Sample code for 30+ languages & platforms
Delphi DLL

RSA Sign an Encoded Hash

See more RSA Examples

Demonstrates signing a hash (e.g., SHA256) provided as an encoded string (e.g., base64 or hex).

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, BinData, Rsa, Cert;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
cert: HCkCert;
bd: HCkBinData;
i: Integer;
rsa: HCkRsa;
sha256_base64: PWideChar;
rsaSig_base64: PWideChar;

begin
success := False;

// Assuming the smartcard/USB token is installed with the correct drivers from the manufacturer,
// this code can work on multiple platforms including Windows, MacOS, Linux, and iOS.

// Chilkat automatically detects and determines the way in which the HSM is used,
// which can be by PKCS11, Apple Keychain, Microsoft CNG / Crypto API, or ScMinidriver.

cert := CkCert_Create();

// Set the token/smartcard PIN prior to loading.
CkCert_putSmartCardPin(cert,'123456');

// Specify the certificate by its common name.
success := CkCert_LoadFromSmartcard(cert,'cn=chilkat-rsa-2048');
if (success = False) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

Memo1.Lines.Add('Signing with the private key for this cert: ' + CkCert__subjectCN(cert));

// Create data to be hashed and signed.
bd := CkBinData_Create();

for i := 0 to 100 do
  begin
    CkBinData_AppendEncoded(bd,'000102030405060708090A0B0C0D0E0F','hex');
  end;

rsa := CkRsa_Create();

// Use the certificate's private key for signing.
success := CkRsa_SetX509Cert(rsa,cert,True);
if (success = False) then
  begin
    Memo1.Lines.Add(CkRsa__lastErrorText(rsa));
    Exit;
  end;

// We'll first compute the hash and then pass the encoded hash to be signed.
sha256_base64 := CkBinData__getHash(bd,'sha256','base64');
Memo1.Lines.Add('sha256 hash in base64 format: ' + sha256_base64);

// Pass in the base64 hash and return a base64 signature.
CkRsa_putEncodingMode(rsa,'base64');
rsaSig_base64 := CkRsa__signHashENC(rsa,sha256_base64,'sha256');
if (success = False) then
  begin
    Memo1.Lines.Add(CkRsa__lastErrorText(rsa));
    Exit;
  end;

Memo1.Lines.Add('RSA signature as base64: ' + rsaSig_base64);

CkCert_Dispose(cert);
CkBinData_Dispose(bd);
CkRsa_Dispose(rsa);

end;