|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) RSA Sign with PKCS8 Encrypted KeyDemonstrates how to load a private key from an encrypted PKCS8 file and create an RSA digital signature (and then verify it).
load ./chilkat.dll # This example assumes the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. set pkey [new_CkPrivateKey] # Load the private key from an RSA PEM file: set success [CkPrivateKey_LoadPkcs8EncryptedFile $pkey "raul_privateKey.key" "a0123456789"] # Get the private key in XML format: set pkeyXml [CkPrivateKey_getXml $pkey] set rsa [new_CkRsa] # Import the private key into the RSA component: set success [CkRsa_ImportPrivateKey $rsa $pkeyXml] if {$success != 1} then { puts [CkRsa_lastErrorText $rsa] delete_CkPrivateKey $pkey delete_CkRsa $rsa exit } # This example will sign a string, and receive the signature # in a hex-encoded string. Therefore, set the encoding mode # to "hex": CkRsa_put_EncodingMode $rsa "hex" set strData "This is the string to be signed." # Sign the string using the sha-1 hash algorithm. # Other valid choices are "md2" and "md5". set hexSig [CkRsa_signStringENC $rsa $strData "sha-1"] puts "$hexSig" # Now verify with the public key. # This example shows how to use the public key from # a digital certificate (.cer file) set cert [new_CkCert] set success [CkCert_LoadFromFile $cert "raul_publicKey.cer"] if {$success != 1} then { puts [CkCert_lastErrorText $cert] delete_CkPrivateKey $pkey delete_CkRsa $rsa delete_CkCert $cert exit } # pubKey is a CkPublicKey set pubKey [CkCert_ExportPublicKey $cert] # Get the private key in XML format: set pubKeyXml [CkPublicKey_getXml $pubKey] set rsa2 [new_CkRsa] set success [CkRsa_ImportPublicKey $rsa2 $pubKeyXml] if {$success != 1} then { puts [CkRsa_lastErrorText $rsa2] delete_CkPrivateKey $pkey delete_CkRsa $rsa delete_CkCert $cert delete_CkRsa $rsa2 exit } # Verify the signature against the original data: CkRsa_put_EncodingMode $rsa2 "hex" set success [CkRsa_VerifyStringENC $rsa2 $strData "sha-1" $hexSig] if {$success != 1} then { puts [CkRsa_lastErrorText $rsa2] delete_CkPrivateKey $pkey delete_CkRsa $rsa delete_CkCert $cert delete_CkRsa $rsa2 exit } puts "Signature verified!" # Verify with incorrect data: set success [CkRsa_VerifyStringENC $rsa2 "something else" "sha-1" $hexSig] if {$success != 1} then { puts "Signature not verified! (which was expected in this case)" } else { puts "Hmmm... that's not right..." } delete_CkPublicKey $pubKey delete_CkPrivateKey $pkey delete_CkRsa $rsa delete_CkCert $cert delete_CkRsa $rsa2 |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.