Sample code for 30+ languages & platforms
SQL Server

RSA Sign String using Private Key of Certificate Type A3 (smart card / token)

See more RSA Examples

Demonstrates RSA signing a string using the private key of a certificate type A3 (smart card, token).

Note: This is a Windows-only example.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- First get the A3 certificate that was installed on the Windows system.
    DECLARE @certStore int
    EXEC @hr = sp_OACreate 'Chilkat.CertStore', @certStore OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @thumbprint nvarchar(4000)
    SELECT @thumbprint = '12c1dd8015f3f03f7b1fa619dc24e2493ca8b4b2'

    -- This is specific to Windows because it is opening the Windows Current-User certificate store.
    DECLARE @bReadOnly int
    SELECT @bReadOnly = 1
    EXEC sp_OAMethod @certStore, 'OpenCurrentUserStore', @success OUT, @bReadOnly
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @certStore, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @certStore
        RETURN
      END

    -- Find the certificate with the desired thumbprint
    -- (There are many ways to locate a certificate.  This example chooses to find by thumbprint.)
    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT

    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'thumbprint', @thumbprint

    DECLARE @cert int
    EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT

    EXEC sp_OAMethod @certStore, 'FindCert', @success OUT, @json, @cert
    IF @success = 0
      BEGIN

        PRINT 'Failed to find the certificate.'
        EXEC @hr = sp_OADestroy @certStore
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @cert
        RETURN
      END


    EXEC sp_OAGetProperty @cert, 'SubjectCN', @sTmp0 OUT
    PRINT 'Found: ' + @sTmp0

    DECLARE @rsa int
    EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa OUT

    -- Provide the cert's private key
    DECLARE @bUsePrivateKey int
    SELECT @bUsePrivateKey = 1
    EXEC sp_OAMethod @rsa, 'SetX509Cert', @success OUT, @cert, @bUsePrivateKey
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @certStore
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END

    -- Return the RSA signature in base64 encoded form.
    EXEC sp_OASetProperty @rsa, 'EncodingMode', 'base64'

    -- Sign the utf-8 byte representation of the string.
    EXEC sp_OASetProperty @rsa, 'Charset', 'utf-8'

    -- You can also choose other hash algorithms, such as SHA-1.
    DECLARE @sigBase64 nvarchar(4000)
    EXEC sp_OAMethod @rsa, 'SignStringENC', @sigBase64 OUT, 'text to sign', 'SHA-256'
    EXEC sp_OAGetProperty @rsa, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 <> 1
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @certStore
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END


    PRINT 'Base64 signature: ' + @sigBase64

    EXEC @hr = sp_OADestroy @certStore
    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @cert
    EXEC @hr = sp_OADestroy @rsa


END
GO