DataFlex
DataFlex
Sign String to create a CAdES-T Signature, using HTTP Proxy to Access Timestamp Server
This example will sign a string to create a CAdEST-T signature. It will use an HTTP proxy to access the timestamp server.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoCrypt
Variant vCert
Handle hoCert
Handle hoAttrs
String sStrToSign
Variant vBd
Handle hoBd
Variant vHttp
Handle hoHttp
String sTemp1
Move False To iSuccess
Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
If (Not(IsComObjectCreated(hoCrypt))) Begin
Send CreateComObject of hoCrypt
End
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Set ComSmartCardPin Of hoCert To "123456"
Get ComLoadFromSmartcard Of hoCert "" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
Get pvComObject of hoCert to vCert
Get ComSetSigningCert Of hoCrypt vCert To iSuccess
// Use SHA-256 rather than the default of SHA-1
Set ComHashAlgorithm Of hoCrypt To "sha256"
// Create JSON that tells Chilkat what signing attributes to include:
Get Create (RefClass(cComChilkatJsonObject)) To hoAttrs
If (Not(IsComObjectCreated(hoAttrs))) Begin
Send CreateComObject of hoAttrs
End
Get ComUpdateBool Of hoAttrs "contentType" True To iSuccess
Get ComUpdateBool Of hoAttrs "signingTime" True To iSuccess
Get ComUpdateBool Of hoAttrs "messageDigest" True To iSuccess
Get ComUpdateBool Of hoAttrs "signingCertificateV2" True To iSuccess
// A CAdES-T signature is one that includes a timestampToken created by an online TSA (time stamping authority).
// We must include the TSA's URL, as well as a few options to indicate what is desired.
// Except for the TSA URL, the options shown here are typically what you would need.
Get ComUpdateBool Of hoAttrs "timestampToken.enabled" True To iSuccess
Get ComUpdateString Of hoAttrs "timestampToken.tsaUrl" "https://freetsa.org/tsr" To iSuccess
Get ComUpdateBool Of hoAttrs "timestampToken.addNonce" False To iSuccess
Get ComUpdateBool Of hoAttrs "timestampToken.requestTsaCert" True To iSuccess
Get ComUpdateString Of hoAttrs "timestampToken.hashAlg" "sha256" To iSuccess
Get ComEmit Of hoAttrs To sTemp1
Set ComSigningAttributes Of hoCrypt To sTemp1
Move "Hello World!" To sStrToSign
Get Create (RefClass(cComChilkatBinData)) To hoBd
If (Not(IsComObjectCreated(hoBd))) Begin
Send CreateComObject of hoBd
End
Get ComAppendString Of hoBd sStrToSign "utf-8" To iSuccess
// -------------------------------------------------------------------------
// The purpose of this example is to show how an HTTP object with custom
// settings can be used to access the Internet when signing.
// Access to the Internet is needed to communicate with the timestamp server.
Get Create (RefClass(cComChilkatHttp)) To hoHttp
If (Not(IsComObjectCreated(hoHttp))) Begin
Send CreateComObject of hoHttp
End
// This can be a domain name, hostname, or IP address.
Set ComProxyDomain Of hoHttp To "172.16.16.56"
Set ComProxyPort Of hoHttp To 808
Set ComProxyLogin Of hoHttp To "myProxyLogin"
Set ComProxyPassword Of hoHttp To "myProxyPassword"
Get pvComObject of hoHttp to vHttp
Send ComSetTsaHttpObj To hoCrypt vHttp
// -------------------------------------------------------------------------
// This creates the CAdES-T signature. During the signature creation, it
// communicates with the TSA to get a timestampToken.
// The contents of bd are signed and replaced with the CAdES-T signature (which embeds the original content).
Get pvComObject of hoBd to vBd
Get ComOpaqueSignBd Of hoCrypt vBd To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCrypt To sTemp1
Showln sTemp1
Procedure_Return
End
// Get the signature in base64 format:
Get ComGetEncoded Of hoBd "base64_mime" To sTemp1
Showln sTemp1
Showln "Success."
End_Procedure