Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

DSA Signature Create and Verify

See more DSA Examples

Shows how to create a DSA (DSS) signature for the contents of a file. The first step is to create an SHA-1 hash of the file contents. The hash is signed using the Digital Signature Algorithm and the signature bytes are retrieved as a hex-encoded string.

The 2nd part of the example loads the signature and verifies it against the hash.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Dsa,
  Chilkat.Crypt2;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  crypt: TCrypt2;
  hashStr: string;
  dsa: TDsa;
  pemPrivateKey: string;
  hexSig: string;
  dsa2: TDsa;
  pemPublicKey: string;

begin
  success := False;

  //  This example requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  crypt := TCrypt2.Create;

  crypt.EncodingMode := 'hex';
  crypt.HashAlgorithm := 'sha-1';

  //  Return the SHA-1 hash of a file.  The file may be any size.
  //  The Chilkat Crypt component will stream the file when 
  //  computing the hash, keeping the memory usage constant
  //  and reasonable.
  //  The 20-byte SHA-1 hash is returned as a hex-encoded string.
  hashStr := crypt.HashFileENC('hamlet.xml');

  dsa := TDsa.Create;

  //  Load a DSA private key from a PEM file.  Chilkat DSA
  //  provides the ability to load and save DSA public and private
  //  keys from encrypted or non-encrypted PEM or DER.
  //  The LoadText method is for convenience only.  You may
  //  use any means to load the contents of a PEM file into
  //  a string.

  pemPrivateKey := dsa.LoadText('dsa_priv.pem');
  success := dsa.FromPem(pemPrivateKey);
  if (success <> True) then
    begin
      WriteLn(dsa.LastErrorText);
      Exit;
    end;

  //  You may optionally verify the key to ensure that it is a valid
  //  DSA key.
  success := dsa.VerifyKey();
  if (success <> True) then
    begin
      WriteLn(dsa.LastErrorText);
      Exit;
    end;

  //  Load the hash to be signed into the DSA object:
  success := dsa.SetEncodedHash('hex',hashStr);
  if (success <> True) then
    begin
      WriteLn(dsa.LastErrorText);
      Exit;
    end;

  //  Now that the DSA object contains both the private key and hash,
  //  it is ready to create the signature:
  success := dsa.SignHash();
  if (success <> True) then
    begin
      WriteLn(dsa.LastErrorText);
      Exit;
    end;

  //  If SignHash is successful, the DSA object contains the
  //  signature.  It may be accessed as a hex or base64 encoded
  //  string.  (It is also possible to access directly in byte array form via
  //  the "Signature" property.)
  hexSig := dsa.GetEncodedSignature('hex');
  WriteLn('Signature:');
  WriteLn(hexSig);

  //  -----------------------------------------------------------
  //  Step 2: Verify the DSA Signature
  //  -----------------------------------------------------------

  dsa2 := TDsa.Create;

  //  Load the DSA public key to be used for verification:

  pemPublicKey := dsa2.LoadText('dsa_pub.pem');
  success := dsa2.FromPublicPem(pemPublicKey);
  if (success <> True) then
    begin
      WriteLn(dsa2.LastErrorText);
      Exit;
    end;

  //  Load the hash to be verified against the signature.
  success := dsa2.SetEncodedHash('hex',hashStr);
  if (success <> True) then
    begin
      WriteLn(dsa2.LastErrorText);
      Exit;
    end;

  //  Load the signature:
  success := dsa2.SetEncodedSignature('hex',hexSig);
  if (success <> True) then
    begin
      WriteLn(dsa2.LastErrorText);
      Exit;
    end;

  //  Verify:
  success := dsa2.Verify();
  if (success <> True) then
    begin
      WriteLn(dsa2.LastErrorText);
    end
  else
    begin
      WriteLn('DSA Signature Verified!');
    end;


  crypt.Free;
  dsa.Free;
  dsa2.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.