PureBasic
PureBasic
Create CAdES-BES .p7m using Smart Card or USB Token
See more Digital Signatures Examples
Demonstrates how to create a CAdES BES invoice.xml.p7m using a certificate stored on a smart card or USB token.Note: This example requires Chilkat v9.5.0.77 and at the time of this writing is restricted to the Windows operating system.
Chilkat PureBasic Downloads
IncludeFile "CkCert.pb"
IncludeFile "CkJsonObject.pb"
IncludeFile "CkCrypt2.pb"
Procedure ChilkatExample()
success.i = 0
; Note: Requires Chilkat v9.5.0.77 or greater.
; This requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
crypt.i = CkCrypt2::ckCreate()
If crypt.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Use a certificate on a smartcard or USB token.
cert.i = CkCert::ckCreate()
If cert.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Load the certificate on the smartcard currently in the reader (or on the USB token).
; Pass an empty string to allow Chilkat to automatically choose the CSP (Cryptographi Service Provider).
; See Load Certificate on Smartcard for information about explicitly selecting a particular CSP.
success = CkCert::ckLoadFromSmartcard(cert,"")
If success <> 1
Debug CkCert::ckLastErrorText(cert)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; Provide the smartcard PIN.
; If the PIN is not explicitly provided here, the Windows OS should
; display a dialog for the PIN.
CkCert::setCkSmartCardPin(cert, "000000")
; Provide the certificate for signing.
success = CkCrypt2::ckSetSigningCert(crypt,cert)
If success <> 1
Debug CkCrypt2::ckLastErrorText(crypt)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; Indicate that SHA-256 should be used.
CkCrypt2::setCkHashAlgorithm(crypt, "sha256")
; Specify the signed attributes to be included.
; (This is what makes it CAdES-BES compliant.)
jsonSignedAttrs.i = CkJsonObject::ckCreate()
If jsonSignedAttrs.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkJsonObject::ckUpdateInt(jsonSignedAttrs,"contentType",1)
CkJsonObject::ckUpdateInt(jsonSignedAttrs,"signingTime",1)
CkJsonObject::ckUpdateInt(jsonSignedAttrs,"messageDigest",1)
CkJsonObject::ckUpdateInt(jsonSignedAttrs,"signingCertificateV2",1)
CkCrypt2::setCkSigningAttributes(crypt, CkJsonObject::ckEmit(jsonSignedAttrs))
inFile.s = "qa_data/xml/IT01234567890_11002.xml"
sigFile.s = "qa_output/IT01234567890_11002.xml.p7m"
; Create the CAdES-BES signature, which contains the original data.
success = CkCrypt2::ckCreateP7M(crypt,inFile,sigFile)
If success = 0
Debug CkCrypt2::ckLastErrorText(crypt)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(jsonSignedAttrs)
ProcedureReturn
EndIf
Debug "Success."
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(jsonSignedAttrs)
ProcedureReturn
EndProcedure