Sample code for 30+ languages & platforms
DataFlex

Verify a CAdES-BES Signature and Examine Signature Contents

See more Digital Signatures Examples

Demonstrates how to validate a .p7m (.p7s) signature and examine the contents of the signature.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoCrypt
    String sOutputFile
    String sInFile
    Variant vJson
    Handle hoJson
    Variant vAuthAttrSigningTimeUtctime
    Handle hoAuthAttrSigningTimeUtctime
    String sIssuerCN
    String sSerial
    String sStrVal
    String sCertSubjectKeyIdentifier
    String sCertDigestAlgOid
    String sCertDigestAlgName
    String sSigningAlgOid
    String sSigningAlgName
    String sAuthAttrContentTypeName
    String sAuthAttrContentTypeOid
    String sAuthAttrSigningTimeName
    String sAuthAttrMessageDigestName
    String sAuthAttrMessageDigestDigest
    String sAuthAttrSigningCertificateV2Name
    String sAuthAttrSigningCertificateV2Der
    Integer i
    Integer iCount_i
    String sTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
    If (Not(IsComObjectCreated(hoCrypt))) Begin
        Send CreateComObject of hoCrypt
    End

    Move "qa_output/original.xml" To sOutputFile
    Move "qa_data/p7m/fattura_signature.xml.p7m" To sInFile

    // Verify the signature and extract the contained file, which in this case is XML.
    Get ComVerifyP7M Of hoCrypt sInFile sOutputFile To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoCrypt To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Showln "Signature validated."

    // Now let's examine the information about the signature.
    Get Create (RefClass(cComChilkatJsonObject)) To hoJson
    If (Not(IsComObjectCreated(hoJson))) Begin
        Send CreateComObject of hoJson
    End
    Get pvComObject of hoJson to vJson
    Send ComGetLastJsonData To hoCrypt vJson

    Set ComEmitCompact Of hoJson To False
    Get ComEmit Of hoJson To sTemp1
    Showln sTemp1

    // Here's an example of the information about the signature:
    // {
    //   "pkcs7": {
    //     "verify": {
    //       "certs": [
    //         {
    //           "issuerCN": "Xyz EU Qualified Certificates CA G1",
    //           "serial": "99A28A51AC389999"
    //         }
    //       ],
    //       "useConstructedOctets": true,
    //       "digestAlgorithms": [
    //         "sha256"
    //       ],
    //       "signerInfo": [
    //         {
    //           "cert": {
    //             "subjectKeyIdentifier": "5VM4x8AWnXf07yzbXuLtbb0U3yY=",
    //             "digestAlgOid": "2.16.840.1.101.3.4.2.1",
    //             "digestAlgName": "SHA256"
    //           },
    //           "signingAlgOid": "1.2.840.113549.1.1.11",
    //           "signingAlgName": "RSA-SHA256-PKCSV-1_5",
    //           "authAttr": {
    //             "1.2.840.113549.1.9.3": {
    //               "name": "contentType",
    //               "oid": "1.2.840.113549.1.7.1"
    //             },
    //             "1.2.840.113549.1.9.5": {
    //               "name": "signingTime",
    //               "utctime": "190901152340Z"
    //             },
    //             "1.2.840.113549.1.9.4": {
    //               "name": "messageDigest",
    //               "digest": "y+gd/zAQK33A//HInhaZba7w1fUJleV9AHbP1Ntx6U0="
    //             },
    //             "1.2.840.113549.1.9.16.2.47": {
    //               "name": "signingCertificateV2",
    //               "der": "MIH4MI..w4vv0="
    //             }
    //           }
    //         }
    //       ]
    //     }
    //   }
    // }

    // Use this online tool to generate parsing code from sample JSON: 
    // Generate Parsing Code from JSON

    Get Create (RefClass(cComChilkatDtObj)) To hoAuthAttrSigningTimeUtctime
    If (Not(IsComObjectCreated(hoAuthAttrSigningTimeUtctime))) Begin
        Send CreateComObject of hoAuthAttrSigningTimeUtctime
    End

    Move 0 To i
    Get ComSizeOfArray Of hoJson "pkcs7.verify.certs" To iCount_i
    While (i < iCount_i)
        Set ComI Of hoJson To i
        Get ComStringOf Of hoJson "pkcs7.verify.certs[i].issuerCN" To sIssuerCN
        Get ComStringOf Of hoJson "pkcs7.verify.certs[i].serial" To sSerial
        Move (i + 1) To i
    Loop

    Move 0 To i
    Get ComSizeOfArray Of hoJson "pkcs7.verify.digestAlgorithms" To iCount_i
    While (i < iCount_i)
        Set ComI Of hoJson To i
        Get ComStringOf Of hoJson "pkcs7.verify.digestAlgorithms[i]" To sStrVal
        Move (i + 1) To i
    Loop

    Move 0 To i
    Get ComSizeOfArray Of hoJson "pkcs7.verify.signerInfo" To iCount_i
    While (i < iCount_i)
        Set ComI Of hoJson To i
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].cert.subjectKeyIdentifier" To sCertSubjectKeyIdentifier
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].cert.digestAlgOid" To sCertDigestAlgOid
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].cert.digestAlgName" To sCertDigestAlgName
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].signingAlgOid" To sSigningAlgOid
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].signingAlgName" To sSigningAlgName
        Get ComStringOf Of hoJson 'pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.3".name' To sAuthAttrContentTypeName
        Get ComStringOf Of hoJson 'pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.3".oid' To sAuthAttrContentTypeOid
        Get ComStringOf Of hoJson 'pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.5".name' To sAuthAttrSigningTimeName
        Get pvComObject of hoAuthAttrSigningTimeUtctime to vAuthAttrSigningTimeUtctime
        Get ComDtOf Of hoJson 'pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.5".utctime' False vAuthAttrSigningTimeUtctime To iSuccess
        Get ComStringOf Of hoJson 'pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.4".name' To sAuthAttrMessageDigestName
        Get ComStringOf Of hoJson 'pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.4".digest' To sAuthAttrMessageDigestDigest
        Get ComStringOf Of hoJson 'pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.16.2.47".name' To sAuthAttrSigningCertificateV2Name
        Get ComStringOf Of hoJson 'pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.16.2.47".der' To sAuthAttrSigningCertificateV2Der
        Move (i + 1) To i
    Loop



End_Procedure