Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Signing HTTP Messages

See more RSA Examples

Demonstrates how to sign HTTP messages per draft-cavage-http-signatures-10

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.StringBuilder,
  Chilkat.PrivateKey,
  Chilkat.Rsa,
  Chilkat.PublicKey,
  Chilkat.CkDateTime;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  bCrlf: Boolean;
  sbPublicKeyPem: TStringBuilder;
  pubKey: TPublicKey;
  sbPrivateKeyPem: TStringBuilder;
  privKey: TPrivateKey;
  dtNow: TCkDateTime;
  dateStr: string;
  rsa: TRsa;
  sbStringToSign: TStringBuilder;
  b64Signature: string;

begin
  success := False;

  //  This example requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  bCrlf := True;
  sbPublicKeyPem := TStringBuilder.Create;
  sbPublicKeyPem.AppendLine('-----BEGIN PUBLIC KEY-----',bCrlf);
  sbPublicKeyPem.AppendLine('MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3',bCrlf);
  sbPublicKeyPem.AppendLine('6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6',bCrlf);
  sbPublicKeyPem.AppendLine('Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw',bCrlf);
  sbPublicKeyPem.AppendLine('oYi+1hqp1fIekaxsyQIDAQAB',bCrlf);
  sbPublicKeyPem.AppendLine('-----END PUBLIC KEY-----',bCrlf);

  pubKey := TPublicKey.Create;
  pubKey.LoadFromString(sbPublicKeyPem.GetAsString());

  sbPrivateKeyPem := TStringBuilder.Create;
  sbPrivateKeyPem.AppendLine('-----BEGIN RSA PRIVATE KEY-----',bCrlf);
  sbPrivateKeyPem.AppendLine('MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF',bCrlf);
  sbPrivateKeyPem.AppendLine('NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F',bCrlf);
  sbPrivateKeyPem.AppendLine('UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB',bCrlf);
  sbPrivateKeyPem.AppendLine('AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA',bCrlf);
  sbPrivateKeyPem.AppendLine('QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK',bCrlf);
  sbPrivateKeyPem.AppendLine('kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg',bCrlf);
  sbPrivateKeyPem.AppendLine('f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u',bCrlf);
  sbPrivateKeyPem.AppendLine('412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc',bCrlf);
  sbPrivateKeyPem.AppendLine('mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7',bCrlf);
  sbPrivateKeyPem.AppendLine('kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA',bCrlf);
  sbPrivateKeyPem.AppendLine('gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW',bCrlf);
  sbPrivateKeyPem.AppendLine('G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI',bCrlf);
  sbPrivateKeyPem.AppendLine('7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==',bCrlf);
  sbPrivateKeyPem.AppendLine('-----END RSA PRIVATE KEY-----',bCrlf);

  privKey := TPrivateKey.Create;
  privKey.LoadPem(sbPrivateKeyPem.GetAsString());

  //     All examples use this request:
  //  
  //     POST /foo?param=value&pet=dog HTTP/1.1
  //     Host: example.com
  //     Date: Sun, 05 Jan 2014 21:31:40 GMT
  //     Content-Type: application/json
  //     Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=
  //     Content-Length: 18
  //  
  //     {"hello": "world"}

  //  C.1.  Default Test
  //  
  //     If a list of headers is not included, the date is the only header
  //     that is signed by default.  The string to sign would be:
  //  
  //     date: Sun, 05 Jan 2014 21:31:40 GMT
  //  
  //     The Authorization header would be:
  //  
  //     Authorization: Signature keyId="Test",algorithm="rsa-sha256",
  //     signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
  //     6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
  //     6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
  //  
  //     The Signature header would be:
  //  
  //     Signature: keyId="Test",algorithm="rsa-sha256",
  //     signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz
  //     6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB
  //     6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="
  //  

  dtNow := TCkDateTime.Create;
  success := dtNow.SetFromCurrentSystemTime();
  dateStr := dtNow.GetAsRfc822(False);

  //  To duplicate the above result, we'll hard-code the date string.
  dateStr := 'Sun, 05 Jan 2014 21:31:40 GMT';

  rsa := TRsa.Create;
  success := rsa.UsePrivateKey(privKey);
  if (success = False) then
    begin
      WriteLn(rsa.LastErrorText);
      Exit;
    end;

  sbStringToSign := TStringBuilder.Create;
  sbStringToSign.Append('date: ');
  sbStringToSign.Append(dateStr);

  rsa.EncodingMode := 'base64';
  b64Signature := rsa.SignStringENC(sbStringToSign.GetAsString(),'SHA256');
  WriteLn(b64Signature);
  WriteLn('---------------------------');

  //  The result should be:
  //  SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM=

  //  ----------------------------------------------------------------------------------------------------

  //  C.2.  Basic Test
  //  
  //     The minimum recommended data to sign is the (request-target), host,
  //     and date.  In this case, the string to sign would be:
  //  
  //     (request-target): post /foo?param=value&pet=dog
  //     host: example.com
  //     date: Sun, 05 Jan 2014 21:31:40 GMT
  //  
  //     The Authorization header would be:
  //  
  //     Authorization: Signature keyId="Test",algorithm="rsa-sha256",
  //     headers="(request-target) host date", signature="qdx+H7PHHDZgy4
  //     y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn
  //     7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs
  //     kLu6kd9Fswtemr3lgdDEmn04swr2Os0="

  sbStringToSign.Clear();
  sbStringToSign.Append('(request-target): ');
  sbStringToSign.AppendLine('post /foo?param=value&pet=dog',False);
  sbStringToSign.Append('host: ');
  sbStringToSign.AppendLine('example.com',False);
  sbStringToSign.Append('date: ');
  sbStringToSign.Append(dateStr);

  WriteLn('StringToSign:');
  WriteLn(sbStringToSign.GetAsString());
  b64Signature := rsa.SignStringENC(sbStringToSign.GetAsString(),'SHA256');
  WriteLn(b64Signature);
  WriteLn('---------------------------');

  //  The result should be:
  //  qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0=


  sbPublicKeyPem.Free;
  pubKey.Free;
  sbPrivateKeyPem.Free;
  privKey.Free;
  dtNow.Free;
  rsa.Free;
  sbStringToSign.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.