Unicode C
Unicode C
RSA Sign using a Private Key on a USB Token or Smartcard
See more Apple Keychain Examples
Create an RSA signature using a private key stored on a USB token or smartcard.Note: On MacOS and iOS, this example requires Chilkat v10.1.2 or later when the Apple Keychain is used as the underlying means to do the signing.
Chilkat Unicode C Downloads
#include <C_CkCertW.h>
#include <C_CkBinDataW.h>
#include <C_CkRsaW.h>
void ChilkatSample(void)
{
BOOL success;
HCkCertW cert;
HCkBinDataW bd;
int i;
HCkRsaW rsa;
HCkBinDataW bdSig;
success = FALSE;
// Assuming the smartcard/USB token is installed with the correct drivers from the manufacturer,
// this code can work on multiple platforms including Windows, MacOS, Linux, and iOS.
// Chilkat automatically detects and determines the way in which the HSM is used,
// which can be by PKCS11, Apple Keychain, Microsoft CNG / Crypto API, or ScMinidriver.
cert = CkCertW_Create();
// Set the token/smartcard PIN prior to loading.
CkCertW_putSmartCardPin(cert,L"123456");
// Specify the certificate by its common name.
success = CkCertW_LoadFromSmartcard(cert,L"cn=chilkat-rsa-2048");
if (success == FALSE) {
wprintf(L"%s\n",CkCertW_lastErrorText(cert));
CkCertW_Dispose(cert);
return;
}
wprintf(L"Signing with cert: %s\n",CkCertW_subjectCN(cert));
// Create data to be hashed and signed.
bd = CkBinDataW_Create();
for (i = 0; i <= 100; i++) {
CkBinDataW_AppendEncoded(bd,L"000102030405060708090A0B0C0D0E0F",L"hex");
}
rsa = CkRsaW_Create();
// Use the certificate's private key for signing.
success = CkRsaW_SetX509Cert(rsa,cert,TRUE);
if (success == FALSE) {
wprintf(L"%s\n",CkRsaW_lastErrorText(rsa));
CkCertW_Dispose(cert);
CkBinDataW_Dispose(bd);
CkRsaW_Dispose(rsa);
return;
}
// Sign the SHA-256 hash of the contents of bd.
bdSig = CkBinDataW_Create();
success = CkRsaW_SignBd(rsa,bd,L"sha256",bdSig);
if (success == FALSE) {
wprintf(L"%s\n",CkRsaW_lastErrorText(rsa));
CkCertW_Dispose(cert);
CkBinDataW_Dispose(bd);
CkRsaW_Dispose(rsa);
CkBinDataW_Dispose(bdSig);
return;
}
// The RSA signature is equal in length to the size of the RSA key.
wprintf(L"Output signature size in bits = %d\n",CkBinDataW_getNumBytes(bdSig) * 8);
// We can save the signature for later verification..
CkBinDataW_WriteFile(bdSig,L"rsaSignatures/test1.sig");
// See the example to verify the RSA signature:
// Verfies an RSA Signature
CkCertW_Dispose(cert);
CkBinDataW_Dispose(bd);
CkRsaW_Dispose(rsa);
CkBinDataW_Dispose(bdSig);
}