Sample code for 30+ languages & platforms
Tcl

Sign MIME using RSASSA-PSS with SHA256

See more MIME Examples

Demonstrates how to sign an MIME using the RSASSA-PSS signing algorithm with the SHA256 hash algorithm.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set mime [new_CkMime]

# Create a MIME message to sign.
CkMime_NewMultipartMixed $mime
CkMime_AddHeaderField $mime "someHeader1" "Some value 1"
CkMime_AddHeaderField $mime "someHeader2" "Some value 2"

set part0 [new_CkMime]

CkMime_AddHeaderField $part0 "hdrA" "Some value A"
CkMime_AddHeaderField $part0 "hdrB" "Some value B"
CkMime_put_ContentType $part0 "text/plain"
CkMime_SetBody $part0 "This is the plain-text body."

set part1 [new_CkMime]

CkMime_AddHeaderField $part1 "hdrX" "Some value X"
CkMime_AddHeaderField $part1 "hdrY" "Some value Y"
CkMime_put_ContentType $part1 "text/xml"
CkMime_SetBody $part1 "<a>This is the XML body</a>"

CkMime_AppendPart $mime $part0
CkMime_AppendPart $mime $part1

# The MIME to be signed:
set sbUnsignedMime [new_CkStringBuilder]

CkMime_GetMimeSb $mime $sbUnsignedMime
puts [CkStringBuilder_getAsString $sbUnsignedMime]

# 	Content-Type: multipart/mixed; boundary="------------080303020600020604010008"
# 	someHeader1: Some value 1
# 	someHeader2: Some value 2
# 
# 	--------------080303020600020604010008
# 	hdrA: Some value A
# 	hdrB: Some value B
# 	Content-Type: text/plain
# 
# 	This is the plain-text body.
# 	--------------080303020600020604010008
# 	hdrX: Some value X
# 	hdrY: Some value Y
# 	Content-Type: text/xml
# 
# 	<a>This is the XML body</a>
# 	--------------080303020600020604010008--
# 

# Get a digital certificate with private key from a .pfx
# (Chilkat has many different ways to provide a cert + private key for siging.
# Using a PFX is just one possible option.)
set pfx [new_CkPfx]

set success [CkPfx_LoadPfxFile $pfx "qa_data/rsassa-pss/privatekey.pfx" "PFX_PASSWORD"]
if {$success == 0} then {
    puts [CkPfx_lastErrorText $pfx]
    delete_CkMime $mime
    delete_CkMime $part0
    delete_CkMime $part1
    delete_CkStringBuilder $sbUnsignedMime
    delete_CkPfx $pfx
    exit
}

# Get the certificate to be used for signing.
# (The typical case for a PFX is that it contains a cert with an associated private key,
# as well as other certificates in the chain of authentication.  The cert with the private
# key should be in the first position at index 0.)

set cert [new_CkCert]

set success [CkPfx_CertAt $pfx 0 $cert]
if {$success == 0} then {
    puts [CkPfx_lastErrorText $pfx]
    delete_CkMime $mime
    delete_CkMime $part0
    delete_CkMime $part1
    delete_CkStringBuilder $sbUnsignedMime
    delete_CkPfx $pfx
    delete_CkCert $cert
    exit
}

# Indicate that RSASSA-PSS with SHA256 should be used.
CkMime_put_SigningAlg $mime "pss"
CkMime_put_SigningHashAlg $mime "sha256"

# Add a detached signature.
set success [CkMime_AddDetachedSignature $mime $cert]
if {$success != 1} then {
    puts [CkMime_lastErrorText $mime]
    delete_CkMime $mime
    delete_CkMime $part0
    delete_CkMime $part1
    delete_CkStringBuilder $sbUnsignedMime
    delete_CkPfx $pfx
    delete_CkCert $cert
    exit
}

# Show the clear-signed MIME. (see the sample output below)
puts "-------------------------------------------------------------"
puts "Clear-signed MIME using detached signature:"
puts "-------------------------------------------------------------"
puts [CkMime_getMime $mime]

# Restore the original unsigned MIME, and this time create an opaque signature.
CkMime_LoadMime $mime [CkStringBuilder_getAsString $sbUnsignedMime]

# Sign using an opaque signature
set success [CkMime_ConvertToSigned $mime $cert]
if {$success != 1} then {
    puts [CkMime_lastErrorText $mime]
    delete_CkMime $mime
    delete_CkMime $part0
    delete_CkMime $part1
    delete_CkStringBuilder $sbUnsignedMime
    delete_CkPfx $pfx
    delete_CkCert $cert
    exit
}

# Show the opaque-signed MIME. (see the sample output below)
puts "-------------------------------------------------------------"
puts "Opaque-signed MIME :"
puts "-------------------------------------------------------------"
puts [CkMime_getMime $mime]
puts "Success."

