C
C
Verify a .p7m and get Algorithm Information
See more Digital Signatures Examples
Demonstrates how to verify a .p7m and then examine the algorithms used by the signature.Chilkat C Downloads
#include <C_CkCrypt2.h>
#include <C_CkJsonObject.h>
void ChilkatSample(void)
{
BOOL success;
HCkCrypt2 crypt;
const char *inFile;
const char *outFile;
HCkJsonObject json;
int i;
int count_i;
const char *strVal;
const char *certSerialNumber;
const char *certIssuerCN;
const char *certIssuerDN;
const char *certDigestAlgOid;
const char *certDigestAlgName;
const char *contentType;
const char *signingTime;
const char *messageDigest;
const char *signingAlgOid;
const char *signerDigest;
int j;
int count_j;
const char *oid;
const char *oidName;
const char *der;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
crypt = CkCrypt2_Create();
inFile = "qa_data/p7m/brainpoolP256r1.p7m";
outFile = "qa_output/something.dat";
// Verify and extract the signed data.
success = CkCrypt2_VerifyP7M(crypt,inFile,outFile);
if (success == FALSE) {
printf("%s\n",CkCrypt2_lastErrorText(crypt));
CkCrypt2_Dispose(crypt);
return;
}
// Examine details about the signature(s)
json = CkJsonObject_Create();
CkCrypt2_GetLastJsonData(crypt,json);
CkJsonObject_putEmitCompact(json,FALSE);
printf("%s\n",CkJsonObject_emit(json));
// Sample output
// {
// "pkcs7": {
// "verify": {
// "digestAlgorithms": [
// "sha256"
// ],
// "signerInfo": [
// {
// "cert": {
// "serialNumber": "FFFFE552B302FFFFFF1E34C3ACEB2FFFF",
// "issuerCN": "The common name of the cert...",
// "issuerDN": "",
// "digestAlgOid": "2.16.840.1.101.3.4.2.1",
// "digestAlgName": "SHA256"
// },
// "contentType": "1.2.840.113549.1.7.1",
// "signingTime": "190409140500Z",
// "messageDigest": "lQe9If7vZKFf/NlSYu5Esmlw3phVK/RFsbbb1uH73t8=",
// "signingAlgOid": "1.2.840.10045.4.3.2",
// "signerDigest": "lQe9If7vZKFf/NlSYu5Esmlw3phVK/RFsbbb1uH73t8=",
// "authAttr": [
// {
// "oid": "1.2.840.113549.1.9.3",
// "oidName": "contentType"
// },
// {
// "oid": "1.2.840.113549.1.9.5",
// "oidName": "signingTime"
// },
// {
// "oid": "1.2.840.113549.1.9.52",
// "oidName": "1.2.840.113549.1.9.52",
// "der": "MBs ... AwI="
// },
// {
// "oid": "1.2.840.113549.1.9.4",
// "oidName": "messageDigest"
// },
// {
// "oid": "1.2.840.113549.1.9.16.2.47",
// "oidName": "signingCertificateV2",
// "der": "MCYw .. 7PlQ=="
// },
// {
// "oid": "1.2.840.113549.1.9.20",
// "oidName": "1.2.840.113549.1.9.20"
// }
// ]
// }
// ]
// }
// }
// }
// Code for parsing the above JSON...
i = 0;
count_i = CkJsonObject_SizeOfArray(json,"pkcs7.verify.digestAlgorithms");
while (i < count_i) {
CkJsonObject_putI(json,i);
strVal = CkJsonObject_stringOf(json,"pkcs7.verify.digestAlgorithms[i]");
i = i + 1;
}
i = 0;
count_i = CkJsonObject_SizeOfArray(json,"pkcs7.verify.signerInfo");
while (i < count_i) {
CkJsonObject_putI(json,i);
certSerialNumber = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.serialNumber");
certIssuerCN = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.issuerCN");
certIssuerDN = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.issuerDN");
certDigestAlgOid = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.digestAlgOid");
certDigestAlgName = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.digestAlgName");
contentType = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].contentType");
signingTime = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].signingTime");
messageDigest = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].messageDigest");
signingAlgOid = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].signingAlgOid");
signerDigest = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].signerDigest");
j = 0;
count_j = CkJsonObject_SizeOfArray(json,"pkcs7.verify.signerInfo[i].authAttr");
while (j < count_j) {
CkJsonObject_putJ(json,j);
oid = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr[j].oid");
oidName = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr[j].oidName");
der = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr[j].der");
j = j + 1;
}
i = i + 1;
}
printf("Success!\n");
CkCrypt2_Dispose(crypt);
CkJsonObject_Dispose(json);
}