Perl
Perl
Check if an Email Was Received Digitally Signed
See more Email Object Examples
Demonstrates the read-only Chilkat Email.ReceivedSigned property, which is true if the email was originally received carrying one or more digital signatures. Knowing a message was signed is separate from knowing the signature checked out, so this example also reads SignaturesValid to report whether the signed content verified.
Background: A digital signature on an email (S/MIME) provides two things: authenticity (it was really sent by the holder of a particular certificate) and integrity (the content was not altered in transit). The sender signs a hash of the message with their private key; the recipient verifies it with the sender's public certificate.
ReceivedSigned simply tells you a signature is present — verifying it is a separate step exposed through SignaturesValid.Chilkat Perl Downloads
use chilkat();
$success = 0;
# Demonstrates the read-only Email.ReceivedSigned property, which is true if this
# email was originally received with a digital signature. Use SignaturesValid to
# determine whether the signed content actually verified.
$email = chilkat::CkEmail->new();
$success = $email->LoadEml("qa_data/eml/signed.eml");
if ($success == 0) {
print $email->lastErrorText() . "\r\n";
exit;
}
if ($email->get_ReceivedSigned() == 1) {
print "This email was received with a digital signature." . "\r\n";
if ($email->get_SignaturesValid() == 1) {
print "All signatures are valid." . "\r\n";
}
else {
print "One or more signatures are NOT valid." . "\r\n";
}
}
else {
print "This email was not signed." . "\r\n";
}
# Note: Paths such as "qa_data/..." are relative local filesystem paths,
# relative to the current working directory of the running application.