|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(SQL Server) Verify Opaque Signature and Retrieve Signing CertificatesDemonstrates how to verify a PCKS7 opaque digital signature (signed data), extract the original file/data, and then extract the certificate(s) that were used to sign. Note: This example requires Chilkat v11.0.0 or greater.
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls. -- CREATE PROCEDURE ChilkatSample AS BEGIN DECLARE @hr int -- Important: Do not use nvarchar(max). See the warning about using nvarchar(max). DECLARE @sTmp0 nvarchar(4000) DECLARE @success int SELECT @success = 0 -- This example assumes the Chilkat API to have been previously unlocked. -- See Global Unlock Sample for sample code. DECLARE @crypt int EXEC @hr = sp_OACreate 'Chilkat.Crypt2', @crypt OUT IF @hr <> 0 BEGIN PRINT 'Failed to create ActiveX component' RETURN END -- Verify a PKCS7 signed-data (opaque signature) file and extract the original content to a file. EXEC sp_OAMethod @crypt, 'VerifyP7M', @success OUT, 'qa_data/p7m/opaqueSig.p7', 'qa_output/originalData.dat' IF @success = 0 BEGIN EXEC sp_OAGetProperty @crypt, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @crypt RETURN END -- Alternatively, we can do it in memory... DECLARE @binData int EXEC @hr = sp_OACreate 'Chilkat.BinData', @binData OUT EXEC sp_OAMethod @binData, 'LoadFile', @success OUT, 'qa_data/p7m/opaqueSig.p7' -- Your app should check for success, but we'll skip the check for brevity.. -- If verified, the signature is unwrapped and binData is replaced with the original data that was signed. EXEC sp_OAMethod @crypt, 'OpaqueVerifyBd', @success OUT, @binData IF @success = 0 BEGIN EXEC sp_OAGetProperty @crypt, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @crypt EXEC @hr = sp_OADestroy @binData RETURN END -- For our testing, we signed some text, so we can get it from the binData.. PRINT 'Original Data:' EXEC sp_OAMethod @binData, 'GetString', @sTmp0 OUT, 'utf-8' PRINT @sTmp0 -- After any method call that verifies a signature, the crypt object will contain the certificate(s) -- that were used for signing (assuming the X.509 certs were available in the signature, which is typically the case). -- Get each signing certificate, and build the certificate chain for each. DECLARE @cert int EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT DECLARE @certChain int EXEC @hr = sp_OACreate 'Chilkat.CertChain', @certChain OUT DECLARE @numCerts int EXEC sp_OAGetProperty @crypt, 'NumSignerCerts', @numCerts OUT DECLARE @i int SELECT @i = 0 WHILE @i < @numCerts BEGIN EXEC sp_OAMethod @crypt, 'LastSignerCert', @success OUT, @i, @cert EXEC sp_OAGetProperty @cert, 'SubjectDN', @sTmp0 OUT PRINT @sTmp0 EXEC sp_OAMethod @cert, 'BuildCertChain', @success OUT, @certChain IF @success = 0 BEGIN EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @crypt EXEC @hr = sp_OADestroy @binData EXEC @hr = sp_OADestroy @cert EXEC @hr = sp_OADestroy @certChain RETURN END SELECT @i = @i + 1 END EXEC @hr = sp_OADestroy @crypt EXEC @hr = sp_OADestroy @binData EXEC @hr = sp_OADestroy @cert EXEC @hr = sp_OADestroy @certChain END GO |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.