PKCS7 SignedData Detached Signature

How to create a PKCS7 detached signature. The resulting PKCS7 structure is encoded to a printable string using hex or base64 encoding. The data being signed is not included in the PKCS#7 structure.

Chilkat Module for Perl 5.8.*

Chilkat Module for Perl 5.10.*

use chilkat;

$crypt = new chilkat::CkCrypt2();

#  Any string argument automatically begins the 30-day trial.
$success = $crypt->UnlockComponent("30-day trial");
if ($success != 1) {
    print "Crypt component unlock failed" . "\n";
    exit;
}

$cert = new chilkat::CkCert();
$success = $cert->LoadByCommonName("Chilkat Software");
if ($success != 1) {
    print $cert->lastErrorText() . "\n";
    exit;
}

#  Make sure this certificate has a private key available:

$bHasPrivateKey = $cert->HasPrivateKey();
if ($bHasPrivateKey != 1) {
    print "No private key available for signing." . "\n";
    exit;
}

#  Tell the encryption component to use this cert.
$crypt->SetSigningCert($cert);

$strData = "This is the data to be signed.";

#  Indicate that the PKCS7 signature should be returned
#  as a base64 encoded string:
$crypt->put_EncodingMode("base64");

#  The EncodingMode may be set to other values such as
#  "hex", "url", "quoted-printable", etc.

$strSignature = $crypt->signStringENC($strData);

print $strSignature . "\r\n";

#  Now verify the signature against the original data.

#  Tell the component what certificate to use for verification.
$crypt->SetVerifyCert($cert);

$success = $crypt->VerifyStringENC($strData,$strSignature);
if ($success == 1) {
    print "digital signature verified" . "\n";
}
else {
    print "digital signature invalid" . "\n";
}

#  Try it with incorrect data:
$success = $crypt->VerifyStringENC("This is not the signed data",$strSignature);
if ($success == 1) {
    print "digital signature verified" . "\n";
}
else {
    print "digital signature invalid" . "\n";
}