|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(DataFlex) Verify Opaque Signature and Retrieve Signing CertificatesDemonstrates how to verify a PCKS7 opaque digital signature (signed data), extract the original file/data, and then extract the certificate(s) that were used to sign.
Use ChilkatAx-9.5.0-win32.pkg Procedure Test Handle hoCrypt Boolean iSuccess Variant vBinData Handle hoBinData Integer iNumCerts Integer i Variant vCert Handle hoCert Variant vCertChain Handle hoCertChain String sTemp1 // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt If (Not(IsComObjectCreated(hoCrypt))) Begin Send CreateComObject of hoCrypt End // Verify a PKCS7 signed-data (opaque signature) file and extract the original content to a file. Get ComVerifyP7M Of hoCrypt "qa_data/p7m/opaqueSig.p7" "qa_output/originalData.dat" To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoCrypt To sTemp1 Showln sTemp1 Procedure_Return End // Alternatively, we can do it in memory... Get Create (RefClass(cComChilkatBinData)) To hoBinData If (Not(IsComObjectCreated(hoBinData))) Begin Send CreateComObject of hoBinData End Get ComLoadFile Of hoBinData "qa_data/p7m/opaqueSig.p7" To iSuccess // Your app should check for success, but we'll skip the check for brevity.. // If verified, the signature is unwrapped and binData is replaced with the original data that was signed. Get pvComObject of hoBinData to vBinData Get ComOpaqueVerifyBd Of hoCrypt vBinData To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoCrypt To sTemp1 Showln sTemp1 Procedure_Return End // For our testing, we signed some text, so we can get it from the binData.. Showln "Original Data:" Get ComGetString Of hoBinData "utf-8" To sTemp1 Showln sTemp1 // After any method call that verifies a signature, the crypt object will contain the certificate(s) // that were used for signing (assuming the X.509 certs were available in the signature, which is typically the case). // Get the number of signing certificates, and get each.. Get ComNumSignerCerts Of hoCrypt To iNumCerts Move 0 To i While (i < iNumCerts) Get ComGetSignerCert Of hoCrypt i To vCert If (IsComObject(vCert)) Begin Get Create (RefClass(cComChilkatCert)) To hoCert Set pvComObject Of hoCert To vCert End Get ComSubjectDN Of hoCert To sTemp1 Showln sTemp1 Send Destroy of hoCert Move i + 1 To i Loop // We could also get the complete certificate chain of each signer cert, // assuming the certs in the chain of authentication to the trusted root // are available on the system, or provided to Chilkat by some other means // (such as via the XmlCertVault class, the TrustedRoots class, etc.) Move 0 To i While (i < iNumCerts) Get ComGetSignerCertChain Of hoCrypt i To vCertChain If (IsComObject(vCertChain)) Begin Get Create (RefClass(cComChilkatCertChain)) To hoCertChain Set pvComObject Of hoCertChain To vCertChain End // You can examine the various properties and methods for certChain in the online // reference documentation... Send Destroy of hoCertChain Move i + 1 To i Loop End_Procedure |
||||
© 2000-2023 Chilkat Software, Inc. All Rights Reserved.