Pascal (Lazarus/Delphi)
Pascal (Lazarus/Delphi)
RSA Sign using a Private Key on a USB Token or Smartcard
See more Apple Keychain Examples
Create an RSA signature using a private key stored on a USB token or smartcard.Note: On MacOS and iOS, this example requires Chilkat v10.1.2 or later when the Apple Keychain is used as the underlying means to do the signing.
Chilkat Pascal (Lazarus/Delphi) Downloads
program ChilkatDemo;
// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.
{$IFDEF FPC}
{$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}
uses
{$IFDEF UNIX}
cthreads,
{$ENDIF}
SysUtils,
CkDllLoader,
Chilkat.BinData,
Chilkat.Rsa,
Chilkat.Cert;
// ---------------------------------------------------------------------------
procedure RunDemo;
var
success: Boolean;
cert: TCert;
bd: TBinData;
i: Integer;
rsa: TRsa;
bdSig: TBinData;
begin
success := False;
// Assuming the smartcard/USB token is installed with the correct drivers from the manufacturer,
// this code can work on multiple platforms including Windows, MacOS, Linux, and iOS.
// Chilkat automatically detects and determines the way in which the HSM is used,
// which can be by PKCS11, Apple Keychain, Microsoft CNG / Crypto API, or ScMinidriver.
cert := TCert.Create;
// Set the token/smartcard PIN prior to loading.
cert.SmartCardPin := '123456';
// Specify the certificate by its common name.
success := cert.LoadFromSmartcard('cn=chilkat-rsa-2048');
if (success = False) then
begin
WriteLn(cert.LastErrorText);
Exit;
end;
WriteLn('Signing with cert: ' + cert.SubjectCN);
// Create data to be hashed and signed.
bd := TBinData.Create;
for i := 0 to 100 do
begin
bd.AppendEncoded('000102030405060708090A0B0C0D0E0F','hex');
end;
rsa := TRsa.Create;
// Use the certificate's private key for signing.
success := rsa.SetX509Cert(cert,True);
if (success = False) then
begin
WriteLn(rsa.LastErrorText);
Exit;
end;
// Sign the SHA-256 hash of the contents of bd.
bdSig := TBinData.Create;
success := rsa.SignBd(bd,'sha256',bdSig);
if (success = False) then
begin
WriteLn(rsa.LastErrorText);
Exit;
end;
// The RSA signature is equal in length to the size of the RSA key.
WriteLn('Output signature size in bits = ' + bdSig.NumBytes * 8);
// We can save the signature for later verification..
bdSig.WriteFile('rsaSignatures/test1.sig');
// See the example to verify the RSA signature:
// Verfies an RSA Signature
cert.Free;
bd.Free;
rsa.Free;
bdSig.Free;
end;
// ---------------------------------------------------------------------------
begin
try
RunDemo;
except
on E: Exception do
WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
end;
WriteLn;
{$IFDEF MSWINDOWS}
WriteLn('Press Enter to exit...');
ReadLn;
{$ENDIF}
end.