|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Sign String to create a CAdES-T Signature, using HTTP Proxy to Access Timestamp ServerThis example will sign a string to create a CAdEST-T signature. It will use an HTTP proxy to access the timestamp server.
load ./chilkat.dll set crypt [new_CkCrypt2] set cert [new_CkCert] CkCert_put_SmartCardPin $cert "123456" set success [CkCert_LoadFromSmartcard $cert ""] if {$success != 1} then { puts [CkCert_lastErrorText $cert] delete_CkCrypt2 $crypt delete_CkCert $cert exit } set success [CkCrypt2_SetSigningCert $crypt $cert] # Use SHA-256 rather than the default of SHA-1 CkCrypt2_put_HashAlgorithm $crypt "sha256" # Create JSON that tells Chilkat what signing attributes to include: set attrs [new_CkJsonObject] CkJsonObject_UpdateBool $attrs "contentType" 1 CkJsonObject_UpdateBool $attrs "signingTime" 1 CkJsonObject_UpdateBool $attrs "messageDigest" 1 CkJsonObject_UpdateBool $attrs "signingCertificateV2" 1 # A CAdES-T signature is one that includes a timestampToken created by an online TSA (time stamping authority). # We must include the TSA's URL, as well as a few options to indicate what is desired. # Except for the TSA URL, the options shown here are typically what you would need. CkJsonObject_UpdateBool $attrs "timestampToken.enabled" 1 CkJsonObject_UpdateString $attrs "timestampToken.tsaUrl" "https://freetsa.org/tsr" CkJsonObject_UpdateBool $attrs "timestampToken.addNonce" 0 CkJsonObject_UpdateBool $attrs "timestampToken.requestTsaCert" 1 CkJsonObject_UpdateString $attrs "timestampToken.hashAlg" "sha256" CkCrypt2_put_SigningAttributes $crypt [CkJsonObject_emit $attrs] set strToSign "Hello World!" set bd [new_CkBinData] CkBinData_AppendString $bd $strToSign "utf-8" # ------------------------------------------------------------------------- # The purpose of this example is to show how an HTTP object with custom # settings can be used to access the Internet when signing. # Access to the Internet is needed to communicate with the timestamp server. set http [new_CkHttp] # This can be a domain name, hostname, or IP address. CkHttp_put_ProxyDomain $http "172.16.16.56" CkHttp_put_ProxyPort $http 808 CkHttp_put_ProxyLogin $http "myProxyLogin" CkHttp_put_ProxyPassword $http "myProxyPassword" CkCrypt2_SetTsaHttpObj $crypt $http # ------------------------------------------------------------------------- # This creates the CAdES-T signature. During the signature creation, it # communicates with the TSA to get a timestampToken. # The contents of bd are signed and replaced with the CAdES-T signature (which embeds the original content). set success [CkCrypt2_OpaqueSignBd $crypt $bd] if {$success != 1} then { puts [CkCrypt2_lastErrorText $crypt] delete_CkCrypt2 $crypt delete_CkCert $cert delete_CkJsonObject $attrs delete_CkBinData $bd delete_CkHttp $http exit } # Get the signature in base64 format: puts [CkBinData_getEncoded $bd base64_mime] puts "Success." delete_CkCrypt2 $crypt delete_CkCert $cert delete_CkJsonObject $attrs delete_CkBinData $bd delete_CkHttp $http |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.