Sample code for 30+ languages & platforms
Tcl

Generate RSA Key and Sign a String

See more RSA Examples

Demonstrates how to generate a new RSA public/private key pair and use it to generate a signature for a string. The (binary) digital signature is returned as a hexidecimalized string.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set rsa [new_CkRsa]

# Generate a 2048-bit RSA key.
set privKey [new_CkPrivateKey]

set success [CkRsa_GenKey $rsa 2048 $privKey]

CkRsa_UsePrivateKey $rsa $privKey

# Return the signature in hex.
CkRsa_put_EncodingMode $rsa "hex"

set strData "This is the string to be signed."

# Sign the SHA256 hash of the string.
set hexSig [CkRsa_signStringENC $rsa $strData "sha256"]

puts "$hexSig"

# Now verify the signature:
set pubKey [new_CkPublicKey]

CkPrivateKey_ToPublicKey $privKey $pubKey
CkRsa_UsePublicKey $rsa $pubKey

set success [CkRsa_VerifyStringENC $rsa $strData "sha256" $hexSig]
if {$success == 1} then {
    puts "Signature verified!"
} else {
    puts [CkRsa_lastErrorText $rsa]
}

# Try it with an invalid signature:
set success [CkRsa_VerifyStringENC $rsa $strData "sha256" "not a valid sig"]
if {$success == 1} then {
    puts "Signature verified!"
} else {
    puts "Signature validation failed!"
}

# Try it with invalid data:
set success [CkRsa_VerifyStringENC $rsa "Not the original data" "sha256" $hexSig]
if {$success == 1} then {
    puts "Signature verified!"
} else {
    puts "Signature validation failed!"
}


delete_CkRsa $rsa
delete_CkPrivateKey $privKey
delete_CkPublicKey $pubKey