Sample code for 30+ languages & platforms
Tcl

Check if an Email Was Received Digitally Signed

See more Email Object Examples

Demonstrates the read-only Chilkat Email.ReceivedSigned property, which is true if the email was originally received carrying one or more digital signatures. Knowing a message was signed is separate from knowing the signature checked out, so this example also reads SignaturesValid to report whether the signed content verified.

Background: A digital signature on an email (S/MIME) provides two things: authenticity (it was really sent by the holder of a particular certificate) and integrity (the content was not altered in transit). The sender signs a hash of the message with their private key; the recipient verifies it with the sender's public certificate. ReceivedSigned simply tells you a signature is present — verifying it is a separate step exposed through SignaturesValid.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

#  Demonstrates the read-only Email.ReceivedSigned property, which is true if this
#  email was originally received with a digital signature.  Use SignaturesValid to
#  determine whether the signed content actually verified.

set email [new_CkEmail]

set success [CkEmail_LoadEml $email "qa_data/eml/signed.eml"]
if {$success == 0} then {
    puts [CkEmail_lastErrorText $email]
    delete_CkEmail $email
    exit
}

if {[CkEmail_get_ReceivedSigned $email] == 1} then {
    puts "This email was received with a digital signature."
    if {[CkEmail_get_SignaturesValid $email] == 1} then {
        puts "All signatures are valid."
    }     else {
        puts "One or more signatures are NOT valid."
    }

} else {
    puts "This email was not signed."
}

#  Note: Paths such as "qa_data/..." are relative local filesystem paths,
#  relative to the current working directory of the running application.

delete_CkEmail $email