(Unicode C) Signing HTTP Messages

Demonstrates how to sign HTTP messages per draft-cavage-http-signatures-10

For more information, see https://tools.ietf.org/html/draft-cavage-http-signatures-10

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkStringBuilderW.h>
#include <C_CkPublicKeyW.h>
#include <C_CkPrivateKeyW.h>
#include <C_CkDateTimeW.h>
#include <C_CkRsaW.h>

void ChilkatSample(void)
    {
    BOOL success;
    BOOL bCrlf;
    HCkStringBuilderW sbPublicKeyPem;
    HCkPublicKeyW pubKey;
    HCkStringBuilderW sbPrivateKeyPem;
    HCkPrivateKeyW privKey;
    HCkDateTimeW dtNow;
    const wchar_t *dateStr;
    HCkRsaW rsa;
    HCkStringBuilderW sbStringToSign;
    const wchar_t *b64Signature;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    bCrlf = TRUE;
    sbPublicKeyPem = CkStringBuilderW_Create();
    CkStringBuilderW_AppendLine(sbPublicKeyPem,L"-----BEGIN PUBLIC KEY-----",bCrlf);
    CkStringBuilderW_AppendLine(sbPublicKeyPem,L"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3",bCrlf);
    CkStringBuilderW_AppendLine(sbPublicKeyPem,L"6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6",bCrlf);
    CkStringBuilderW_AppendLine(sbPublicKeyPem,L"Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw",bCrlf);
    CkStringBuilderW_AppendLine(sbPublicKeyPem,L"oYi+1hqp1fIekaxsyQIDAQAB",bCrlf);
    CkStringBuilderW_AppendLine(sbPublicKeyPem,L"-----END PUBLIC KEY-----",bCrlf);

    pubKey = CkPublicKeyW_Create();
    CkPublicKeyW_LoadFromString(pubKey,CkStringBuilderW_getAsString(sbPublicKeyPem));

    sbPrivateKeyPem = CkStringBuilderW_Create();
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"-----BEGIN RSA PRIVATE KEY-----",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==",bCrlf);
    CkStringBuilderW_AppendLine(sbPrivateKeyPem,L"-----END RSA PRIVATE KEY-----",bCrlf);

    privKey = CkPrivateKeyW_Create();
    CkPrivateKeyW_LoadPem(privKey,CkStringBuilderW_getAsString(sbPrivateKeyPem));

    //    All examples use this request:
    // 
    //    POST /foo?param=value&pet=dog HTTP/1.1
    //    Host: example.com
    //    Date: Sun, 05 Jan 2014 21:31:40 GMT
    //    Content-Type: application/json
    //    Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
    //    Content-Length: 18
    // 
    //    {"hello": "world"}

    // C.1.  Default Test
    // 
    //    If a list of headers is not included, the date is the only header
    //    that is signed by default.  The string to sign would be:
    // 
    //    date: Sun, 05 Jan 2014 21:31:40 GMT
    // 
    //    The Authorization header would be:
    // 
    //    Authorization: Signature keyId="Test",algorithm="rsa-sha256",
    //    signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
    //    6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
    //    6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
    // 
    //    The Signature header would be:
    // 
    //    Signature: keyId="Test",algorithm="rsa-sha256",
    //    signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
    //    6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
    //    6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
    // 

    dtNow = CkDateTimeW_Create();
    success = CkDateTimeW_SetFromCurrentSystemTime(dtNow);
    dateStr = CkDateTimeW_getAsRfc822(dtNow,FALSE);

    // To duplicate the above result, we'll hard-code the date string.
    dateStr = L"Sun, 05 Jan 2014 21:31:40 GMT";

    rsa = CkRsaW_Create();
    success = CkRsaW_ImportPrivateKeyObj(rsa,privKey);
    if (success == FALSE) {
        wprintf(L"%s\n",CkRsaW_lastErrorText(rsa));
        CkStringBuilderW_Dispose(sbPublicKeyPem);
        CkPublicKeyW_Dispose(pubKey);
        CkStringBuilderW_Dispose(sbPrivateKeyPem);
        CkPrivateKeyW_Dispose(privKey);
        CkDateTimeW_Dispose(dtNow);
        CkRsaW_Dispose(rsa);
        return;
    }

    sbStringToSign = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbStringToSign,L"date: ");
    CkStringBuilderW_Append(sbStringToSign,dateStr);

    CkRsaW_putEncodingMode(rsa,L"base64");
    b64Signature = CkRsaW_signStringENC(rsa,CkStringBuilderW_getAsString(sbStringToSign),L"SHA256");
    wprintf(L"%s\n",b64Signature);
    wprintf(L"---------------------------\n");

    // The result should be:
    // SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM=

    // ----------------------------------------------------------------------------------------------------

    // C.2.  Basic Test
    // 
    //    The minimum recommended data to sign is the (request-target), host,
    //    and date.  In this case, the string to sign would be:
    // 
    //    (request-target): post /foo?param=value&pet=dog
    //    host: example.com
    //    date: Sun, 05 Jan 2014 21:31:40 GMT
    // 
    //    The Authorization header would be:
    // 
    //    Authorization: Signature keyId="Test",algorithm="rsa-sha256",
    //    headers="(request-target) host date", signature="qdx+H7PHHDZgy4
    //    y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn
    //    7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs
    //    kLu6kd9Fswtemr3lgdDEmn04swr2Os0="

    CkStringBuilderW_Clear(sbStringToSign);
    CkStringBuilderW_Append(sbStringToSign,L"(request-target): ");
    CkStringBuilderW_AppendLine(sbStringToSign,L"post /foo?param=value&pet=dog",FALSE);
    CkStringBuilderW_Append(sbStringToSign,L"host: ");
    CkStringBuilderW_AppendLine(sbStringToSign,L"example.com",FALSE);
    CkStringBuilderW_Append(sbStringToSign,L"date: ");
    CkStringBuilderW_Append(sbStringToSign,dateStr);

    wprintf(L"StringToSign:\n");
    wprintf(L"%s\n",CkStringBuilderW_getAsString(sbStringToSign));
    b64Signature = CkRsaW_signStringENC(rsa,CkStringBuilderW_getAsString(sbStringToSign),L"SHA256");
    wprintf(L"%s\n",b64Signature);
    wprintf(L"---------------------------\n");

    // The result should be:
    // qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0=


    CkStringBuilderW_Dispose(sbPublicKeyPem);
    CkPublicKeyW_Dispose(pubKey);
    CkStringBuilderW_Dispose(sbPrivateKeyPem);
    CkPrivateKeyW_Dispose(privKey);
    CkDateTimeW_Dispose(dtNow);
    CkRsaW_Dispose(rsa);
    CkStringBuilderW_Dispose(sbStringToSign);

    }