DSA Signature Create and Verify

Shows how to create a DSA (DSS) signature for the contents of a file. The first step is to create an SHA-1 hash of the file contents. The hash is signed using the Digital Signature Algorithm and the signature bytes are retrieved as a hex-encoded string.

The 2nd part of the example loads the signature and verifies it against the hash.

Download Chilkat DSA ActiveX

Download Chilkat Crypt ActiveX

LOCAL lnSuccess
LOCAL loCrypt
LOCAL lcHashStr
LOCAL loDsa
LOCAL lcPemPrivateKey
LOCAL lcHexSig
LOCAL loDsa2
LOCAL lcPemPublicKey



*  Use Chilkat Crypt to hash the contents of a file.
loCrypt = CreateObject('Chilkat.Crypt2')
lnSuccess = loCrypt.UnlockComponent("Anything for 30-day trial.")
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loCrypt.LastErrorText)
    QUIT
ENDIF

loCrypt.EncodingMode = "hex"
loCrypt.HashAlgorithm = "sha-1"

*  Return the SHA-1 hash of a file.  The file may be any size.
*  The Chilkat Crypt component will stream the file when
*  computing the hash, keeping the memory usage constant
*  and reasonable.
*  The 20-byte SHA-1 hash is returned as a hex-encoded string.
lcHashStr = loCrypt.HashFileENC("hamlet.xml")

loDsa = CreateObject('Chilkat.Dsa')

*  The Chilkat Crypt and Chilkat DSA components are separate
*  products.  To license both, it's least expensive to purchase
*  the "Chilkat Bundle" which provides licenses to all the
*  Chilkat components.
lnSuccess = loDsa.UnlockComponent("Anything for 30-day trial")
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loDsa.LastErrorText)
    QUIT
ENDIF

*  Load a DSA private key from a PEM file.  Chilkat DSA
*  provides the ability to load and save DSA public and private
*  keys from encrypted or non-encrypted PEM or DER.
*  The LoadText method is for convenience only.  You may
*  use any means to load the contents of a PEM file into
*  a string.

lcPemPrivateKey = loDsa.LoadText("dsa_priv.pem")
lnSuccess = loDsa.FromPem(lcPemPrivateKey)
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loDsa.LastErrorText)
    QUIT
ENDIF

*  You may optionally verify the key to ensure that it is a valid
*  DSA key.
lnSuccess = loDsa.VerifyKey()
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loDsa.LastErrorText)
    QUIT
ENDIF

*  Load the hash to be signed into the DSA object:
lnSuccess = loDsa.SetEncodedHash("hex",lcHashStr)
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loDsa.LastErrorText)
    QUIT
ENDIF

*  Now that the DSA object contains both the private key and hash,
*  it is ready to create the signature:
lnSuccess = loDsa.SignHash()
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loDsa.LastErrorText)
    QUIT
ENDIF

*  If SignHash is successful, the DSA object contains the
*  signature.  It may be accessed as a hex or base64 encoded
*  string.  (It is also possible to access directly in byte array form via
*  the "Signature" property.)

lcHexSig = loDsa.GetEncodedSignature("hex")
? "Signature:"
? lcHexSig

*  -----------------------------------------------------------
*  Step 2: Verify the DSA Signature
*  -----------------------------------------------------------

loDsa2 = CreateObject('Chilkat.Dsa')

*  Load the DSA public key to be used for verification:

lcPemPublicKey = loDsa2.LoadText("dsa_pub.pem")
lnSuccess = loDsa2.FromPublicPem(lcPemPublicKey)
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loDsa2.LastErrorText)
    QUIT
ENDIF

*  Load the hash to be verified against the signature.
lnSuccess = loDsa2.SetEncodedHash("hex",lcHashStr)
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loDsa2.LastErrorText)
    QUIT
ENDIF

*  Load the signature:
lnSuccess = loDsa2.SetEncodedSignature("hex",lcHexSig)
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loDsa2.LastErrorText)
    QUIT
ENDIF

*  Verify:
lnSuccess = loDsa2.Verify()
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loDsa2.LastErrorText)
ELSE
    ? "DSA Signature Verified!"
ENDIF