|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(C) Verify a CAdES-BES Signature and Examine Signature ContentsDemonstrates how to validate a .p7m (.p7s) signature and examine the contents of the signature.
#include <C_CkCrypt2.h> #include <C_CkJsonObject.h> #include <C_CkDtObj.h> void ChilkatSample(void) { HCkCrypt2 crypt; const char *outputFile; const char *inFile; BOOL success; HCkJsonObject json; HCkDtObj authAttrSigningTimeUtctime; const char *issuerCN; const char *serial; const char *strVal; const char *certSubjectKeyIdentifier; const char *certDigestAlgOid; const char *certDigestAlgName; const char *signingAlgOid; const char *signingAlgName; const char *authAttrContentTypeName; const char *authAttrContentTypeOid; const char *authAttrSigningTimeName; const char *authAttrMessageDigestName; const char *authAttrMessageDigestDigest; const char *authAttrSigningCertificateV2Name; const char *authAttrSigningCertificateV2Der; int i; int count_i; // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. crypt = CkCrypt2_Create(); outputFile = "qa_output/original.xml"; inFile = "qa_data/p7m/fattura_signature.xml.p7m"; // Verify the signature and extract the contained file, which in this case is XML. success = CkCrypt2_VerifyP7M(crypt,inFile,outputFile); if (success == FALSE) { printf("%s\n",CkCrypt2_lastErrorText(crypt)); CkCrypt2_Dispose(crypt); return; } printf("Signature validated.\n"); // Now let's examine the information about the signature. json = CkCrypt2_LastJsonData(crypt); if (CkCrypt2_getLastMethodSuccess(crypt) == FALSE) { // This should never be the case... printf("No information available.\n"); CkCrypt2_Dispose(crypt); return; } CkJsonObject_putEmitCompact(json,FALSE); printf("%s\n",CkJsonObject_emit(json)); // Here's an example of the information about the signature: // { // "pkcs7": { // "verify": { // "certs": [ // { // "issuerCN": "Xyz EU Qualified Certificates CA G1", // "serial": "99A28A51AC389999" // } // ], // "useConstructedOctets": true, // "digestAlgorithms": [ // "sha256" // ], // "signerInfo": [ // { // "cert": { // "subjectKeyIdentifier": "5VM4x8AWnXf07yzbXuLtbb0U3yY=", // "digestAlgOid": "2.16.840.1.101.3.4.2.1", // "digestAlgName": "SHA256" // }, // "signingAlgOid": "1.2.840.113549.1.1.11", // "signingAlgName": "RSA-SHA256-PKCSV-1_5", // "authAttr": { // "1.2.840.113549.1.9.3": { // "name": "contentType", // "oid": "1.2.840.113549.1.7.1" // }, // "1.2.840.113549.1.9.5": { // "name": "signingTime", // "utctime": "190901152340Z" // }, // "1.2.840.113549.1.9.4": { // "name": "messageDigest", // "digest": "y+gd/zAQK33A//HInhaZba7w1fUJleV9AHbP1Ntx6U0=" // }, // "1.2.840.113549.1.9.16.2.47": { // "name": "signingCertificateV2", // "der": "MIH4MI..w4vv0=" // } // } // } // ] // } // } // } // Use this online tool to generate parsing code from sample JSON: // Generate Parsing Code from JSON // Chilkat functions returning "const char *" return a pointer to temporary internal memory owned and managed by Chilkat. // See this example explaining how this memory should be used: const char * functions. authAttrSigningTimeUtctime = CkDtObj_Create(); i = 0; count_i = CkJsonObject_SizeOfArray(json,"pkcs7.verify.certs"); while (i < count_i) { CkJsonObject_putI(json,i); issuerCN = CkJsonObject_stringOf(json,"pkcs7.verify.certs[i].issuerCN"); serial = CkJsonObject_stringOf(json,"pkcs7.verify.certs[i].serial"); i = i + 1; } i = 0; count_i = CkJsonObject_SizeOfArray(json,"pkcs7.verify.digestAlgorithms"); while (i < count_i) { CkJsonObject_putI(json,i); strVal = CkJsonObject_stringOf(json,"pkcs7.verify.digestAlgorithms[i]"); i = i + 1; } i = 0; count_i = CkJsonObject_SizeOfArray(json,"pkcs7.verify.signerInfo"); while (i < count_i) { CkJsonObject_putI(json,i); certSubjectKeyIdentifier = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.subjectKeyIdentifier"); certDigestAlgOid = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.digestAlgOid"); certDigestAlgName = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.digestAlgName"); signingAlgOid = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].signingAlgOid"); signingAlgName = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].signingAlgName"); authAttrContentTypeName = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.3\".name"); authAttrContentTypeOid = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.3\".oid"); authAttrSigningTimeName = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.5\".name"); CkJsonObject_DtOf(json,"pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.5\".utctime",FALSE,authAttrSigningTimeUtctime); authAttrMessageDigestName = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.4\".name"); authAttrMessageDigestDigest = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.4\".digest"); authAttrSigningCertificateV2Name = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.16.2.47\".name"); authAttrSigningCertificateV2Der = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.16.2.47\".der"); i = i + 1; } CkJsonObject_Dispose(json); CkCrypt2_Dispose(crypt); CkDtObj_Dispose(authAttrSigningTimeUtctime); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.