Sign with .pfx to create .p7s, Verify with .cer

Ruby example to sign a file using a .pfx and creating a .p7s file as output. It then uses a .cer file to verify the signature.

Download Chilkat Ruby Library

require 'chilkat'

crypt = Chilkat::CkCrypt2.new()

#  Any string argument automatically begins the 30-day trial.
success = crypt.UnlockComponent("30-day trial")
if (success != true)
    print "Crypt component unlock failed" + "\n"
    exit
end

certStore = Chilkat::CkCertStore.new()
success = certStore.LoadPfxFile("chilkat.pfx","myPfxPassword")
if (success != true)
    print certStore.lastErrorText() + "\n"
    exit
end

cert = certStore.FindCertBySubjectCN("Chilkat Software, Inc.")
if (cert == nil )
    print "Failed to find certificate" + "\n"
    exit
end

#  We can explicitly choose hash/encryption algorithms using a CSP.
csp = Chilkat::CkCSP.new()
csp.SetProviderMicrosoftEnhanced()
csp.SetHashAlgorithm("sha-1")

#  Tell the crypt component to use this cert and this CSP.
crypt.SetSigningCert(cert)
crypt.SetCSP(csp)

#  We can sign any type of file, creating a .p7s as output:
success = crypt.CreateP7S("hamlet.xml","hamlet.p7s")
if (success == true)
    print "Signature created." + "\n"
else
    print crypt.lastErrorText() + "\n"
end

#  Verify and restore the original file:
#  Use a cert from a .cer file (which only contains the public key)
cert2 = Chilkat::CkCert.new()
success = cert2.LoadFromFile("chilkat.cer")
if (success != true)
    print cert2.lastErrorText() + "\n"
    exit
end

crypt.SetVerifyCert(cert2)

success = crypt.VerifyP7S("hamlet.xml","hamlet.p7s")
if (success == true)
    print "Signature verified." + "\n"
else
    print crypt.lastErrorText() + "\n"
end