Pascal (Lazarus/Delphi)
Pascal (Lazarus/Delphi)
Signing HTTP Messages
See more RSA Examples
Demonstrates how to sign HTTP messages per draft-cavage-http-signatures-10Chilkat Pascal (Lazarus/Delphi) Downloads
program ChilkatDemo;
// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.
{$IFDEF FPC}
{$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}
uses
{$IFDEF UNIX}
cthreads,
{$ENDIF}
SysUtils,
CkDllLoader,
Chilkat.StringBuilder,
Chilkat.PrivateKey,
Chilkat.Rsa,
Chilkat.PublicKey,
Chilkat.CkDateTime;
// ---------------------------------------------------------------------------
procedure RunDemo;
var
success: Boolean;
bCrlf: Boolean;
sbPublicKeyPem: TStringBuilder;
pubKey: TPublicKey;
sbPrivateKeyPem: TStringBuilder;
privKey: TPrivateKey;
dtNow: TCkDateTime;
dateStr: string;
rsa: TRsa;
sbStringToSign: TStringBuilder;
b64Signature: string;
begin
success := False;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
bCrlf := True;
sbPublicKeyPem := TStringBuilder.Create;
sbPublicKeyPem.AppendLine('-----BEGIN PUBLIC KEY-----',bCrlf);
sbPublicKeyPem.AppendLine('MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3',bCrlf);
sbPublicKeyPem.AppendLine('6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6',bCrlf);
sbPublicKeyPem.AppendLine('Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw',bCrlf);
sbPublicKeyPem.AppendLine('oYi+1hqp1fIekaxsyQIDAQAB',bCrlf);
sbPublicKeyPem.AppendLine('-----END PUBLIC KEY-----',bCrlf);
pubKey := TPublicKey.Create;
pubKey.LoadFromString(sbPublicKeyPem.GetAsString());
sbPrivateKeyPem := TStringBuilder.Create;
sbPrivateKeyPem.AppendLine('-----BEGIN RSA PRIVATE KEY-----',bCrlf);
sbPrivateKeyPem.AppendLine('MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF',bCrlf);
sbPrivateKeyPem.AppendLine('NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F',bCrlf);
sbPrivateKeyPem.AppendLine('UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB',bCrlf);
sbPrivateKeyPem.AppendLine('AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA',bCrlf);
sbPrivateKeyPem.AppendLine('QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK',bCrlf);
sbPrivateKeyPem.AppendLine('kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg',bCrlf);
sbPrivateKeyPem.AppendLine('f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u',bCrlf);
sbPrivateKeyPem.AppendLine('412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc',bCrlf);
sbPrivateKeyPem.AppendLine('mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7',bCrlf);
sbPrivateKeyPem.AppendLine('kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA',bCrlf);
sbPrivateKeyPem.AppendLine('gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW',bCrlf);
sbPrivateKeyPem.AppendLine('G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI',bCrlf);
sbPrivateKeyPem.AppendLine('7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==',bCrlf);
sbPrivateKeyPem.AppendLine('-----END RSA PRIVATE KEY-----',bCrlf);
privKey := TPrivateKey.Create;
privKey.LoadPem(sbPrivateKeyPem.GetAsString());
// All examples use this request:
//
// POST /foo?param=value&pet=dog HTTP/1.1
// Host: example.com
// Date: Sun, 05 Jan 2014 21:31:40 GMT
// Content-Type: application/json
// Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
// Content-Length: 18
//
// {"hello": "world"}
// C.1. Default Test
//
// If a list of headers is not included, the date is the only header
// that is signed by default. The string to sign would be:
//
// date: Sun, 05 Jan 2014 21:31:40 GMT
//
// The Authorization header would be:
//
// Authorization: Signature keyId="Test",algorithm="rsa-sha256",
// signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
// 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
// 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
//
// The Signature header would be:
//
// Signature: keyId="Test",algorithm="rsa-sha256",
// signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
// 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
// 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
//
dtNow := TCkDateTime.Create;
success := dtNow.SetFromCurrentSystemTime();
dateStr := dtNow.GetAsRfc822(False);
// To duplicate the above result, we'll hard-code the date string.
dateStr := 'Sun, 05 Jan 2014 21:31:40 GMT';
rsa := TRsa.Create;
success := rsa.UsePrivateKey(privKey);
if (success = False) then
begin
WriteLn(rsa.LastErrorText);
Exit;
end;
sbStringToSign := TStringBuilder.Create;
sbStringToSign.Append('date: ');
sbStringToSign.Append(dateStr);
rsa.EncodingMode := 'base64';
b64Signature := rsa.SignStringENC(sbStringToSign.GetAsString(),'SHA256');
WriteLn(b64Signature);
WriteLn('---------------------------');
// The result should be:
// SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM=
// ----------------------------------------------------------------------------------------------------
// C.2. Basic Test
//
// The minimum recommended data to sign is the (request-target), host,
// and date. In this case, the string to sign would be:
//
// (request-target): post /foo?param=value&pet=dog
// host: example.com
// date: Sun, 05 Jan 2014 21:31:40 GMT
//
// The Authorization header would be:
//
// Authorization: Signature keyId="Test",algorithm="rsa-sha256",
// headers="(request-target) host date", signature="qdx+H7PHHDZgy4
// y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn
// 7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs
// kLu6kd9Fswtemr3lgdDEmn04swr2Os0="
sbStringToSign.Clear();
sbStringToSign.Append('(request-target): ');
sbStringToSign.AppendLine('post /foo?param=value&pet=dog',False);
sbStringToSign.Append('host: ');
sbStringToSign.AppendLine('example.com',False);
sbStringToSign.Append('date: ');
sbStringToSign.Append(dateStr);
WriteLn('StringToSign:');
WriteLn(sbStringToSign.GetAsString());
b64Signature := rsa.SignStringENC(sbStringToSign.GetAsString(),'SHA256');
WriteLn(b64Signature);
WriteLn('---------------------------');
// The result should be:
// qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0=
sbPublicKeyPem.Free;
pubKey.Free;
sbPrivateKeyPem.Free;
privKey.Free;
dtNow.Free;
rsa.Free;
sbStringToSign.Free;
end;
// ---------------------------------------------------------------------------
begin
try
RunDemo;
except
on E: Exception do
WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
end;
WriteLn;
{$IFDEF MSWINDOWS}
WriteLn('Press Enter to exit...');
ReadLn;
{$ENDIF}
end.