Tcl
Tcl
Duplicate Java Secure Token Creation
See more RSA Examples
Demonstrates how to duplicate some Java code that creates an RSA signature to create a base64 token.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# This example duplicates the following Java code:
# public X509Certificate2 cert = new X509Certificate2(@"Some path to p12/p12file_name.p12","Password_for_p12");
#
# public string GenerateSignToken(double timeValidityMin){
# string equalsSign = ":=";
# string timeCreated = DateTime.Now.ToString("yyyy-MM-ddTHH:mm:ss.fffzzz");
# string tokenTimeInfo = "validityTimeMinutes" + equalsSign + timeValidityMin + ";"+"timeCreated" + equalsSign + timeCreated;
# string signature = SignData(tokenTimeInfo);
# string secureToken = tokenTimeInfo + ";" + "signature" + equalsSign + signature;
# return Base64UrlEncode(secureToken);
# }
#
# public string SignData(string stringToSign){
# byte[] dataToSign = Encoding.UTF8.GetBytes(stringToSign);
# RSACryptoServiceProvider privKey = (RSACryptoServiceProvider)cert.PrivateKey;
# CspKeyContainerInfo containerInfo = new RSACryptoServiceProvider().CspKeyContainerInfo;
# CspParameters cspparams = new CspParameters(containerInfo.ProviderType, containerInfo.ProviderName, privKey.CspKeyContainerInfo.KeyContainerName);
# privKey = new RSACryptoServiceProvider(cspparams);
# string id = CryptoConfig.MapNameToOID("SHA256");
# byte[] sign = privKey.SignData(dataToSign, id);
# bool res = privKey.VerifyData(dataToSign, id, sign);
# return Convert.ToBase64String(sign).Replace('+', '-').Replace('/', '_').Replace("=", "");
# }
#
# private static string Base64UrlEncode(string input){
# var inputBytes = Encoding.UTF8.GetBytes(input);
# return Convert.ToBase64String(inputBytes).Replace('+', '-').Replace('/', '_').Replace("=", "");
# }
set dt [new_CkDateTime]
CkDateTime_SetFromCurrentSystemTime $dt
set timeCreated [CkDateTime_getAsTimestamp $dt 1]
# Such as 2019-04-01T19:35:44-05:00
puts "$timeCreated"
set sbToken [new_CkStringBuilder]
CkStringBuilder_Append $sbToken "validityTimeMinutes:=10.0;timeCreated:="
CkStringBuilder_Append $sbToken $timeCreated
set cert [new_CkCert]
set success [CkCert_LoadPfxFile $cert "Some path to p12/p12file_name.p12" "Password_for_p12"]
if {$success != 1} then {
puts [CkCert_lastErrorText $cert]
delete_CkDateTime $dt
delete_CkStringBuilder $sbToken
delete_CkCert $cert
exit
}
set rsa [new_CkRsa]
set success [CkRsa_SetX509Cert $rsa $cert 1]
if {$success != 1} then {
puts [CkRsa_lastErrorText $rsa]
delete_CkDateTime $dt
delete_CkStringBuilder $sbToken
delete_CkCert $cert
delete_CkRsa $rsa
exit
}
CkRsa_put_EncodingMode $rsa "base64url"
set signature [CkRsa_signStringENC $rsa [CkStringBuilder_getAsString $sbToken] "sha256"]
if {[CkRsa_get_LastMethodSuccess $rsa] == 0} then {
puts [CkRsa_lastErrorText $rsa]
delete_CkDateTime $dt
delete_CkStringBuilder $sbToken
delete_CkCert $cert
delete_CkRsa $rsa
exit
}
CkStringBuilder_Append $sbToken ";signature:="
CkStringBuilder_Append $sbToken $signature
# Base64URL encode the result
CkStringBuilder_Encode $sbToken "base64url" "utf-8"
set token [CkStringBuilder_getAsString $sbToken]
puts "$token"
delete_CkDateTime $dt
delete_CkStringBuilder $sbToken
delete_CkCert $cert
delete_CkRsa $rsa