Chilkat HOME Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi DLL Go Java Node.js Objective-C PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(PureBasic) Signing HTTP MessagesDemonstrates how to sign HTTP messages per draft-cavage-http-signatures-10 For more information, see https://tools.ietf.org/html/draft-cavage-http-signatures-10
IncludeFile "CkStringBuilder.pb" IncludeFile "CkPrivateKey.pb" IncludeFile "CkRsa.pb" IncludeFile "CkPublicKey.pb" IncludeFile "CkDateTime.pb" Procedure ChilkatExample() ; This example requires the Chilkat API to have been previously unlocked. ; See Global Unlock Sample for sample code. success.i bCrlf.i = 1 sbPublicKeyPem.i = CkStringBuilder::ckCreate() If sbPublicKeyPem.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkStringBuilder::ckAppendLine(sbPublicKeyPem,"-----BEGIN PUBLIC KEY-----",bCrlf) CkStringBuilder::ckAppendLine(sbPublicKeyPem,"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3",bCrlf) CkStringBuilder::ckAppendLine(sbPublicKeyPem,"6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6",bCrlf) CkStringBuilder::ckAppendLine(sbPublicKeyPem,"Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw",bCrlf) CkStringBuilder::ckAppendLine(sbPublicKeyPem,"oYi+1hqp1fIekaxsyQIDAQAB",bCrlf) CkStringBuilder::ckAppendLine(sbPublicKeyPem,"-----END PUBLIC KEY-----",bCrlf) pubKey.i = CkPublicKey::ckCreate() If pubKey.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkPublicKey::ckLoadFromString(pubKey,CkStringBuilder::ckGetAsString(sbPublicKeyPem)) sbPrivateKeyPem.i = CkStringBuilder::ckCreate() If sbPrivateKeyPem.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"-----BEGIN RSA PRIVATE KEY-----",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==",bCrlf) CkStringBuilder::ckAppendLine(sbPrivateKeyPem,"-----END RSA PRIVATE KEY-----",bCrlf) privKey.i = CkPrivateKey::ckCreate() If privKey.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkPrivateKey::ckLoadPem(privKey,CkStringBuilder::ckGetAsString(sbPrivateKeyPem)) ; All examples use this request: ; ; POST /foo?param=value&pet=dog HTTP/1.1 ; Host: example.com ; Date: Sun, 05 Jan 2014 21:31:40 GMT ; Content-Type: application/json ; Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= ; Content-Length: 18 ; ; {"hello": "world"} ; C.1. Default Test ; ; If a list of headers is not included, the date is the only header ; that is signed by default. The string to sign would be: ; ; date: Sun, 05 Jan 2014 21:31:40 GMT ; ; The Authorization header would be: ; ; Authorization: Signature keyId="Test",algorithm="rsa-sha256", ; signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz ; 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB ; 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM=" ; ; The Signature header would be: ; ; Signature: keyId="Test",algorithm="rsa-sha256", ; signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz ; 6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB ; 6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM=" ; dtNow.i = CkDateTime::ckCreate() If dtNow.i = 0 Debug "Failed to create object." ProcedureReturn EndIf success = CkDateTime::ckSetFromCurrentSystemTime(dtNow) dateStr.s = CkDateTime::ckGetAsRfc822(dtNow,0) ; To duplicate the above result, we'll hard-code the date string. dateStr = "Sun, 05 Jan 2014 21:31:40 GMT" rsa.i = CkRsa::ckCreate() If rsa.i = 0 Debug "Failed to create object." ProcedureReturn EndIf success = CkRsa::ckImportPrivateKeyObj(rsa,privKey) If success = 0 Debug CkRsa::ckLastErrorText(rsa) CkStringBuilder::ckDispose(sbPublicKeyPem) CkPublicKey::ckDispose(pubKey) CkStringBuilder::ckDispose(sbPrivateKeyPem) CkPrivateKey::ckDispose(privKey) CkDateTime::ckDispose(dtNow) CkRsa::ckDispose(rsa) ProcedureReturn EndIf sbStringToSign.i = CkStringBuilder::ckCreate() If sbStringToSign.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkStringBuilder::ckAppend(sbStringToSign,"date: ") CkStringBuilder::ckAppend(sbStringToSign,dateStr) CkRsa::setCkEncodingMode(rsa, "base64") b64Signature.s = CkRsa::ckSignStringENC(rsa,CkStringBuilder::ckGetAsString(sbStringToSign),"SHA256") Debug b64Signature Debug "---------------------------" ; The result should be: ; SjWJWbWN7i0wzBvtPl8rbASW ... FD0k/5OxEPXe5WozsbM= ; ---------------------------------------------------------------------------------------------------- ; C.2. Basic Test ; ; The minimum recommended data to sign is the (request-target), host, ; and date. In this case, the string to sign would be: ; ; (request-target): post /foo?param=value&pet=dog ; host: example.com ; date: Sun, 05 Jan 2014 21:31:40 GMT ; ; The Authorization header would be: ; ; Authorization: Signature keyId="Test",algorithm="rsa-sha256", ; headers="(request-target) host date", signature="qdx+H7PHHDZgy4 ; y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn ; 7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBs ; kLu6kd9Fswtemr3lgdDEmn04swr2Os0=" CkStringBuilder::ckClear(sbStringToSign) CkStringBuilder::ckAppend(sbStringToSign,"(request-target): ") CkStringBuilder::ckAppendLine(sbStringToSign,"post /foo?param=value&pet=dog",0) CkStringBuilder::ckAppend(sbStringToSign,"host: ") CkStringBuilder::ckAppendLine(sbStringToSign,"example.com",0) CkStringBuilder::ckAppend(sbStringToSign,"date: ") CkStringBuilder::ckAppend(sbStringToSign,dateStr) Debug "StringToSign:" Debug CkStringBuilder::ckGetAsString(sbStringToSign) b64Signature = CkRsa::ckSignStringENC(rsa,CkStringBuilder::ckGetAsString(sbStringToSign),"SHA256") Debug b64Signature Debug "---------------------------" ; The result should be: ; qdx+H7PHHDZgy4y/Ahn ... mn04swr2Os0= CkStringBuilder::ckDispose(sbPublicKeyPem) CkPublicKey::ckDispose(pubKey) CkStringBuilder::ckDispose(sbPrivateKeyPem) CkPrivateKey::ckDispose(privKey) CkDateTime::ckDispose(dtNow) CkRsa::ckDispose(rsa) CkStringBuilder::ckDispose(sbStringToSign) ProcedureReturn EndProcedure |
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.