|
Chilkat • HOME • ASP • Visual Basic • VB.NET • C# • Visual C++ • C • MFC • Delphi • FoxPro • Java • Perl • PHP • Python • Ruby • SQL Server • VBScript
Use Certificate and Private Key PEM Files to Create a Digital SignatureDemonstrates how to load a digital certificate from a PEM file, load it's corresponding private key from a PEM file, save the private key to a key container (if necessary), link the certificate to the key container, and use it to create a digital signature.
// Needs #include <CkCert.h> // Needs #include <CkPrivateKey.h> // Needs #include <CkKeyContainer.h> // Needs #include <CkCrypt2.h> CkString strOut; CkCert cert; // Load the cert from a PEM file; cert.LoadFromFile("cert.pem"); CkPrivateKey pkey; // Load the private key from an RSA PEM file: pkey.LoadPemFile("pkey_rsa.pem"); bool success; // If the "chilkat" key container does not already exist, // we'll create it and import the private key: CkKeyContainer container; bool needPrivateKeyAccess; needPrivateKeyAccess = true; bool machineKeyset; machineKeyset = false; if (container.OpenContainer("chilkat",needPrivateKeyAccess,machineKeyset) == false) { // We need to create the key container and import // the private key: success = container.CreateContainer("chilkat",machineKeyset); if (success == true) { bool isKeyExchangePair; isKeyExchangePair = false; success = container.ImportPrivateKey(pkey,isKeyExchangePair); if (success == false) { strOut.append("Failed to import private key into key container"); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } } else { strOut.append("Failed to create key container"); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } } // At this point, the key container contains the private key. // Link the certificate with the key container: bool bForSigning; bForSigning = true; success = cert.LinkPrivateKey("chilkat",machineKeyset,bForSigning); if (success == false) { strOut.append("Failed to link certificate with key container"); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // Use Chilkat Crypt (a non-freeware component) to create // a digital signature using the certificate w/ private key: CkCrypt2 crypt; // Any string argument automatically begins the 30-day trial. success = crypt.UnlockComponent("30-day trial"); if (success != true) { strOut.append("Crypt component unlock failed\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // Tell the crypt component to use this cert. crypt.SetSigningCert(cert); // We can sign any type of file, creating a .p7s as output: success = crypt.CreateP7S("license.rtf","license.p7s"); if (success == false) { strOut.append(crypt.lastErrorText()); strOut.append("\r\n"); delete cert; SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } strOut.append(crypt.lastErrorText()); strOut.append("\r\n"); // Verify and restore the original file: crypt.SetVerifyCert(cert); success = crypt.VerifyP7S("license.rtf","license.p7s"); if (success == false) { strOut.append(crypt.lastErrorText()); strOut.append("\r\n"); delete cert; SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } strOut.append("Success!\r\n"); // The Chilkat Certificate, Certificate Store, Private Key, // Public Key, and Key Container classes / objects are freeware. // They are used by and included with the Chilkat Email, // Crypt, S/MIME, and other commercial Chilkat components. SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); |
Need a specific example? Send a request to support@chilkatsoft.com
© 2000-2008 Chilkat Software, Inc. All Rights Reserved.