# -----------------------------------------------
# This is sample output for the clear-signed MIME:
# -----------------------------------------------
# 
# 	Content-Type: multipart/signed; boundary="----=_NextPart_672_c95a_97b64c9a.90b5204d";
# 	 protocol="application/x-pkcs7-signature";
# 	 micalg=sha256
# 
# 	------=_NextPart_672_c95a_97b64c9a.90b5204d
# 	Content-Type: multipart/mixed; boundary="------------030207090102000301050504"
# 	someHeader1: Some value 1
# 	someHeader2: Some value 2
# 
# 	--------------030207090102000301050504
# 	hdrA: Some value A
# 	hdrB: Some value B
# 	Content-Type: text/plain
# 
# 	This is the plain-text body.
# 	--------------030207090102000301050504
# 	hdrX: Some value X
# 	hdrY: Some value Y
# 	Content-Type: text/xml
# 
# 	<a>This is the XML body</a>
# 	--------------030207090102000301050504--
# 
# 	------=_NextPart_672_c95a_97b64c9a.90b5204d
# 	Content-Transfer-Encoding: base64
# 	Content-Type: application/x-pkcs7-signature; name="smime.p7s"
# 	Content-Disposition: attachment; filename="smime.p7s"
# 
# 	MIIG5wYJKoZIhvcNAQcCoIIG2DCCBtQCAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0BBwGg
# 	ggL4MIIC9DCCAl2gAwIBAgIJAMPsJCT11cniMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJB
# 	VTERMA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEhMB8GA1UECgwYSW50ZXJu
# 	ZXQgV2lkZ2l0cyBQdHkgTHRkMQ8wDQYDVQQDDAZXaWRnZXQxKDAmBgkqhkiG9w0BCQEWGWFkbWlu
# 	QGludGVybmV0d2lkZ2V0cy5jb20wHhcNMTYxMTAxMTY1MjMyWhcNMjExMDMxMTY1MjMyWjCBkjEL
# 	MAkGA1UEBhMCQVUxETAPBgNVBAgMCFZpY3RvcmlhMRIwEAYDVQQHDAlNZWxib3VybmUxITAfBgNV
# 	BAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1UEAwwGV2lkZ2V0MSgwJgYJKoZIhvcN
# 	AQkBFhlhZG1pbkBpbnRlcm5ldHdpZGdldHMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
# 	gQDGIdoCjyavs+F/Rm0VIB4m6O7VL1j+1IqieoR9NEX2GQvu2VCdceyxf9qaw1bxipEvjLwUkw7M
# 	e+BTlLpWQbBMH87s6KpsC8MVyXhMLpP0oM8NFix/vLz2wdLhUh7CZvJA0plqkJk9bj57QIu+EO1k
# 	tUHM2DFb6sckvCL2yybD1wIDAQABo1AwTjAdBgNVHQ4EFgQUONKKu2zsXIrinWxIGT654vrcQwsw
# 	HwYDVR0jBBgwFoAUONKKu2zsXIrinWxIGT654vrcQwswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
# 	AQsFAAOBgQArFvdi5u9i2QF1Qw+cdC1l7w2Y3+q6RIkln2W8rWJFje00644o8hXy7v46giJCedmF
# 	ULlhm1n7XIsZGy2W3lJ77v5agn9gFwXu1h3cqkGXkoteE6SQJQXWgsW3GWPveObvTL8LF4y57fgM
# 	9ZWS+V9MJajeu44Rf/tU17TLYKjvEjGCA7MwggOvAgEBMIGgMIGSMQswCQYDVQQGEwJBVTERMA8G
# 	A1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lk
# 	Z2l0cyBQdHkgTHRkMQ8wDQYDVQQDDAZXaWRnZXQxKDAmBgkqhkiG9w0BCQEWGWFkbWluQGludGVy
# 	bmV0d2lkZ2V0cy5jb20CCQDD7CQk9dXJ4jANBglghkgBZQMEAgEFAKCCAjQwGAYJKoZIhvcNAQkD
# 	MQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTcwNDIwMTU1NDMyWjAvBgkqhkiG9w0BCQQx
# 	IgQgFEtkdw1+iBXvplXCUkOPlq66b+mDg+HBcChLn5YowD8wXwYJKoZIhvcNAQkPMVIwUDALBglg
# 	hkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsO
# 	AwIHMA0GCCqGSIb3DQMCAgEoMIGxBgkrBgEEAYI3EAQxgaMwgaAwgZIxCzAJBgNVBAYTAkFVMREw
# 	DwYDVQQIDAhWaWN0b3JpYTESMBAGA1UEBwwJTWVsYm91cm5lMSEwHwYDVQQKDBhJbnRlcm5ldCBX
# 	aWRnaXRzIFB0eSBMdGQxDzANBgNVBAMMBldpZGdldDEoMCYGCSqGSIb3DQEJARYZYWRtaW5AaW50
# 	ZXJuZXR3aWRnZXRzLmNvbQIJAMPsJCT11cniMIGzBgsqhkiG9w0BCRACCzGBo6CBoDCBkjELMAkG
# 	A1UEBhMCQVUxETAPBgNVBAgMCFZpY3RvcmlhMRIwEAYDVQQHDAlNZWxib3VybmUxITAfBgNVBAoM
# 	GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1UEAwwGV2lkZ2V0MSgwJgYJKoZIhvcNAQkB
# 	FhlhZG1pbkBpbnRlcm5ldHdpZGdldHMuY29tAgkAw+wkJPXVyeIwPQYJKoZIhvcNAQEKMDCgDTAL
# 	BglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASAEgYAvqIqKBzNXyVbh
# 	TmaxdAc4d0ZTqWT6Na3C+DMO8owSKWy5FdGbJ2DLKm92qe/KLPTcj51vuwLUQb0Sw7r5Xknl+/6p
# 	Eqn2qe/6hgDn06vvzNofVAweOtSVJsBO7/cYYPc+pXZZ2BcpZDdf/9Ci56Yrlk7A72BeqPe47J3F
# 	neC8qw==
# 
# 	------=_NextPart_672_c95a_97b64c9a.90b5204d--
# 

