Sample code for 30+ languages & platforms
DataFlex

Sign String to create a CAdES-T Signature, using HTTP Proxy to Access Timestamp Server

This example will sign a string to create a CAdEST-T signature. It will use an HTTP proxy to access the timestamp server.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoCrypt
    Variant vCert
    Handle hoCert
    Handle hoAttrs
    String sStrToSign
    Variant vBd
    Handle hoBd
    Variant vHttp
    Handle hoHttp
    String sTemp1

    Move False To iSuccess

    Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
    If (Not(IsComObjectCreated(hoCrypt))) Begin
        Send CreateComObject of hoCrypt
    End

    Get Create (RefClass(cComChilkatCert)) To hoCert
    If (Not(IsComObjectCreated(hoCert))) Begin
        Send CreateComObject of hoCert
    End
    Set ComSmartCardPin Of hoCert To "123456"
    Get ComLoadFromSmartcard Of hoCert "" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoCert To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get pvComObject of hoCert to vCert
    Get ComSetSigningCert Of hoCrypt vCert To iSuccess

    // Use SHA-256 rather than the default of SHA-1
    Set ComHashAlgorithm Of hoCrypt To "sha256"

    // Create JSON that tells Chilkat what signing attributes to include:
    Get Create (RefClass(cComChilkatJsonObject)) To hoAttrs
    If (Not(IsComObjectCreated(hoAttrs))) Begin
        Send CreateComObject of hoAttrs
    End
    Get ComUpdateBool Of hoAttrs "contentType" True To iSuccess
    Get ComUpdateBool Of hoAttrs "signingTime" True To iSuccess
    Get ComUpdateBool Of hoAttrs "messageDigest" True To iSuccess
    Get ComUpdateBool Of hoAttrs "signingCertificateV2" True To iSuccess

    // A CAdES-T signature is one that includes a timestampToken created by an online TSA (time stamping authority).
    // We must include the TSA's URL, as well as a few options to indicate what is desired.
    // Except for the TSA URL, the options shown here are typically what you would need.
    Get ComUpdateBool Of hoAttrs "timestampToken.enabled" True To iSuccess
    Get ComUpdateString Of hoAttrs "timestampToken.tsaUrl" "https://freetsa.org/tsr" To iSuccess
    Get ComUpdateBool Of hoAttrs "timestampToken.addNonce" False To iSuccess
    Get ComUpdateBool Of hoAttrs "timestampToken.requestTsaCert" True To iSuccess
    Get ComUpdateString Of hoAttrs "timestampToken.hashAlg" "sha256" To iSuccess

    Get ComEmit Of hoAttrs To sTemp1
    Set ComSigningAttributes Of hoCrypt To sTemp1

    Move "Hello World!" To sStrToSign

    Get Create (RefClass(cComChilkatBinData)) To hoBd
    If (Not(IsComObjectCreated(hoBd))) Begin
        Send CreateComObject of hoBd
    End
    Get ComAppendString Of hoBd sStrToSign "utf-8" To iSuccess

    // -------------------------------------------------------------------------
    // The purpose of this example is to show how an HTTP object with custom
    // settings can be used to access the Internet when signing.
    // Access to the Internet is needed to communicate with the timestamp server.
    Get Create (RefClass(cComChilkatHttp)) To hoHttp
    If (Not(IsComObjectCreated(hoHttp))) Begin
        Send CreateComObject of hoHttp
    End
    // This can be a domain name, hostname, or IP address.
    Set ComProxyDomain Of hoHttp To "172.16.16.56"
    Set ComProxyPort Of hoHttp To 808
    Set ComProxyLogin Of hoHttp To "myProxyLogin"
    Set ComProxyPassword Of hoHttp To "myProxyPassword"
    Get pvComObject of hoHttp to vHttp
    Send ComSetTsaHttpObj To hoCrypt vHttp
    // -------------------------------------------------------------------------

    // This creates the CAdES-T signature.  During the signature creation, it
    // communicates with the TSA to get a timestampToken.
    // The contents of bd are signed and replaced with the CAdES-T signature (which embeds the original content).
    Get pvComObject of hoBd to vBd
    Get ComOpaqueSignBd Of hoCrypt vBd To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoCrypt To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Get the signature in base64 format:
    Get ComGetEncoded Of hoBd "base64_mime" To sTemp1
    Showln sTemp1

    Showln "Success."


End_Procedure