Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

P7S - Access Signature Information (date/time, certificate used, etc.)

See more Digital Signatures Examples

Examine a PKCS7 signature (.p7s) and get information about it.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.CkDateTime,
  Chilkat.BinData,
  Chilkat.JsonObject,
  Chilkat.Crypt2;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  bd: TBinData;
  crypt: TCrypt2;
  json: TJsonObject;
  i: Integer;
  count_i: Integer;
  strVal: string;
  certSerialNumber: string;
  certIssuerCN: string;
  certIssuerDN: string;
  certDigestAlgOid: string;
  certDigestAlgName: string;
  contentType: string;
  signingTime: string;
  messageDigest: string;
  signingAlgOid: string;
  signerDigest: string;
  dt: TCkDateTime;

begin
  success := False;

  //  This requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  First load the .p7s file into a BinData object..
  bd := TBinData.Create;
  success := bd.LoadFile('qa_data/p7s/sample.p7s');
  if (success <> True) then
    begin
      WriteLn('Failed to load .p7s file.');
      Exit;
    end;

  crypt := TCrypt2.Create;

  //  Assuming this is a signature that contains the original data that was signed..
  success := crypt.OpaqueVerifyBd(bd);
  if (success = False) then
    begin
      WriteLn(crypt.LastErrorText);
      Exit;
    end;

  //  Examine the last JSON data after signature verification..
  json := TJsonObject.Create;
  crypt.GetLastJsonData(json);

  json.EmitCompact := False;
  WriteLn(json.Emit());

  //  Sample output...
  //  Go to http://tools.chilkat.io/jsonParse.cshtml
  //  and paste the JSON into the online form to generate JSON parsing code.

  //  {
  //    "pkcs7": {
  //      "verify": {
  //        "digestAlgorithms": [
  //          "sha256"
  //        ],
  //        "signerInfo": [
  //          {
  //            "cert": {
  //              "serialNumber": "AAC5FC48C0FD8FBB",
  //              "issuerCN": "AC ABCDEF RFB v5",
  //              "issuerDN": "",
  //              "digestAlgOid": "2.16.840.1.101.3.4.2.1",
  //              "digestAlgName": "SHA-256"
  //            },
  //            "contentType": "1.2.840.113549.1.7.1",
  //            "signingTime": "180607195054Z",
  //            "messageDigest": "trzyxXbZ96z2M4mncyZ7BNMV4yIT92+5sS27Fu64iG8=",
  //            "signingAlgOid": "1.2.840.113549.1.1.11",
  //            "signerDigest": "trzyxXbZ96z2M4mncyZ7BNMV4yIT92+5sS27Fu64iG8="
  //          },
  //          {
  //            "cert": {
  //              "serialNumber": "324FB38ABD59723F",
  //              "issuerCN": "AC ABCDEF RFB v5",
  //              "issuerDN": "",
  //              "digestAlgOid": "2.16.840.1.101.3.4.2.1",
  //              "digestAlgName": "SHA-256"
  //            },
  //            "contentType": "1.2.840.113549.1.7.1",
  //            "signingTime": "180608182517Z",
  //            "messageDigest": "trzyxXbZ96z2M4mncyZ7BNMV4yIT92+5sS27Fu64iG8=",
  //            "signingAlgOid": "1.2.840.113549.1.1.11",
  //            "signerDigest": "trzyxXbZ96z2M4mncyZ7BNMV4yIT92+5sS27Fu64iG8="
  //          }
  //        ]
  //      }
  //    }
  //  }
  //  

  dt := TCkDateTime.Create;

  i := 0;
  count_i := json.SizeOfArray('pkcs7.verify.digestAlgorithms');
  while i < count_i do
    begin
      json.I := i;
      strVal := json.StringOf('pkcs7.verify.digestAlgorithms[i]');
      i := i + 1;
    end;

  i := 0;
  count_i := json.SizeOfArray('pkcs7.verify.signerInfo');
  while i < count_i do
    begin
      json.I := i;
      certSerialNumber := json.StringOf('pkcs7.verify.signerInfo[i].cert.serialNumber');
      certIssuerCN := json.StringOf('pkcs7.verify.signerInfo[i].cert.issuerCN');
      certIssuerDN := json.StringOf('pkcs7.verify.signerInfo[i].cert.issuerDN');
      certDigestAlgOid := json.StringOf('pkcs7.verify.signerInfo[i].cert.digestAlgOid');
      certDigestAlgName := json.StringOf('pkcs7.verify.signerInfo[i].cert.digestAlgName');
      contentType := json.StringOf('pkcs7.verify.signerInfo[i].contentType');
      signingTime := json.StringOf('pkcs7.verify.signerInfo[i].signingTime');

      //  The signingTime isin UTCTime format.
      //  UTCTime values take the form of either "YYMMDDhhmm[ss]Z" or "YYMMDDhhmm[ss](+|-)hhmm"
      //  Starting in Chilkat v9.5.0.77, the SetFromTimestamp method auto-recognizes the UTCTime format and parses it correctly.
      success := dt.SetFromTimestamp(signingTime);
      //  To get the signingTime in other date/time formats, look at the online reference documentation for CkDateTime.
      //  There are numerous methods such as GetAsDateTime, GetAsIso8601, GetAsUnixTime, GetAsRfc822, etc.

      messageDigest := json.StringOf('pkcs7.verify.signerInfo[i].messageDigest');
      signingAlgOid := json.StringOf('pkcs7.verify.signerInfo[i].signingAlgOid');
      signerDigest := json.StringOf('pkcs7.verify.signerInfo[i].signerDigest');
      i := i + 1;
    end;

  //  println crypt.LastErrorText;
  WriteLn('Success.');


  bd.Free;
  crypt.Free;
  json.Free;
  dt.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.