Tcl
Tcl
Verfies an RSA Signature
See more Apple Keychain Examples
Verifies an RSA signature against the original data.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# The following data was signed by the following example:
# RSA Sign using a Private Key on a USB Token or Smartcard
set bd [new_CkBinData]
for {set i 0} {$i <= 100} {incr i} {
CkBinData_AppendEncoded $bd "000102030405060708090A0B0C0D0E0F" "hex"
}
# Load the signature
set bdSig [new_CkBinData]
set success [CkBinData_LoadFile $bdSig "rsaSignatures/test1.sig"]
if {$success == 0} then {
puts "Failed to load the RSA signature"
delete_CkBinData $bd
delete_CkBinData $bdSig
exit
}
# Get the public key to be used for signature verification.
set pubKey [new_CkPublicKey]
set success [CkPublicKey_LoadFromFile $pubKey "rsaKeys/chilkat-rsa-2048.pem"]
if {$success == 0} then {
puts [CkPublicKey_lastErrorText $pubKey]
delete_CkBinData $bd
delete_CkBinData $bdSig
delete_CkPublicKey $pubKey
exit
}
set rsa [new_CkRsa]
set success [CkRsa_UsePublicKey $rsa $pubKey]
if {$success == 0} then {
puts [CkRsa_lastErrorText $rsa]
delete_CkBinData $bd
delete_CkBinData $bdSig
delete_CkPublicKey $pubKey
delete_CkRsa $rsa
exit
}
# Verify the hash of the data against the signature.
# We pass in the original data. Internally, the hash is generated
# and used to validate the signature.
# Validating the RSA signature means two things:
# (1) the original data is exactly what was signed, and
# (2) it was signed by the owner of the RSA private key.
set success [CkRsa_VerifyBd $rsa $bd "sha256" $bdSig]
if {$success == 0} then {
puts [CkRsa_lastErrorText $rsa]
puts "Signature invalid."
} else {
puts "Signature valid."
}
delete_CkBinData $bd
delete_CkBinData $bdSig
delete_CkPublicKey $pubKey
delete_CkRsa $rsa