RSA Sign with PKCS8 Encrypted Key

Demonstrates how to load a private key from an encrypted PKCS8 file and create an RSA digital signature.

Download 32-bit Chilkat RSA ActiveX (.msi)

Download All 32-bit Chilkat ActiveX Components (.zip)

Download All 64-bit Chilkat ActiveX Components (.zip)

<?php

$pkey = new COM("Chilkat.PrivateKey");

//  Load the private key from an RSA PEM file:
$pkey->LoadPkcs8EncryptedFile('privateKey.key','myPassword');

//  Get the private key in XML format:
$pkeyXml = $pkey->getXml();

$rsa = new COM("Chilkat.Rsa");

//  Any string argument automatically begins the 30-day trial.
$success = $rsa->UnlockComponent('30-day trial');
if ($success != true) {
    print 'RSA component unlock failed' . "\n";
    exit;
}

//  Import the private key into the RSA component:
$success = $rsa->ImportPrivateKey($pkeyXml);
if ($success != true) {
    print $rsa->lastErrorText() . "\n";
    exit;
}

//  This example will sign a string, and receive the signature
//  in a hex-encoded string.  Therefore, set the encoding mode
//  to "hex":
$rsa->EncodingMode = 'hex';

//  If some other non-Chilkat application or web service is going to be verifying
//  the signature, it is important to match the byte-ordering.
//  The LittleEndian property may be set to 1
//  for little-endian byte ordering,
//  or 0  for big-endian byte ordering.
//  Microsoft apps typically use little-endian, while
//  OpenSSL and other services (such as Amazon CloudFront)
//  use big-endian.
$rsa->LittleEndian = false;

$strData = 'This is the string to be signed.';

//  Sign the string using the sha-1 hash algorithm.
//  Other valid choices are "md2", "sha256", "sha384", "sha512",  and "md5".
$hexSig = $rsa->signStringENC($strData,'sha-1');

print $hexSig . "\n";
?>