# -----------------------------------------------
# This is sample output for the opaque-signed MIME:
# -----------------------------------------------
# 	Content-Type: application/x-pkcs7-mime; name="smime.p7m"; smime-type="signed-data"
# 	someHeader1: Some value 1
# 	someHeader2: Some value 2
# 	Content-Disposition: attachment; filename="smime.p7m"
# 	Content-Transfer-Encoding: base64
# 
# 	MIIItAYJKoZIhvcNAQcCoIIIpTCCCKECAQExDzANBglghkgBZQMEAgEFADCCAdYGCSqGSIb3DQEH
# 	AaCCAccEggHDQ29udGVudC1UeXBlOiBtdWx0aXBhcnQvbWl4ZWQ7IGJvdW5kYXJ5PSItLS0tLS0t
# 	LS0tLS0wMDA2MDcwNzA3MDcwMTA1MDAwMTA5MDciDQpzb21lSGVhZGVyMTogU29tZSB2YWx1ZSAx
# 	DQpzb21lSGVhZGVyMjogU29tZSB2YWx1ZSAyDQoNCi0tLS0tLS0tLS0tLS0tMDAwNjA3MDcwNzA3
# 	MDEwNTAwMDEwOTA3DQpoZHJBOiBTb21lIHZhbHVlIEENCmhkckI6IFNvbWUgdmFsdWUgQg0KQ29u
# 	dGVudC1UeXBlOiB0ZXh0L3BsYWluDQoNClRoaXMgaXMgdGhlIHBsYWluLXRleHQgYm9keS4NCi0t
# 	LS0tLS0tLS0tLS0tMDAwNjA3MDcwNzA3MDEwNTAwMDEwOTA3DQpoZHJYOiBTb21lIHZhbHVlIFgN
# 	Cmhkclk6IFNvbWUgdmFsdWUgWQ0KQ29udGVudC1UeXBlOiB0ZXh0L3htbA0KDQo8YT5UaGlzIGlz
# 	IHRoZSBYTUwgYm9keTwvYT4NCi0tLS0tLS0tLS0tLS0tMDAwNjA3MDcwNzA3MDEwNTAwMDEwOTA3
# 	LS0NCqCCAvgwggL0MIICXaADAgECAgkAw+wkJPXVyeIwDQYJKoZIhvcNAQELBQAwgZIxCzAJBgNV
# 	BAYTAkFVMREwDwYDVQQIDAhWaWN0b3JpYTESMBAGA1UEBwwJTWVsYm91cm5lMSEwHwYDVQQKDBhJ
# 	bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDzANBgNVBAMMBldpZGdldDEoMCYGCSqGSIb3DQEJARYZ
# 	YWRtaW5AaW50ZXJuZXR3aWRnZXRzLmNvbTAeFw0xNjExMDExNjUyMzJaFw0yMTEwMzExNjUyMzJa
# 	MIGSMQswCQYDVQQGEwJBVTERMA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEh
# 	MB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ8wDQYDVQQDDAZXaWRnZXQxKDAmBgkq
# 	hkiG9w0BCQEWGWFkbWluQGludGVybmV0d2lkZ2V0cy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0A
# 	MIGJAoGBAMYh2gKPJq+z4X9GbRUgHibo7tUvWP7UiqJ6hH00RfYZC+7ZUJ1x7LF/2prDVvGKkS+M
# 	vBSTDsx74FOUulZBsEwfzuzoqmwLwxXJeEwuk/Sgzw0WLH+8vPbB0uFSHsJm8kDSmWqQmT1uPntA
