PKCS7 SignedData Signature (embeds Signed Data)

How to create a PKCS7 signature. The resulting PKCS7 structure is encoded to a printable string using hex or base64 encoding. The data being signed is embedded within the PKCS#7 structure.

Demonstrates how to verify the signature and recover the original data.

 Chilkat Perl Module Downloads for Windows, Linux, and MAC OS X

use chilkat();

$crypt = new chilkat::CkCrypt2();

#  Any string argument automatically begins the 30-day trial.
$success = $crypt->UnlockComponent("30-day trial");
if ($success != 1) {
    print "Crypt component unlock failed" . "\n";
    exit;
}

$cert = new chilkat::CkCert();
$success = $cert->LoadByCommonName("Chilkat Software");
if ($success != 1) {
    print $cert->lastErrorText() . "\n";
    exit;
}

#  Make sure this certificate has a private key available:

$bHasPrivateKey = $cert->HasPrivateKey();
if ($bHasPrivateKey != 1) {
    print "No private key available for signing." . "\n";
    exit;
}

#  Tell the encryption component to use this cert.
$crypt->SetSigningCert($cert);

$strData = "This is the data to be signed.";

#  Indicate that the PKCS7 signature should be returned
#  as a base64 encoded string:
$crypt->put_EncodingMode("base64");

#  The EncodingMode may be set to other values such as
#  "hex", "url", "quoted-printable", etc.

$strSignatureWithData = $crypt->opaqueSignStringENC($strData);

print $strSignatureWithData . "\r\n";

#  Now verify the signature against the original data.

#  Tell the component what certificate to use for verification.
$crypt->SetVerifyCert($cert);

$originalData = $crypt->opaqueVerifyStringENC($strSignatureWithData);
if ($originalData eq null ) {
    #  The signature verification failed.
    print $crypt->lastErrorText() . "\n";
}
else {
    print $originalData . "\r\n";
    print "Signature verified!" . "\n";
}