|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) RSA Sign with PKCS8 Encrypted KeyDemonstrates how to load a private key from an encrypted PKCS8 file and create an RSA digital signature (and then verify it). Note: This example requires Chilkat v11.0.0 or greater.
load ./chilkat.dll set success 0 # This example assumes the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. set privKey [new_CkPrivateKey] # Load the private key from an RSA PEM file: set success [CkPrivateKey_LoadAnyFormatFile $privKey "raul_privateKey.key" "a0123456789"] if {$success == 0} then { puts [CkPrivateKey_lastErrorText $privKey] delete_CkPrivateKey $privKey exit } set rsa [new_CkRsa] # Import the private key into the RSA component: set success [CkRsa_UsePrivateKey $rsa $privKey] if {$success == 0} then { puts [CkRsa_lastErrorText $rsa] delete_CkPrivateKey $privKey delete_CkRsa $rsa exit } # This example will sign a string, and receive the signature # in a hex-encoded string. Therefore, set the encoding mode # to "hex": CkRsa_put_EncodingMode $rsa "hex" set strData "This is the string to be signed." # Sign the string using the sha256 hash algorithm. # Other valid choices are sha1, sha384, sha512 and others. set hexSig [CkRsa_signStringENC $rsa $strData "sha256"] if {[CkRsa_get_LastMethodSuccess $rsa] == 0} then { puts [CkRsa_lastErrorText $rsa] delete_CkPrivateKey $privKey delete_CkRsa $rsa exit } puts "$hexSig" # Now verify with the public key. # This example shows how to use the public key from # a digital certificate (.cer file) set cert [new_CkCert] set success [CkCert_LoadFromFile $cert "raul_publicKey.cer"] if {$success == 0} then { puts [CkCert_lastErrorText $cert] delete_CkPrivateKey $privKey delete_CkRsa $rsa delete_CkCert $cert exit } set pubKey [new_CkPublicKey] CkCert_GetPublicKey $cert $pubKey set rsa2 [new_CkRsa] set success [CkRsa_UsePublicKey $rsa2 $pubKey] if {$success == 0} then { puts [CkRsa_lastErrorText $rsa2] delete_CkPrivateKey $privKey delete_CkRsa $rsa delete_CkCert $cert delete_CkPublicKey $pubKey delete_CkRsa $rsa2 exit } # Verify the signature against the original data: CkRsa_put_EncodingMode $rsa2 "hex" set success [CkRsa_VerifyStringENC $rsa2 $strData "sha256" $hexSig] if {$success == 0} then { puts [CkRsa_lastErrorText $rsa2] delete_CkPrivateKey $privKey delete_CkRsa $rsa delete_CkCert $cert delete_CkPublicKey $pubKey delete_CkRsa $rsa2 exit } puts "Signature verified!" # Verify with incorrect data: set success [CkRsa_VerifyStringENC $rsa2 "something else" "sha256" $hexSig] if {$success != 1} then { puts "Signature not verified! (which was expected in this case)" } else { puts "Hmmm... that's not right..." } delete_CkPrivateKey $privKey delete_CkRsa $rsa delete_CkCert $cert delete_CkPublicKey $pubKey delete_CkRsa $rsa2 |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.