|
|
(JavaScript) Verify a .p7m and get Algorithm Information
Demonstrates how to verify a .p7m and then examine the algorithms used by the signature. Note: This example requires Chilkat v11.0.0 or greater.
var success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
var crypt = new CkCrypt2();
var inFile = "qa_data/p7m/brainpoolP256r1.p7m";
var outFile = "qa_output/something.dat";
// Verify and extract the signed data.
success = crypt.VerifyP7M(inFile,outFile);
if (success == false) {
console.log(crypt.LastErrorText);
return;
}
// Examine details about the signature(s)
var json = new CkJsonObject();
crypt.GetLastJsonData(json);
json.EmitCompact = false;
console.log(json.Emit());
// Sample output
// {
// "pkcs7": {
// "verify": {
// "digestAlgorithms": [
// "sha256"
// ],
// "signerInfo": [
// {
// "cert": {
// "serialNumber": "FFFFE552B302FFFFFF1E34C3ACEB2FFFF",
// "issuerCN": "The common name of the cert...",
// "issuerDN": "",
// "digestAlgOid": "2.16.840.1.101.3.4.2.1",
// "digestAlgName": "SHA256"
// },
// "contentType": "1.2.840.113549.1.7.1",
// "signingTime": "190409140500Z",
// "messageDigest": "lQe9If7vZKFf/NlSYu5Esmlw3phVK/RFsbbb1uH73t8=",
// "signingAlgOid": "1.2.840.10045.4.3.2",
// "signerDigest": "lQe9If7vZKFf/NlSYu5Esmlw3phVK/RFsbbb1uH73t8=",
// "authAttr": [
// {
// "oid": "1.2.840.113549.1.9.3",
// "oidName": "contentType"
// },
// {
// "oid": "1.2.840.113549.1.9.5",
// "oidName": "signingTime"
// },
// {
// "oid": "1.2.840.113549.1.9.52",
// "oidName": "1.2.840.113549.1.9.52",
// "der": "MBs ... AwI="
// },
// {
// "oid": "1.2.840.113549.1.9.4",
// "oidName": "messageDigest"
// },
// {
// "oid": "1.2.840.113549.1.9.16.2.47",
// "oidName": "signingCertificateV2",
// "der": "MCYw .. 7PlQ=="
// },
// {
// "oid": "1.2.840.113549.1.9.20",
// "oidName": "1.2.840.113549.1.9.20"
// }
// ]
// }
// ]
// }
// }
// }
// Code for parsing the above JSON...
var i;
var count_i;
var strVal;
var certSerialNumber;
var certIssuerCN;
var certIssuerDN;
var certDigestAlgOid;
var certDigestAlgName;
var contentType;
var signingTime;
var messageDigest;
var signingAlgOid;
var signerDigest;
var j;
var count_j;
var oid;
var oidName;
var der;
i = 0;
count_i = json.SizeOfArray("pkcs7.verify.digestAlgorithms");
while (i < count_i) {
json.I = i;
strVal = json.StringOf("pkcs7.verify.digestAlgorithms[i]");
i = i+1;
}
i = 0;
count_i = json.SizeOfArray("pkcs7.verify.signerInfo");
while (i < count_i) {
json.I = i;
certSerialNumber = json.StringOf("pkcs7.verify.signerInfo[i].cert.serialNumber");
certIssuerCN = json.StringOf("pkcs7.verify.signerInfo[i].cert.issuerCN");
certIssuerDN = json.StringOf("pkcs7.verify.signerInfo[i].cert.issuerDN");
certDigestAlgOid = json.StringOf("pkcs7.verify.signerInfo[i].cert.digestAlgOid");
certDigestAlgName = json.StringOf("pkcs7.verify.signerInfo[i].cert.digestAlgName");
contentType = json.StringOf("pkcs7.verify.signerInfo[i].contentType");
signingTime = json.StringOf("pkcs7.verify.signerInfo[i].signingTime");
messageDigest = json.StringOf("pkcs7.verify.signerInfo[i].messageDigest");
signingAlgOid = json.StringOf("pkcs7.verify.signerInfo[i].signingAlgOid");
signerDigest = json.StringOf("pkcs7.verify.signerInfo[i].signerDigest");
j = 0;
count_j = json.SizeOfArray("pkcs7.verify.signerInfo[i].authAttr");
while (j < count_j) {
json.J = j;
oid = json.StringOf("pkcs7.verify.signerInfo[i].authAttr[j].oid");
oidName = json.StringOf("pkcs7.verify.signerInfo[i].authAttr[j].oidName");
der = json.StringOf("pkcs7.verify.signerInfo[i].authAttr[j].der");
j = j+1;
}
i = i+1;
}
console.log("Success!");
|