# 	i74Q7WS1QczYMVvqxyS8IvbLJsPXAgMBAAGjUDBOMB0GA1UdDgQWBBQ40oq7bOxciuKdbEgZPrni
# 	+txDCzAfBgNVHSMEGDAWgBQ40oq7bOxciuKdbEgZPrni+txDCzAMBgNVHRMEBTADAQH/MA0GCSqG
# 	SIb3DQEBCwUAA4GBACsW92Lm72LZAXVDD5x0LWXvDZjf6rpEiSWfZbytYkWN7TTrjijyFfLu/jqC
# 	IkJ52YVQuWGbWftcixkbLZbeUnvu/lqCf2AXBe7WHdyqQZeSi14TpJAlBdaCxbcZY+945u9MvwsX
# 	jLnt+Az1lZL5X0wlqN67jhF/+1TXtMtgqO8SMYIDszCCA68CAQEwgaAwgZIxCzAJBgNVBAYTAkFV
# 	MREwDwYDVQQIDAhWaWN0b3JpYTESMBAGA1UEBwwJTWVsYm91cm5lMSEwHwYDVQQKDBhJbnRlcm5l
# 	dCBXaWRnaXRzIFB0eSBMdGQxDzANBgNVBAMMBldpZGdldDEoMCYGCSqGSIb3DQEJARYZYWRtaW5A
# 	aW50ZXJuZXR3aWRnZXRzLmNvbQIJAMPsJCT11cniMA0GCWCGSAFlAwQCAQUAoIICNDAYBgkqhkiG
# 	9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNzA0MjAxNTU4NTNaMC8GCSqGSIb3
# 	DQEJBDEiBCBWTSl3s251U8fqOeSAzUp1Yue53X+UCWT0ux+fclE4FDBfBgkqhkiG9w0BCQ8xUjBQ
# 	MAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAw
# 	BwYFKw4DAgcwDQYIKoZIhvcNAwICASgwgbEGCSsGAQQBgjcQBDGBozCBoDCBkjELMAkGA1UEBhMC
# 	QVUxETAPBgNVBAgMCFZpY3RvcmlhMRIwEAYDVQQHDAlNZWxib3VybmUxITAfBgNVBAoMGEludGVy
# 	bmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1UEAwwGV2lkZ2V0MSgwJgYJKoZIhvcNAQkBFhlhZG1p
# 	bkBpbnRlcm5ldHdpZGdldHMuY29tAgkAw+wkJPXVyeIwgbMGCyqGSIb3DQEJEAILMYGjoIGgMIGS
# 	MQswCQYDVQQGEwJBVTERMA8GA1UECAwIVmljdG9yaWExEjAQBgNVBAcMCU1lbGJvdXJuZTEhMB8G
# 	A1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ8wDQYDVQQDDAZXaWRnZXQxKDAmBgkqhkiG
# 	9w0BCQEWGWFkbWluQGludGVybmV0d2lkZ2V0cy5jb20CCQDD7CQk9dXJ4jA9BgkqhkiG9w0BAQow
# 	MKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIASBgILtktxt
# 	tXWMWio7hLcvHUWk0Q3jP3rRdgNhcd/NdZsgDFP9/aq8/nHLLHSWfSh1PH+eZeKJwXxUH4Lwk6Sm
# 	xFt97jyi3HaC3fezUSEqyg5WFG6fwOZGK4qF0WF+q29lvyNyV3iIQgDWxZQOcVL2fhpqUjoytkxj
# 	/QTfrLOuzXKy
# 

delete_CkMime $mime
delete_CkMime $part0
delete_CkMime $part1
delete_CkStringBuilder $sbUnsignedMime
delete_CkPfx $pfx
delete_CkCert $cert