(C) Verify the Timestamp Server Token (if any) while Validating a CMS Signature

Demonstrates how to also validate the timestamp server token (if any) while validating a CMS signature.

Chilkat C/C++ Library Downloads
MS Visual C/C++ C++ Builder Linux C/C++ Alpine Linux C/C++	MacOS C/C++ iOS C/C++ Android C/C++ MinGW C/C++

#include <C_CkCrypt2.h>
#include <C_CkJsonObject.h>

void ChilkatSample(void)
    {
    HCkCrypt2 crypt;
    HCkJsonObject cmsOptions;
    const char *outputFile;
    const char *inFile;
    BOOL success;

    crypt = CkCrypt2_Create();

    // Tell Chilkat to also validate the timestamp token if a timestamp exists in the CMS message's unauthenticated attributes.
    cmsOptions = CkJsonObject_Create();
    CkJsonObject_UpdateBool(cmsOptions,"ValidateTimestampTokens",TRUE);
    CkCrypt2_putCmsOptions(crypt,CkJsonObject_emit(cmsOptions));

    outputFile = "qa_output/original.xml";
    inFile = "qa_data/p7m/fattura_signature.xml.p7m";

    // Verify the signature and extract the contained file, which in this case is XML.
    success = CkCrypt2_VerifyP7M(crypt,inFile,outputFile);
    if (success == FALSE) {
        printf("%s\n",CkCrypt2_lastErrorText(crypt));
        CkCrypt2_Dispose(crypt);
        CkJsonObject_Dispose(cmsOptions);
        return;
    }

    printf("Signature validated.\n");


    CkCrypt2_Dispose(crypt);
    CkJsonObject_Dispose(cmsOptions);

    }