Sample code for 30+ languages & platforms
CkPython

Create .p7s using Smart Card or USB Token

Demonstrates how to create a .p7s using a certificate stored on a smart card or USB token.

Chilkat CkPython Downloads

CkPython
import sys
import chilkat

success = False

# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

crypt = chilkat.CkCrypt2()

# Use a certificate on a smartcard or USB token.
cert = chilkat.CkCert()

# Provide the smartcard PIN.
cert.put_SmartCardPin("000000")

# Load the certificate on the smartcard currently in the reader (or on the USB token).
success = cert.LoadFromSmartcard("")
if (success != True):
    print(cert.lastErrorText())
    sys.exit()

# Provide the certificate for signing.
success = crypt.SetSigningCert(cert)
if (success != True):
    print(crypt.lastErrorText())
    sys.exit()

# Indicate that SHA-256 should be used.
crypt.put_HashAlgorithm("sha256")

# Specify the signed attributes to be included.
jsonSignedAttrs = chilkat.CkJsonObject()
jsonSignedAttrs.UpdateInt("contentType",1)
jsonSignedAttrs.UpdateInt("signingTime",1)
jsonSignedAttrs.UpdateInt("messageDigest",1)
jsonSignedAttrs.UpdateInt("signingCertificateV2",1)
crypt.put_SigningAttributes(jsonSignedAttrs.emit())

inFile = "qa_data/xml/IT01234567890_11002.xml"
sigFile = "qa_output/IT01234567890_11002.xml.p7s"

# Create the .p7s, which is a signature file that does not embed the original data.
# (To create a signature file that also embeds the original data, call CreateP7M instead)
success = crypt.CreateP7S(inFile,sigFile)
if (success == False):
    print(crypt.lastErrorText())
    sys.exit()

print("Success.")