Sample code for 30+ languages & platforms
Tcl

Apple Keychain - Create RSA Signature

See more Apple Keychain Examples

Using an RSA private key stored in the Apple Keychain, create a signature by signing the SHA-256 hash of the provided string, then return the signature encoded in Base64 format.

Note: This example requires Chilkat v10.0.0 or greater.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set cert [new_CkCert]

# On MacOS and iOS, the LoadByCommonName function will search the Apple Keychain for the matching certificate.

# A digital certificate's Common Name (CN) is a field in the certificate that specifies the name of the entity the 
# certificate is issued to. It is often used to identify the domain name, hostname, or organization the certificate represents. 

# For example:
# - In an SSL/TLS certificate for a website, the CN typically contains the domain name (e.g., "www.example.com").
# - For certificates representing individuals or organizations, the CN might include the person's name or the organization's name.

# The CN is part of the certificate's Subject field and is crucial for verifying that the certificate corresponds 
# to the intended entity, especially in SSL/TLS communications.

set success [CkCert_LoadByCommonName $cert "Example, Inc."]
if {$success == 0} then {
    puts [CkCert_lastErrorText $cert]
    delete_CkCert $cert
    exit
}

set rsa [new_CkRsa]

set success [CkRsa_SetX509Cert $rsa $cert 1]
if {$success == 0} then {
    puts [CkRsa_lastErrorText $rsa]
    delete_CkCert $cert
    delete_CkRsa $rsa
    exit
}

# Generate an RSA signature by signing the SHA-256 hash of the provided string, 
# then return the signature encoded in Base64 format.
CkRsa_put_EncodingMode $rsa "base64"
set sigBase64 [CkRsa_signStringENC $rsa "to be signed" "sha256"]
if {[CkRsa_get_LastMethodSuccess $rsa] == 0} then {
    puts [CkRsa_lastErrorText $rsa]
    delete_CkCert $cert
    delete_CkRsa $rsa
    exit
}

puts "RSA Signature:"
puts "$sigBase64"

delete_CkCert $cert
delete_CkRsa $rsa