(C) Verify a .p7m and get Algorithm Information

Demonstrates how to verify a .p7m and then examine the algorithms used by the signature.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkCrypt2.h>
#include <C_CkJsonObject.h>

void ChilkatSample(void)
    {
    HCkCrypt2 crypt;
    const char *inFile;
    const char *outFile;
    BOOL success;
    HCkJsonObject json;
    int i;
    int count_i;
    const char *strVal;
    const char *certSerialNumber;
    const char *certIssuerCN;
    const char *certIssuerDN;
    const char *certDigestAlgOid;
    const char *certDigestAlgName;
    const char *contentType;
    const char *signingTime;
    const char *messageDigest;
    const char *signingAlgOid;
    const char *signerDigest;
    int j;
    int count_j;
    const char *oid;
    const char *oidName;
    const char *der;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    crypt = CkCrypt2_Create();

    inFile = "qa_data/p7m/brainpoolP256r1.p7m";
    outFile = "qa_output/something.dat";

    // Verify and extract the signed data.
    success = CkCrypt2_VerifyP7M(crypt,inFile,outFile);
    if (success == FALSE) {
        printf("%s\n",CkCrypt2_lastErrorText(crypt));
        CkCrypt2_Dispose(crypt);
        return;
    }

    // Examine details about the signature(s)
    json = CkCrypt2_LastJsonData(crypt);
    CkJsonObject_putEmitCompact(json,FALSE);
    printf("%s\n",CkJsonObject_emit(json));

    // Sample output

    // {
    //   "pkcs7": {
    //     "verify": {
    //       "digestAlgorithms": [
    //         "sha256"
    //       ],
    //       "signerInfo": [
    //         {
    //           "cert": {
    //             "serialNumber": "FFFFE552B302FFFFFF1E34C3ACEB2FFFF",
    //             "issuerCN": "The common name of the cert...",
    //             "issuerDN": "",
    //             "digestAlgOid": "2.16.840.1.101.3.4.2.1",
    //             "digestAlgName": "SHA256"
    //           },
    //           "contentType": "1.2.840.113549.1.7.1",
    //           "signingTime": "190409140500Z",
    //           "messageDigest": "lQe9If7vZKFf/NlSYu5Esmlw3phVK/RFsbbb1uH73t8=",
    //           "signingAlgOid": "1.2.840.10045.4.3.2",
    //           "signerDigest": "lQe9If7vZKFf/NlSYu5Esmlw3phVK/RFsbbb1uH73t8=",
    //           "authAttr": [
    //             {
    //               "oid": "1.2.840.113549.1.9.3",
    //               "oidName": "contentType"
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.5",
    //               "oidName": "signingTime"
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.52",
    //               "oidName": "1.2.840.113549.1.9.52",
    //               "der": "MBs ... AwI="
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.4",
    //               "oidName": "messageDigest"
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.16.2.47",
    //               "oidName": "signingCertificateV2",
    //               "der": "MCYw .. 7PlQ=="
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.20",
    //               "oidName": "1.2.840.113549.1.9.20"
    //             }
    //           ]
    //         }
    //       ]
    //     }
    //   }
    // }

    // Code for parsing the above JSON...

    i = 0;
    count_i = CkJsonObject_SizeOfArray(json,"pkcs7.verify.digestAlgorithms");
    while (i < count_i) {
        CkJsonObject_putI(json,i);
        strVal = CkJsonObject_stringOf(json,"pkcs7.verify.digestAlgorithms[i]");
        i = i + 1;
    }

    i = 0;
    count_i = CkJsonObject_SizeOfArray(json,"pkcs7.verify.signerInfo");
    while (i < count_i) {
        CkJsonObject_putI(json,i);
        certSerialNumber = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.serialNumber");
        certIssuerCN = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.issuerCN");
        certIssuerDN = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.issuerDN");
        certDigestAlgOid = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.digestAlgOid");
        certDigestAlgName = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].cert.digestAlgName");
        contentType = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].contentType");
        signingTime = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].signingTime");
        messageDigest = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].messageDigest");
        signingAlgOid = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].signingAlgOid");
        signerDigest = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].signerDigest");
        j = 0;
        count_j = CkJsonObject_SizeOfArray(json,"pkcs7.verify.signerInfo[i].authAttr");
        while (j < count_j) {
            CkJsonObject_putJ(json,j);
            oid = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr[j].oid");
            oidName = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr[j].oidName");
            der = CkJsonObject_stringOf(json,"pkcs7.verify.signerInfo[i].authAttr[j].der");
            j = j + 1;
        }

        i = i + 1;
    }

    CkJsonObject_Dispose(json);

    printf("Success!\n");


    CkCrypt2_Dispose(crypt);

    }