0
733

Written by

Minn Bo Bo
Follow
Question Minn Bo Bo · Feb 16, 2023

How to Sign a String with RSA SHA256?

#InterSystems IRIS #Encryption #SSL

So I have a base string that I want to sign using RSA-SHA256. I have a .p12 file and passphrase to get the RSA Private key using NodeJS (pem.readPkcs12 library), which I don't know how to do that in intersystems as well. (would appreciate if you can include a solution for that too)
The main problem here is I am trying to sign a string and print the result to terminal, using the code below in a routine (.mac file).

SignTest
    s privateKey = "-----BEGIN RSA PRIVATE KEY-----\r\nsomeKey\r\nsomeKey\r\n-----END RSA PRIVATE KEY-----"s myString  = "text to sign"s signedTxt = ##class(%SYSTEM.Encryption).RSASHASign(256, myString, privateKey)
    zw signedTxt
    q

But when I run it in the terminal, the output is an empty string. What is wrong here?

I have tried %SYS.X509Credentials class, and RSASHASign method as well, but still cannot get around to the expected result. The code is below.

signTest
    s signer = ##class(%SYS.X509Credentials).%New()
    s privateKey = "-----BEGIN RSA PRIVATE KEY-----\r\nsomeKey\r\nsomeKey\r\n-----END RSA PRIVATE KEY-----"s myString  = "text to sign"s signer.PrivateKey = privateKey
    s signedText = signer.RSASHASign(256, txt)
    zw signedText
    q

I came from NodeJS development, and I am a newbie to the intersystems. Thanks so much if you can give some enlightenment to me.

Product version: IRIS 2022.2
$ZV: IRIS for Windows (x86-64) 2022.2 (Build 368U) Fri Oct 21 2022 16:44:33 EDT
Discussion (2)0
Log in or sign up to continue

Comments

Vitaliy Serdtsev · Feb 17, 2023

Try working directly with the private key file, for example:

<FONT COLOR="#0000ff">#include </FONT><FONT COLOR="#000000">%msql

</FONT><FONT COLOR="#0000ff">s </FONT><FONT COLOR="#800000">f</FONT><FONT COLOR="#000000">=</FONT><FONT COLOR="#000080">##class</FONT><FONT COLOR="#000000">(</FONT><FONT COLOR="#008080">%Stream.FileBinary</FONT><FONT COLOR="#000000">).</FONT><FONT COLOR="#0000ff">%New</FONT><FONT COLOR="#000000">()
</FONT><FONT COLOR="#0000ff">s </FONT><FONT COLOR="#800000">f</FONT><FONT COLOR="#000000">.</FONT><FONT COLOR="#0000ff">Filename</FONT><FONT COLOR="#000000">=</FONT><FONT COLOR="#008000">"С:\your_private_key.pem"
</FONT><FONT COLOR="#0000ff">s </FONT><FONT COLOR="#800000">privateKey</FONT><FONT COLOR="#000000">=</FONT><FONT COLOR="#800000">f</FONT><FONT COLOR="#000000">.</FONT><FONT COLOR="#0000ff">Read</FONT><FONT COLOR="#000000">(</FONT><FONT COLOR="#0000ff">$$$MaxLocalLength</FONT><FONT COLOR="#000000">)
 
</FONT><FONT COLOR="#0000ff">s </FONT><FONT COLOR="#800000">myString  </FONT><FONT COLOR="#000000">= </FONT><FONT COLOR="#008000">"text to sign"
</FONT><FONT COLOR="#0000ff">s </FONT><FONT COLOR="#800000">signedTxt </FONT><FONT COLOR="#000000">= </FONT><FONT COLOR="#000080">##class</FONT><FONT COLOR="#000000">(</FONT><FONT COLOR="#008080">%SYSTEM.Encryption</FONT><FONT COLOR="#000000">).</FONT><FONT COLOR="#0000ff">RSASHASign</FONT><FONT COLOR="#000000">(256, </FONT><FONT COLOR="#0000ff">$zcvt</FONT><FONT COLOR="#000000">(</FONT><FONT COLOR="#800000">myString</FONT><FONT COLOR="#000000">,</FONT><FONT COLOR="#008000">"O"</FONT><FONT COLOR="#000000">,</FONT><FONT COLOR="#008000">"UTF8"</FONT><FONT COLOR="#000000">), </FONT><FONT COLOR="#800000">privateKey</FONT><FONT COLOR="#000000">)
</FONT><FONT COLOR="#0000ff">zw </FONT><FONT COLOR="#800000">signedTxt</FONT>
This code works for me.
0
Minn Bo Bo  Feb 17, 2023 to Vitaliy Serdtsev

You are a life savor indeed, it works. Thank you so much. smiley

0