PKCS7 SignedData Detached Signature

How to create a PKCS7 detached signature. The resulting PKCS7 structure is encoded to a printable string using hex or base64 encoding. The data being signed is not included in the PKCS#7 structure.

Download Chilkat Ruby Library

require 'chilkat'

crypt = Chilkat::CkCrypt2.new()

#  Any string argument automatically begins the 30-day trial.
success = crypt.UnlockComponent("30-day trial")
if (success != true)
    print "Crypt component unlock failed" + "\n"
    exit
end

cert = Chilkat::CkCert.new()
success = cert.LoadByCommonName("Chilkat Software")
if (success != true)
    print cert.lastErrorText() + "\n"
    exit
end

#  Make sure this certificate has a private key available:

bHasPrivateKey = cert.HasPrivateKey()
if (bHasPrivateKey != true)
    print "No private key available for signing." + "\n"
    exit
end

#  Tell the encryption component to use this cert.
crypt.SetSigningCert(cert)

strData = "This is the data to be signed."

#  Indicate that the PKCS7 signature should be returned
#  as a base64 encoded string:
crypt.put_EncodingMode("base64")

#  The EncodingMode may be set to other values such as
#  "hex", "url", "quoted-printable", etc.

strSignature = crypt.signStringENC(strData)

print strSignature + "\n";

#  Now verify the signature against the original data.

#  Tell the component what certificate to use for verification.
crypt.SetVerifyCert(cert)

success = crypt.VerifyStringENC(strData,strSignature)
if (success == true)
    print "digital signature verified" + "\n"
else
    print "digital signature invalid" + "\n"
end

#  Try it with incorrect data:
success = crypt.VerifyStringENC("This is not the signed data",strSignature)
if (success == true)
    print "digital signature verified" + "\n"
else
    print "digital signature invalid" + "\n"
end