Tcl
Tcl
RSA Hash Binary Data and Sign (and Verify)
See more RSA Examples
Demonstrates how to sign the hash of binary data. Also demonstrates how to verify the RSA signature.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Load an RSA private key for signing.
set privKey [new_CkPrivateKey]
set success [CkPrivateKey_LoadEncryptedPemFile $privKey "qa_data/pem/rsa_passwd.pem" "passwd"]
if {$success == 0} then {
puts [CkPrivateKey_lastErrorText $privKey]
delete_CkPrivateKey $privKey
exit
}
set rsa [new_CkRsa]
CkRsa_UsePrivateKey $rsa $privKey
# We have some binary data (in hex) to sign
set originalData "0102030405060708090A"
set bdData [new_CkBinData]
CkBinData_AppendEncoded $bdData $originalData "hex"
# Hash (SHA-256) and sign the hash:
set bdSignature [new_CkBinData]
set success [CkRsa_SignBd $rsa $bdData "sha256" $bdSignature]
if {$success == 0} then {
puts [CkRsa_lastErrorText $rsa]
delete_CkPrivateKey $privKey
delete_CkRsa $rsa
delete_CkBinData $bdData
delete_CkBinData $bdSignature
exit
}
# Show the RSA signature in base64
puts [CkBinData_getEncoded $bdSignature base64]
# ------------------------------------------
# Get the public key from the private key
set pubKey [new_CkPublicKey]
CkPrivateKey_ToPublicKey $privKey $pubKey
# Verify the signature..
set rsa2 [new_CkRsa]
CkRsa_UsePublicKey $rsa2 $pubKey
set bVerified [CkRsa_VerifyBd $rsa2 $bdData "sha256" $bdSignature]
puts "signature verified: $bVerified"
delete_CkPrivateKey $privKey
delete_CkRsa $rsa
delete_CkBinData $bdData
delete_CkBinData $bdSignature
delete_CkPublicKey $pubKey
delete_CkRsa $rsa2