RSA Signature with Certificate's Private Key from PFX

Demonstrates how to use a certificate's private key from a PFX file to create an RSA signature.

Download Chilkat Python Library

import sys
import chilkat



#  Create an instance of a certificate store object, load a PFX file,
#  locate the certificate we need, and use it for signing.
#  (a PFX file may contain more than one certificate.)
certStore = chilkat.CkCertStore()

#  The 1st argument is the filename, the 2nd arg is the
#  PFX file's password:
success = certStore.LoadPfxFile("chilkat.pfx","test")
if (success != True):
    print certStore.lastErrorText()
    sys.exit()

cert = certStore.FindCertBySubject("Chilkat Software, Inc.")
if (cert == None ):
    print certStore.lastErrorText()
    sys.exit()

pkey = cert.ExportPrivateKey()
if (pkey == None ):
    print cert.lastErrorText()
    sys.exit()

#  Get the private key in XML format:
pkeyXml = pkey.getXml()

rsa = chilkat.CkRsa()

#  Any string argument automatically begins the 30-day trial.
success = rsa.UnlockComponent("30-day trial")
if (success != True):
    print "RSA component unlock failed"
    sys.exit()

#  Import the private key into the RSA component:
success = rsa.ImportPrivateKey(pkeyXml)
if (success != True):
    print rsa.lastErrorText()
    sys.exit()

#  This example will sign a string, and receive the signature
#  in a hex-encoded string.  Therefore, set the encoding mode
#  to "hex":
rsa.put_EncodingMode("hex")

strData = "This is the string to be signed."

#  Sign the string using the sha-1 hash algorithm.
#  Other valid choices are "md2" and "md5".
hexSig = rsa.signStringENC(strData,"sha-1")

print hexSig

print "Success!"