|
|
(JavaScript) RSA Sign an Encoded Hash
Demonstrates signing a hash (e.g., SHA256) provided as an encoded string (e.g., base64 or hex).
var success = false;
// Assuming the smartcard/USB token is installed with the correct drivers from the manufacturer,
// this code can work on multiple platforms including Windows, MacOS, Linux, and iOS.
// Chilkat automatically detects and determines the way in which the HSM is used,
// which can be by PKCS11, Apple Keychain, Microsoft CNG / Crypto API, or ScMinidriver.
var cert = new CkCert();
// Set the token/smartcard PIN prior to loading.
cert.SmartCardPin = "123456";
// Specify the certificate by its common name.
success = cert.LoadFromSmartcard("cn=chilkat-rsa-2048");
if (success == false) {
console.log(cert.LastErrorText);
return;
}
console.log("Signing with the private key for this cert: " + cert.SubjectCN);
// Create data to be hashed and signed.
var bd = new CkBinData();
var i;
for (i = 0; i <= 100; i++) {
bd.AppendEncoded("000102030405060708090A0B0C0D0E0F","hex");
}
var rsa = new CkRsa();
// Use the certificate's private key for signing.
success = rsa.SetX509Cert(cert,true);
if (success == false) {
console.log(rsa.LastErrorText);
return;
}
// We'll first compute the hash and then pass the encoded hash to be signed.
var sha256_base64 = bd.GetHash("sha256","base64");
console.log("sha256 hash in base64 format: " + sha256_base64);
// Pass in the base64 hash and return a base64 signature.
rsa.EncodingMode = "base64";
var rsaSig_base64 = rsa.SignHashENC(sha256_base64,"sha256");
if (success == false) {
console.log(rsa.LastErrorText);
return;
}
console.log("RSA signature as base64: " + rsaSig_base64);
|
