|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Classic ASP) ECDSA Sign and VerifyDemonstrates how to create an ECDSA signature on the SHA256 hash of some data, and then verify.
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body> <% ' This example assumes the Chilkat API to have been previously unlocked. ' See Global Unlock Sample for sample code. ' First load an ECDSA private key to be used for signing. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.PrivateKey") set privKey = Server.CreateObject("Chilkat.PrivateKey") success = privKey.LoadEncryptedPemFile("qa_data/ecc/secp256r1-key-pkcs8-secret.pem","secret") If (success = 0) Then Response.Write "<pre>" & Server.HTMLEncode( privKey.LastErrorText) & "</pre>" Response.End End If ' Sign the SHA256 hash of some data. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.BinData") set bd = Server.CreateObject("Chilkat.BinData") success = bd.LoadFile("qa_data/hamlet.xml") If (success = 0) Then Response.Write "<pre>" & Server.HTMLEncode( "Failed to load file to be hashed.") & "</pre>" Response.End End If ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Crypt2") set crypt = Server.CreateObject("Chilkat.Crypt2") crypt.HashAlgorithm = "sha256" crypt.EncodingMode = "base64" hashStr = crypt.HashBdENC(bd) ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Ecc") set ecdsa = Server.CreateObject("Chilkat.Ecc") ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Prng") set prng = Server.CreateObject("Chilkat.Prng") ' Returns ASN.1 signature as a base64 string. sig = ecdsa.SignHashENC(hashStr,"base64",privKey,prng) Response.Write "<pre>" & Server.HTMLEncode( "sig = " & sig) & "</pre>" ' The signature is in ASN.1 format (which may be described as the "encoded DSS signature"). ' SEQUENCE (2 elem) ' INTEGER (255 bit) 4849395540832462044300553275435608522154141569743642905628579547100940... ' INTEGER (255 bit) 3680701124244788134409868118208591399799457104230118295614152238560005... ' If you wish, you can get the r and s components of the signature like this: ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Asn") set asn = Server.CreateObject("Chilkat.Asn") success = asn.LoadEncoded(sig,"base64") ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Xml") set xml = Server.CreateObject("Chilkat.Xml") success = xml.LoadXml(asn.AsnToXml()) Response.Write "<pre>" & Server.HTMLEncode( xml.GetXml()) & "</pre>" ' We now have this: ' <?xml version="1.0" encoding="utf-8"?> ' <sequence> ' <int>6650D422D86BA4A228B5617604E59052591B9B2C32EF324C44D09EF67E5F0060</int> ' <int>0CFD9F6AC85042FC70F672C141BA6B2A4CAFBB906C3D907BCCC1BED62B28326F</int> ' </sequence> ' Get the "r" and "s" as hex strings r = xml.GetChildContentByIndex(0) s = xml.GetChildContentByIndex(1) Response.Write "<pre>" & Server.HTMLEncode( "r = " & r) & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( "s = " & s) & "</pre>" ' -------------------------------------------------------------------- ' Now verify against the hash of the original data. ' Get the corresponding public key. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.PublicKey") set pubKey = Server.CreateObject("Chilkat.PublicKey") success = pubKey.LoadFromFile("qa_data/ecc/secp256r1-pub.pem") If (success = 0) Then Response.Write "<pre>" & Server.HTMLEncode( pubKey.LastErrorText) & "</pre>" Response.End End If ' We already have the SHA256 hash of the original data (hashStr) so no need to re-do it.. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Ecc") set ecc2 = Server.CreateObject("Chilkat.Ecc") result = ecc2.VerifyHashENC(hashStr,sig,"base64",pubKey) If (result <> 1) Then Response.Write "<pre>" & Server.HTMLEncode( ecc2.LastErrorText) & "</pre>" Response.End End If Response.Write "<pre>" & Server.HTMLEncode( "Verified!") & "</pre>" ' Note: If we have only r,s and wish to reconstruct the ASN.1 signature, we do it like this: ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Xml") set xml2 = Server.CreateObject("Chilkat.Xml") xml2.Tag = "sequence" xml2.NewChild2 "int",r xml2.NewChild2 "int",s ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Asn") set asn2 = Server.CreateObject("Chilkat.Asn") success = asn2.LoadAsnXml(xml2.GetXml()) encodedSig = asn2.GetEncodedDer("base64") Response.Write "<pre>" & Server.HTMLEncode( "encoded DSS signature: " & encodedSig) & "</pre>" ' You can go to https://lapo.it/asn1js/ and copy/paste the base64 encodedSig into the online tool, then press the "decode" button. ' You will see the ASN.1 such as this: ' SEQUENCE (2 elem) ' INTEGER (255 bit) 4849395540832462044300553275435608522154141569743642905628579547100940... ' INTEGER (255 bit) 3680701124244788134409868118208591399799457104230118295614152238560005... %> </body> </html> |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.