Tcl
Tcl
RSA Signature with Certificate's Private Key from PFX
See more RSA Examples
Demonstrates how to use a certificate's private key from a PFX file to create an RSA signature.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Create an instance of a certificate store object, load a PFX file,
# locate the certificate we need, and use it for signing.
# (a PFX file may contain more than one certificate.)
set certStore [new_CkCertStore]
# The 1st argument is the filename, the 2nd arg is the
# PFX file's password:
set success [CkCertStore_LoadPfxFile $certStore "chilkat.pfx" "test"]
if {$success == 0} then {
puts [CkCertStore_lastErrorText $certStore]
delete_CkCertStore $certStore
exit
}
# Find the certificate by the subject common name:
set jsonCN [new_CkJsonObject]
CkJsonObject_UpdateString $jsonCN "CN" "cert common name"
set cert [new_CkCert]
set success [CkCertStore_FindCert $certStore $jsonCN $cert]
if {$success == 0} then {
puts [CkCertStore_lastErrorText $certStore]
delete_CkCertStore $certStore
delete_CkJsonObject $jsonCN
delete_CkCert $cert
exit
}
set privKey [new_CkPrivateKey]
set success [CkCert_GetPrivateKey $cert $privKey]
if {$success == 0} then {
puts [CkCert_lastErrorText $cert]
delete_CkCertStore $certStore
delete_CkJsonObject $jsonCN
delete_CkCert $cert
delete_CkPrivateKey $privKey
exit
}
set rsa [new_CkRsa]
set success [CkRsa_UsePrivateKey $rsa $privKey]
if {$success == 0} then {
puts [CkRsa_lastErrorText $rsa]
delete_CkCertStore $certStore
delete_CkJsonObject $jsonCN
delete_CkCert $cert
delete_CkPrivateKey $privKey
delete_CkRsa $rsa
exit
}
# Encode the signature as a hex string
CkRsa_put_EncodingMode $rsa "hex"
set strData "This is the string to be signed."
# Sign the string using the sha-1 hash algorithm.
# Other valid choices are "sha-256", "md2" and "md5".
set hexSig [CkRsa_signStringENC $rsa $strData "sha-1"]
puts "$hexSig"
puts "Success!"
delete_CkCertStore $certStore
delete_CkJsonObject $jsonCN
delete_CkCert $cert
delete_CkPrivateKey $privKey
delete_CkRsa $rsa