RSA Sign with PKCS8 Encrypted Key

Demonstrates how to load a private key from an encrypted PKCS8 file and create an RSA digital signature.

Download 32-bit Chilkat RSA ActiveX (.msi)

Download All 32-bit Chilkat ActiveX Components (.zip)

Download All 64-bit Chilkat ActiveX Components (.zip)

LOCAL loPkey
LOCAL lnSuccess
LOCAL lcPkeyXml
LOCAL loRsa
LOCAL lcStrData
LOCAL lcHexSig

loPkey = CreateObject('Chilkat.PrivateKey')

*  Load the private key from an RSA PEM file:
loPkey.LoadPkcs8EncryptedFile("privateKey.key","myPassword")

*  Get the private key in XML format:
lcPkeyXml = loPkey.GetXml()

loRsa = CreateObject('Chilkat.Rsa')

*  Any string argument automatically begins the 30-day trial.

lnSuccess = loRsa.UnlockComponent("30-day trial")
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX("RSA component unlock failed")
    QUIT
ENDIF

*  Import the private key into the RSA component:
lnSuccess = loRsa.ImportPrivateKey(lcPkeyXml)
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loRsa.LastErrorText)
    QUIT
ENDIF

*  This example will sign a string, and receive the signature
*  in a hex-encoded string.  Therefore, set the encoding mode
*  to "hex":
loRsa.EncodingMode = "hex"

*  If some other non-Chilkat application or web service is going to be verifying
*  the signature, it is important to match the byte-ordering.
*  The LittleEndian property may be set to 1
*  for little-endian byte ordering,
*  or 0  for big-endian byte ordering.
*  Microsoft apps typically use little-endian, while
*  OpenSSL and other services (such as Amazon CloudFront)
*  use big-endian.
loRsa.LittleEndian = 0

lcStrData = "This is the string to be signed."

*  Sign the string using the sha-1 hash algorithm.
*  Other valid choices are "md2", "sha256", "sha384", "sha512",  and "md5".

lcHexSig = loRsa.SignStringENC(lcStrData,"sha-1")

? lcHexSig