Sample code for 30+ languages & platforms
Tcl

Duplicate OpensSSL to Create Signature using Cert and Key Files

See more OpenSSL Examples

This example duplicates the following:
openssl smime –sign -in something.xml -out something.der -signer mycert.crt -inkey cert.key -outform der –nodetach

Note: Although "smime" is the OpenSSL command, it's not actually producing S/MIME. The arguments "-outform der -binary" indicates that the output is binary DER (i.e. the PKCS7 binary signature). The input can be any type of file: XML, PDF, JPG, ... *anything*...

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set crypt [new_CkCrypt2]

# Load the cert and private key from separate files.
set cert [new_CkCert]

set success [CkCert_LoadFromFile $cert "myCert.crt"]
if {$success != 1} then {
    puts [CkCert_lastErrorText $cert]
    delete_CkCrypt2 $crypt
    delete_CkCert $cert
    exit
}

set bd [new_CkBinData]

set success [CkBinData_LoadFile $bd "cert.key"]
set privkey [new_CkPrivateKey]

# Load from any format private key.
# If the file does not need a password, the 2nd arg is ignored.
set success [CkPrivateKey_LoadAnyFormat $privkey $bd "password_if_needed"]
if {$success != 1} then {
    puts [CkPrivateKey_lastErrorText $privkey]
    delete_CkCrypt2 $crypt
    delete_CkCert $cert
    delete_CkBinData $bd
    delete_CkPrivateKey $privkey
    exit
}

set success [CkCrypt2_SetSigningCert2 $crypt $cert $privkey]
if {$success != 1} then {
    puts [CkCrypt2_lastErrorText $crypt]
    delete_CkCrypt2 $crypt
    delete_CkCert $cert
    delete_CkBinData $bd
    delete_CkPrivateKey $privkey
    exit
}

# Create the opaque signature (PKCS7 binary DER that contains both the signature and original file data).
set success [CkCrypt2_CreateP7M $crypt "qa_data/infile.anything" "qa_output/outfile.der"]
if {$success != 1} then {
    puts [CkCrypt2_lastErrorText $crypt]
    delete_CkCrypt2 $crypt
    delete_CkCert $cert
    delete_CkBinData $bd
    delete_CkPrivateKey $privkey
    exit
}

puts "Success."

delete_CkCrypt2 $crypt
delete_CkCert $cert
delete_CkBinData $bd
delete_CkPrivateKey $privkey