Lianja
Lianja
Sign String to create a CAdES-T Signature
See more CAdES Examples
This example will sign a string to create a CAdEST-T signature.Note: This example requires Chilkat v9.5.0.78 or greater.
Chilkat Lianja Downloads
llSuccess = .F.
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
loCrypt = createobject("CkCrypt2")
// This example will use the certificate + private key currently inserted into a smartcard reader.
loCert = createobject("CkCert")
// If we wish to provide the smartcard PIN (otherwise the user will be prompted by the operating system).
loCert.SmartCardPin = "000000"
llSuccess = loCert.LoadFromSmartcard("")
if (llSuccess <> .T.) then
? loCert.LastErrorText
release loCrypt
release loCert
return
endif
// Note: It is also possible to use certs from .pfx/.p12, .pem, or other sources such as
// pre-installed Windows certificates.
llSuccess = loCrypt.SetSigningCert(loCert)
// Use SHA-256 rather than the default of SHA-1
loCrypt.HashAlgorithm = "sha256"
// Create JSON that tells Chilkat what signing attributes to include:
loAttrs = createobject("CkJsonObject")
loAttrs.UpdateBool("contentType",.T.)
loAttrs.UpdateBool("signingTime",.T.)
loAttrs.UpdateBool("messageDigest",.T.)
loAttrs.UpdateBool("signingCertificateV2",.T.)
// A CAdES-T signature is one that includes a timestampToken created by an online TSA (time stamping authority).
// We must include the TSA's URL, as well as a few options to indicate what is desired.
// Except for the TSA URL, the options shown here are typically what you would need.
loAttrs.UpdateBool("timestampToken.enabled",.T.)
loAttrs.UpdateString("timestampToken.tsaUrl","https://freetsa.org/tsr")
loAttrs.UpdateBool("timestampToken.addNonce",.F.)
loAttrs.UpdateBool("timestampToken.requestTsaCert",.T.)
loAttrs.UpdateString("timestampToken.hashAlg","sha256")
loCrypt.SigningAttributes = loAttrs.Emit()
lcStrToSign = "THIS IS MY ID"
loBd = createobject("CkBinData")
loBd.AppendString(lcStrToSign,"utf-8")
// This creates the CAdES-T signature. During the signature creation, it
// communicates with the TSA to get a timestampToken.
// The contents of bd are signed and replaced with the CAdES-T signature (which embeds the original content).
llSuccess = loCrypt.OpaqueSignBd(loBd)
if (llSuccess <> .T.) then
? loCrypt.LastErrorText
release loCrypt
release loCert
release loAttrs
release loBd
return
endif
// Get the signature in base64 format:
? loBd.GetEncoded("base64_mime")
// Or save the signature to a file.
loBd.WriteFile("qa_output/cades-t_sample.p7m")
? "Success."
release loCrypt
release loCert
release loAttrs
release loBd