert::ckDispose(cert) ProcedureReturn EndIf ; Note: It is also possible to use certs from .pfx/.p12, .pem, or other sources such as ; pre-installed Windows certificates. success = CkCrypt2::ckSetSigningCert(crypt,cert) ; Use SHA-256 rather than the default of SHA-1 CkCrypt2::setCkHashAlgorithm(crypt, "sha256") ; Create JSON that tells Chilkat what signing attributes to include: attrs.i = CkJsonObject::ckCreate() If attrs.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkJsonObject::ckUpdateBool(attrs,"contentType",1) CkJsonObject::ckUpdateBool(attrs,"signingTime",1) CkJsonObject::ckUpdateBool(attrs,"messageDigest",1) CkJsonObject::ckUpdateBool(attrs,"signingCertificateV2",1) ; A CAdES-T signature is one that includes a timestampToken created by an online TSA (time stamping authority). ; We must include the TSA's URL, as well as a few options to indicate what is desired. ; Except for the TSA URL, the options shown here are typically what you would need. CkJsonObject::ckUpdateBool(attrs,"timestampToken.enabled",1) CkJsonObject::ckUpdateString(attrs,"timestampToken.tsaUrl","https://freetsa.org/tsr") CkJsonObject::ckUpdateBool(attrs,"timestampToken.addNonce",0) CkJsonObject::ckUpdateBool(attrs,"timestampToken.requestTsaCert",1) CkJsonObject::ckUpdateString(attrs,"timestampToken.hashAlg","sha256") CkCrypt2::setCkSigningAttributes(crypt, CkJsonObject::ckEmit(attrs)) strToSign.s = "THIS IS MY ID" bd.i = CkBinData::ckCreate() If bd.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkBinData::ckAppendString(bd,strToSign,"utf-8") ; This creates the CAdES-T signature. During the signature creation, it ; communicates with the TSA to get a timestampToken. ; The contents of bd are signed and replaced with the CAdES-T signature (which embeds the original content). success = CkCrypt2::ckOpaqueSignBd(crypt,bd) If success <> 1 Debug CkCrypt2::ckLastErrorText(crypt) CkCrypt2::ckDispose(crypt) CkCert::ckDispose(cert) CkJsonObject::ckDispose(attrs) CkBinData::ckDispose(bd) ProcedureReturn EndIf ; Get the signature in base64 format: Debug CkBinData::ckGetEncoded(bd,"base64_mime") ; Or save the signature to a file. CkBinData::ckWriteFile(bd,"qa_output/cades-t_sample.p7m") Debug "Success." CkCrypt2::ckDispose(crypt) CkCert::ckDispose(cert) CkJsonObject::ckDispose(attrs) CkBinData::ckDispose(bd) ProcedureReturn EndProcedure |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.