|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Authenticode Sign using Smartcard or USB TokenSee more Code Signing ExamplesDemonstrates how to Authenticode sign an EXE or DLL using a smartcard or USB token, such as a Yubikey.Note: Chilkat's code signing class was added in v9.5.0.97
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # First create the following JSON to specify that SHA256 is to be used, # and provide timestamp server information. # { # "hashAlg": "sha256", # "timestampToken": { # "enabled": true, # "tsaUrl": "http://timestamp.digicert.com", # "requestTsaCert": true, # "hashAlg": "sha256" # } # } set json [new_CkJsonObject] CkJsonObject_UpdateString $json "hashAlg" "sha256" CkJsonObject_UpdateBool $json "timestampToken.enabled" 1 CkJsonObject_UpdateString $json "timestampToken.tsaUrl" "http://timestamp.digicert.com" CkJsonObject_UpdateBool $json "timestampToken.requestTsaCert" 1 CkJsonObject_UpdateString $json "timestampToken.hashAlg" "sha256" # The only difference in signing with a smartcard or USB token # is that the cert is loaded from a smartcard or USB token, instead of a PFX or from elsewhere # such as from the Windows certificate store. set cert [new_CkCert] # Yubico YubiKey OTP+FIDO+CCID 0, default PIN = 123456 CkCert_put_SmartCardPin $cert "123456" # Assuming you have the Yubikey inserted into the USB on the computer... # and there is only 1 signing certificate on the Yubikey, then just load from # the "smartcard". (assuming you don't have additional smartcards or USB tokens plugged in) set success [CkCert_LoadFromSmartcard $cert ""] if {$success == 0} then { puts [CkCert_lastErrorText $cert] delete_CkJsonObject $json delete_CkCert $cert exit } # If the smartcard/token has several possible certificates that can be used for signing, # then see the online documentation for the LoadFromSmartcard method, # and also see the online documentation and examples for Chilkat Pkcs11 and ScMinidriver. # There are many possible ways to load a Chilkat certificate object with a cert (and associated private key) # from a variety of sources. The only coding difference for any signing function in Chilkat, # whether it be a PDF, XmlDSig, CMS, etc. is in how the cert is loaded. # You can sign .exe or .dll files. set exePath "C:/someOtherDir/HelloWorld.exe" set signer [new_CkCodeSign] # If successful, the following call will apply the signature to the EXE (or DLL). set success [CkCodeSign_AddSignature $signer $exePath $cert $json] if {$success == 0} then { puts [CkCodeSign_lastErrorText $signer] delete_CkJsonObject $json delete_CkCert $cert delete_CkCodeSign $signer exit } puts "Successfully applied the Authenticode signature." delete_CkJsonObject $json delete_CkCert $cert delete_CkCodeSign $signer |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.