Unicode C++
Unicode C++
SSH HSM Public Key Authentication
See more uncategorized Examples
Demonstrates how to authenticate with an SSH server using public key authentication using an HSM (USB token or smartcard).Chilkat Unicode C++ Downloads
#include <CkPkcs11W.h>
#include <CkJsonObjectW.h>
#include <CkSshKeyW.h>
#include <CkSshW.h>
void ChilkatSample(void)
{
bool success = false;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Note: Chilkat's PKCS11 implementation runs on Windows, Linux, MacOs, and other supported operating systems.
CkPkcs11W pkcs11;
// This would be a path to a .dylib on MacOS, or a path to a .so shared lib on Linux.
pkcs11.put_SharedLibPath(L"C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll");
const wchar_t *pin = L"0000";
int userType = 1;
// Establish a PKCS11 logged-on session using the driver (.so, .dylib, or .dll) as specified in the SharedLibPath above.
success = pkcs11.QuickSession(userType,pin);
if (success == false) {
wprintf(L"%s\n",pkcs11.lastErrorText());
return;
}
// Set PKCS11 attributes to find our desired private key object.
CkJsonObjectW json;
json.UpdateString(L"class",L"private_key");
json.UpdateString(L"label",L"MySshKey");
// Get the PKCS11 handle to the private key located on the HSM.
unsigned long priv_handle = pkcs11.FindObject(json);
// Get the PKCS11 handle to the corresponding public key located on the HSM.
json.UpdateString(L"class",L"public_key");
unsigned long pub_handle = pkcs11.FindObject(json);
CkSshKeyW key;
// The key type can be "rsa" or "ec"
const wchar_t *keyType = L"rsa";
success = key.UsePkcs11(pkcs11,priv_handle,pub_handle,keyType);
if (success == false) {
wprintf(L"%s\n",key.lastErrorText());
return;
}
CkSshW ssh;
success = ssh.Connect(L"example.com",22);
if (success != true) {
wprintf(L"%s\n",ssh.lastErrorText());
return;
}
// Authenticate with the SSH server using the login and
// HSM private key. (The corresponding public key should've
// been installed on the SSH server beforehand.)
success = ssh.AuthenticatePk(L"myLogin",key);
if (success != true) {
wprintf(L"%s\n",ssh.lastErrorText());
return;
}
wprintf(L"Public-Key Authentication Successful!\n");
}