Sample code for 30+ languages & platforms
Visual FoxPro

SSH HSM Public Key Authentication

See more uncategorized Examples

Demonstrates how to authenticate with an SSH server using public key authentication using an HSM (USB token or smartcard).

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL loPkcs11
LOCAL lcPin
LOCAL lnUserType
LOCAL loJson
LOCAL lnPriv_handle
LOCAL lnPub_handle
LOCAL loKey
LOCAL lcKeyType
LOCAL loSsh

lnSuccess = 0

* This example assumes the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* Note: Chilkat's PKCS11 implementation runs on Windows, Linux, MacOs, and other supported operating systems.

loPkcs11 = CreateObject('Chilkat.Pkcs11')

* This would be a path to a .dylib on MacOS, or a path to a .so shared lib on Linux.
loPkcs11.SharedLibPath = "C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll"
lcPin = "0000"
lnUserType = 1

* Establish a PKCS11 logged-on session using the driver (.so, .dylib, or .dll) as specified in the SharedLibPath above.
lnSuccess = loPkcs11.QuickSession(lnUserType,lcPin)
IF (lnSuccess = 0) THEN
    ? loPkcs11.LastErrorText
    RELEASE loPkcs11
    CANCEL
ENDIF

* Set PKCS11 attributes to find our desired private key object.
loJson = CreateObject('Chilkat.JsonObject')
loJson.UpdateString("class","private_key")
loJson.UpdateString("label","MySshKey")

* Get the PKCS11 handle to the private key located on the HSM.
lnPriv_handle = loPkcs11.FindObject(loJson)

* Get the PKCS11 handle to the corresponding public key located on the HSM.
loJson.UpdateString("class","public_key")

lnPub_handle = loPkcs11.FindObject(loJson)

loKey = CreateObject('Chilkat.SshKey')
* The key type can be "rsa" or "ec"
lcKeyType = "rsa"
lnSuccess = loKey.UsePkcs11(loPkcs11,lnPriv_handle,lnPub_handle,lcKeyType)
IF (lnSuccess = 0) THEN
    ? loKey.LastErrorText
    RELEASE loPkcs11
    RELEASE loJson
    RELEASE loKey
    CANCEL
ENDIF

loSsh = CreateObject('Chilkat.Ssh')

lnSuccess = loSsh.Connect("example.com",22)
IF (lnSuccess <> 1) THEN
    ? loSsh.LastErrorText
    RELEASE loPkcs11
    RELEASE loJson
    RELEASE loKey
    RELEASE loSsh
    CANCEL
ENDIF

* Authenticate with the SSH server using the login and
* HSM private key.  (The corresponding public key should've 
* been installed on the SSH server beforehand.)
lnSuccess = loSsh.AuthenticatePk("myLogin",loKey)
IF (lnSuccess <> 1) THEN
    ? loSsh.LastErrorText
    RELEASE loPkcs11
    RELEASE loJson
    RELEASE loKey
    RELEASE loSsh
    CANCEL
ENDIF

? "Public-Key Authentication Successful!"

RELEASE loPkcs11
RELEASE loJson
RELEASE loKey
RELEASE loSsh