Sign with .pfx to create .p7s, Verify with .cer

Visual FoxPro example to sign a file using a .pfx and creating a .p7s file as output. It then uses a .cer file to verify the signature.

Download Chilkat Crypt ActiveX

LOCAL loCrypt
LOCAL lnSuccess
LOCAL loCertStore
LOCAL loCert
LOCAL loCsp
LOCAL loCert2

loCrypt = CreateObject('Chilkat.Crypt2')

*  Any string argument automatically begins the 30-day trial.

lnSuccess = loCrypt.UnlockComponent("30-day trial")
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX("Crypt component unlock failed")
    QUIT
ENDIF

loCertStore = CreateObject('Chilkat.CertStore')
lnSuccess = loCertStore.LoadPfxFile("chilkat.pfx","myPfxPassword")
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loCertStore.LastErrorText)
    QUIT
ENDIF

loCert = loCertStore.FindCertBySubjectCN("Chilkat Software, Inc.")
IF (loCert = NULL ) THEN
    =MESSAGEBOX("Failed to find certificate")
    QUIT
ENDIF

*  We can explicitly choose hash/encryption algorithms using a CSP.
loCsp = CreateObject('Chilkat.Csp')
loCsp.SetProviderMicrosoftEnhanced()
loCsp.SetHashAlgorithm("sha-1")

*  Tell the crypt component to use this cert and this CSP.
loCrypt.SetSigningCert(loCert)
loCrypt.SetCSP(loCsp)

*  We can sign any type of file, creating a .p7s as output:
lnSuccess = loCrypt.CreateP7S("hamlet.xml","hamlet.p7s")
IF (lnSuccess = 1) THEN
    =MESSAGEBOX("Signature created.")
ELSE
    =MESSAGEBOX(loCrypt.LastErrorText)
ENDIF

*  Verify and restore the original file:
*  Use a cert from a .cer file (which only contains the public key)
loCert2 = CreateObject('Chilkat.Cert')
lnSuccess = loCert2.LoadFromFile("chilkat.cer")
IF (lnSuccess <> 1) THEN
    =MESSAGEBOX(loCert2.LastErrorText)
    QUIT
ENDIF

loCrypt.SetVerifyCert(loCert2)

lnSuccess = loCrypt.VerifyP7S("hamlet.xml","hamlet.p7s")
IF (lnSuccess = 1) THEN
    =MESSAGEBOX("Signature verified.")
ELSE
    =MESSAGEBOX(loCrypt.LastErrorText)
ENDIF