|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Create a CAdES-T SignatureDemonstrates how to create a signature with an external timestamp that certifies the time of signing. This requires an online TSA (Time Stamping Authority) service that is capable of producing RFC 3161 compliant timestamps. Note: This example requires Chilkat v9.5.0.78 or greater.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. set crypt [new_CkCrypt2] # This example will use a certificate + private key from a .pfx/.p12 file. # On Windows systems, it is also possible to use certs on smartcards/usb tokens or certs pre-installed in the Windows registry. set cert [new_CkCert] set pfxPath "qa_data/pfx/myCertAndKey.p12" set pfxPassword "test123" set success [CkCert_LoadPfxFile $cert $pfxPath $pfxPassword] if {$success != 1} then { puts [CkCert_lastErrorText $cert] delete_CkCrypt2 $crypt delete_CkCert $cert exit } set success [CkCrypt2_SetSigningCert $crypt $cert] # Use SHA-256 rather than the default of SHA-1 CkCrypt2_put_HashAlgorithm $crypt "sha256" # Create JSON that tells Chilkat what signing attributes to include: set attrs [new_CkJsonObject] CkJsonObject_UpdateBool $attrs "contentType" 1 CkJsonObject_UpdateBool $attrs "signingTime" 1 CkJsonObject_UpdateBool $attrs "messageDigest" 1 CkJsonObject_UpdateBool $attrs "signingCertificateV2" 1 # A CAdES-T signature is one that includes a timestampToken created by an online TSA (time stamping authority). # We must include the TSA's URL, as well as a few options to indicate what is desired. # Except for the TSA URL, the options shown here are typically what you would need. CkJsonObject_UpdateBool $attrs "timestampToken.enabled" 1 CkJsonObject_UpdateString $attrs "timestampToken.tsaUrl" "https://freetsa.org/tsr" CkJsonObject_UpdateBool $attrs "timestampToken.addNonce" 0 CkJsonObject_UpdateBool $attrs "timestampToken.requestTsaCert" 1 CkJsonObject_UpdateString $attrs "timestampToken.hashAlg" "sha256" CkCrypt2_put_SigningAttributes $crypt [CkJsonObject_emit $attrs] set inFile "qa_data/json/sample.json" set outFile "qa_output/sample_cades_t.p7m" # This creates the CAdES-T signature. During the signature creation, it # communicates with the TSA to get a timestampToken. set success [CkCrypt2_CreateP7M $crypt $inFile $outFile] if {$success != 1} then { puts [CkCrypt2_lastErrorText $crypt] delete_CkCrypt2 $crypt delete_CkCert $cert delete_CkJsonObject $attrs exit } puts "Success." delete_CkCrypt2 $crypt delete_CkCert $cert delete_CkJsonObject $attrs |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.