Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Swift 3,4,5...) Import an SSH Key to an HSM using PKCS11See more PKCS11 ExamplesDemonstrates how to import an SSH private key to an HSM (smartcard or token). Note: This example requires Chilkat v9.5.0.96 or later.
func chilkatTest() { // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems. let pkcs11 = CkoPkcs11()! // Use the PKCS11 driver (.dll, .so, .dylib) for your particular HSM. // For example: pkcs11.sharedLibPath = "C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS11.dll" // Use your HSM's PIN. var pin: String? = "0000" // Normal user = 1 var userType: Int = 1 // Establish a logged-on user session with the HSM. var success: Bool = pkcs11.quickSession(userType, pin: pin) if success == false { print("\(pkcs11.lastErrorText!)") return } // Create a PKCS11 template for importing the SSH key. let jsonTemplate = CkoJsonObject()! // Indicate the key is to be stored on the token (i.e. it is not a session-only key) jsonTemplate.updateBool("token", value: true) // The key should have the ability to sign jsonTemplate.updateBool("sign", value: true) // Let's provide a few attributes to help us find the this key at a later time. // See SSH Public-Key Authentication using an HSM // The ID is byte data, so it should be base64 or hex. // Specify "id" if passing base64 data, "id_hex" for hexidecimal, or "id_ascii" for directly copying the ascii bytes of the string. // You can provide any ID of your choice. It is optional. jsonTemplate.update("id_hex", value: "0A0B0C0D01020304") // Optionally specify a label. jsonTemplate.update("label", value: "MySshKey") // Load the SSH key to be imported to the HSM (smartcard or token) let sshKey = CkoSshKey()! sshKey.password = "password_of_the_encrypted_ppk_file" var ppkContents: String? = sshKey.loadText("c:/my_ssh_keys/someSshKey.ppk") success = sshKey.fromPuttyPrivateKey(ppkContents) if success == false { print("\(sshKey.lastErrorText!)") return } // Import the SSH private key onto the HSM. // The PKCS11 handle to the imported private key is returned. // A 0 is returned on failure. var privKeyHandle: UInt32 = pkcs11.import(sshKey, jsonTemplate: jsonTemplate) if privKeyHandle == 0 { print("\(pkcs11.lastErrorText!)") return } // The private key handle is only valid during the PKCS11 session. // If you wish to use the private key in another PKCS11 session, // you'll first need to find it. See SSH Public-Key Authentication using a Smartcard print("private key handle: \(privKeyHandle)") print("Successfully imported the SSH key onto the HSM.") pkcs11.logout() pkcs11.closeSession() } |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.