|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) SSH HSM Public Key AuthenticationDemonstrates how to authenticate with an SSH server using public key authentication using an HSM (USB token or smartcard).
load ./chilkat.dll # This example assumes the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # Note: Chilkat's PKCS11 implementation runs on Windows, Linux, MacOs, and other supported operating systems. set pkcs11 [new_CkPkcs11] # This would be a path to a .dylib on MacOS, or a path to a .so shared lib on Linux. CkPkcs11_put_SharedLibPath $pkcs11 "C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll" set pin "0000" set userType 1 # Establish a PKCS11 logged-on session using the driver (.so, .dylib, or .dll) as specified in the SharedLibPath above. set success [CkPkcs11_QuickSession $pkcs11 $userType $pin] if {$success == 0} then { puts [CkPkcs11_lastErrorText $pkcs11] delete_CkPkcs11 $pkcs11 exit } # Set PKCS11 attributes to find our desired private key object. set json [new_CkJsonObject] CkJsonObject_UpdateString $json "class" "private_key" CkJsonObject_UpdateString $json "label" "MySshKey" # Get the PKCS11 handle to the private key located on the HSM. set priv_handle [CkPkcs11_FindObject $pkcs11 $json] # Get the PKCS11 handle to the corresponding public key located on the HSM. CkJsonObject_UpdateString $json "class" "public_key" set pub_handle [CkPkcs11_FindObject $pkcs11 $json] set key [new_CkSshKey] # The key type can be "rsa" or "ec" set keyType "rsa" set success [CkSshKey_UsePkcs11 $key $pkcs11 $priv_handle $pub_handle $keyType] if {$success == 0} then { puts [CkSshKey_lastErrorText $key] delete_CkPkcs11 $pkcs11 delete_CkJsonObject $json delete_CkSshKey $key exit } set ssh [new_CkSsh] set success [CkSsh_Connect $ssh "example.com" 22] if {$success != 1} then { puts [CkSsh_lastErrorText $ssh] delete_CkPkcs11 $pkcs11 delete_CkJsonObject $json delete_CkSshKey $key delete_CkSsh $ssh exit } # Authenticate with the SSH server using the login and # HSM private key. (The corresponding public key should've # been installed on the SSH server beforehand.) set success [CkSsh_AuthenticatePk $ssh "myLogin" $key] if {$success != 1} then { puts [CkSsh_lastErrorText $ssh] delete_CkPkcs11 $pkcs11 delete_CkJsonObject $json delete_CkSshKey $key delete_CkSsh $ssh exit } puts "Public-Key Authentication Successful!" delete_CkPkcs11 $pkcs11 delete_CkJsonObject $json delete_CkSshKey $key delete_CkSsh $ssh |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.