(C) Duplicate OpensSSL to Create Signature using Cert and Key Files

This example duplicates the following:

openssl smime –sign -in something.xml -out something.der -signer mycert.crt -inkey cert.key -outform der –nodetach

Note: Although "smime" is the OpenSSL command, it's not actually producing S/MIME. The arguments "-outform der -binary" indicates that the output is binary DER (i.e. the PKCS7 binary signature). The input can be any type of file: XML, PDF, JPG, ... *anything*...

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkCrypt2.h>
#include <C_CkCert.h>
#include <C_CkBinData.h>
#include <C_CkPrivateKey.h>

void ChilkatSample(void)
    {
    HCkCrypt2 crypt;
    HCkCert cert;
    BOOL success;
    HCkBinData bd;
    HCkPrivateKey privkey;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    crypt = CkCrypt2_Create();

    // Load the cert and private key from separate files.
    cert = CkCert_Create();
    success = CkCert_LoadFromFile(cert,"myCert.crt");
    if (success != TRUE) {
        printf("%s\n",CkCert_lastErrorText(cert));
        CkCrypt2_Dispose(crypt);
        CkCert_Dispose(cert);
        return;
    }

    bd = CkBinData_Create();
    success = CkBinData_LoadFile(bd,"cert.key");
    privkey = CkPrivateKey_Create();
    // Load from any format private key.
    // If the file does not need a password, the 2nd arg is ignored.
    success = CkPrivateKey_LoadAnyFormat(privkey,bd,"password_if_needed");
    if (success != TRUE) {
        printf("%s\n",CkPrivateKey_lastErrorText(privkey));
        CkCrypt2_Dispose(crypt);
        CkCert_Dispose(cert);
        CkBinData_Dispose(bd);
        CkPrivateKey_Dispose(privkey);
        return;
    }

    success = CkCrypt2_SetSigningCert2(crypt,cert,privkey);
    if (success != TRUE) {
        printf("%s\n",CkCrypt2_lastErrorText(crypt));
        CkCrypt2_Dispose(crypt);
        CkCert_Dispose(cert);
        CkBinData_Dispose(bd);
        CkPrivateKey_Dispose(privkey);
        return;
    }

    // Create the opaque signature (PKCS7 binary DER that contains both the signature and original file data).
    success = CkCrypt2_CreateP7M(crypt,"qa_data/infile.anything","qa_output/outfile.der");
    if (success != TRUE) {
        printf("%s\n",CkCrypt2_lastErrorText(crypt));
        CkCrypt2_Dispose(crypt);
        CkCert_Dispose(cert);
        CkBinData_Dispose(bd);
        CkPrivateKey_Dispose(privkey);
        return;
    }

    printf("Success.\n");


    CkCrypt2_Dispose(crypt);
    CkCert_Dispose(cert);
    CkBinData_Dispose(bd);
    CkPrivateKey_Dispose(privkey);

    }