|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Sign String to create a CAdES-T SignatureThis example will sign a string to create a CAdEST-T signature. Note: This example requires Chilkat v9.5.0.78 or greater.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. set crypt [new_CkCrypt2] # This example will use the certificate + private key currently inserted into a smartcard reader. set cert [new_CkCert] # If we wish to provide the smartcard PIN (otherwise the user will be prompted by the operating system). CkCert_put_SmartCardPin $cert "000000" set success [CkCert_LoadFromSmartcard $cert ""] if {$success != 1} then { puts [CkCert_lastErrorText $cert] delete_CkCrypt2 $crypt delete_CkCert $cert exit } # Note: It is also possible to use certs from .pfx/.p12, .pem, or other sources such as # pre-installed Windows certificates. set success [CkCrypt2_SetSigningCert $crypt $cert] # Use SHA-256 rather than the default of SHA-1 CkCrypt2_put_HashAlgorithm $crypt "sha256" # Create JSON that tells Chilkat what signing attributes to include: set attrs [new_CkJsonObject] CkJsonObject_UpdateBool $attrs "contentType" 1 CkJsonObject_UpdateBool $attrs "signingTime" 1 CkJsonObject_UpdateBool $attrs "messageDigest" 1 CkJsonObject_UpdateBool $attrs "signingCertificateV2" 1 # A CAdES-T signature is one that includes a timestampToken created by an online TSA (time stamping authority). # We must include the TSA's URL, as well as a few options to indicate what is desired. # Except for the TSA URL, the options shown here are typically what you would need. CkJsonObject_UpdateBool $attrs "timestampToken.enabled" 1 CkJsonObject_UpdateString $attrs "timestampToken.tsaUrl" "https://freetsa.org/tsr" CkJsonObject_UpdateBool $attrs "timestampToken.addNonce" 0 CkJsonObject_UpdateBool $attrs "timestampToken.requestTsaCert" 1 CkJsonObject_UpdateString $attrs "timestampToken.hashAlg" "sha256" CkCrypt2_put_SigningAttributes $crypt [CkJsonObject_emit $attrs] set strToSign "THIS IS MY ID" set bd [new_CkBinData] CkBinData_AppendString $bd $strToSign "utf-8" # This creates the CAdES-T signature. During the signature creation, it # communicates with the TSA to get a timestampToken. # The contents of bd are signed and replaced with the CAdES-T signature (which embeds the original content). set success [CkCrypt2_OpaqueSignBd $crypt $bd] if {$success != 1} then { puts [CkCrypt2_lastErrorText $crypt] delete_CkCrypt2 $crypt delete_CkCert $cert delete_CkJsonObject $attrs delete_CkBinData $bd exit } # Get the signature in base64 format: puts [CkBinData_getEncoded $bd base64_mime] # Or save the signature to a file. CkBinData_WriteFile $bd "qa_output/cades-t_sample.p7m" puts "Success." delete_CkCrypt2 $crypt delete_CkCert $cert delete_CkJsonObject $attrs delete_CkBinData $bd |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.