|
Chilkat • HOME • ASP • Visual Basic • VB.NET • C# • Visual C++ • C • MFC • Delphi • FoxPro • Java • Perl • PHP • Python • Ruby • SQL Server • VBScript
Use Certificate and Private Key PEM Files to Create a Digital SignatureDemonstrates how to load a digital certificate from a PEM file, load it's corresponding private key from a PEM file, save the private key to a key container (if necessary), link the certificate to the key container, and use it to create a digital signature.
#include <C_CkCert.h> #include <C_CkPrivateKey.h> #include <C_CkKeyContainer.h> #include <C_CkCrypt2.h> void ChilkatSample(void) { HCkCert cert; HCkPrivateKey pkey; BOOL success; HCkKeyContainer container; BOOL needPrivateKeyAccess; BOOL machineKeyset; BOOL isKeyExchangePair; BOOL bForSigning; HCkCrypt2 crypt; cert = CkCert_Create(); // Load the cert from a PEM file; CkCert_LoadFromFile(cert,"cert.pem"); pkey = CkPrivateKey_Create(); // Load the private key from an RSA PEM file: CkPrivateKey_LoadPemFile(pkey,"pkey_rsa.pem"); // If the "chilkat" key container does not already exist, // we'll create it and import the private key: container = CkKeyContainer_Create(); needPrivateKeyAccess = TRUE; machineKeyset = FALSE; if (CkKeyContainer_OpenContainer(container,"chilkat",needPrivateKeyAccess,machineKeyset) == FALSE) { // We need to create the key container and import // the private key: success = CkKeyContainer_CreateContainer(container,"chilkat",machineKeyset); if (success == TRUE) { isKeyExchangePair = FALSE; success = CkKeyContainer_ImportPrivateKey(container,pkey,isKeyExchangePair); if (success == FALSE) { printf("Failed to import private key into key container\n"); return; } } else { printf("Failed to create key container\n"); return; } } // At this point, the key container contains the private key. // Link the certificate with the key container: bForSigning = TRUE; success = CkCert_LinkPrivateKey(cert,"chilkat",machineKeyset,bForSigning); if (success == FALSE) { printf("Failed to link certificate with key container\n"); return; } // Use Chilkat Crypt (a non-freeware component) to create // a digital signature using the certificate w/ private key: crypt = CkCrypt2_Create(); // Any string argument automatically begins the 30-day trial. success = CkCrypt2_UnlockComponent(crypt,"30-day trial"); if (success != TRUE) { printf("Crypt component unlock failed\n"); return; } // Tell the crypt component to use this cert. CkCrypt2_SetSigningCert(crypt,cert); // We can sign any type of file, creating a .p7s as output: success = CkCrypt2_CreateP7S(crypt,"license.rtf","license.p7s"); if (success == FALSE) { printf("%s\n",CkCrypt2_lastErrorText(crypt)); CkCert_Dispose(cert); return; } printf("%s\n",CkCrypt2_lastErrorText(crypt)); // Verify and restore the original file: CkCrypt2_SetVerifyCert(crypt,cert); success = CkCrypt2_VerifyP7S(crypt,"license.rtf","license.p7s"); if (success == FALSE) { printf("%s\n",CkCrypt2_lastErrorText(crypt)); CkCert_Dispose(cert); return; } printf("Success!\n"); // The Chilkat Certificate, Certificate Store, Private Key, // Public Key, and Key Container classes / objects are freeware. // They are used by and included with the Chilkat Email, // Crypt, S/MIME, and other commercial Chilkat components. CkCert_Dispose(cert); CkPrivateKey_Dispose(pkey); CkKeyContainer_Dispose(container); CkCrypt2_Dispose(crypt); } |
Need a specific example? Send a request to support@chilkatsoft.com
© 2000-2008 Chilkat Software, Inc. All Rights Reserved.
