(DataFlex) Verify a .p7m and get Algorithm Information

Demonstrates how to verify a .p7m and then examine the algorithms used by the signature.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

Use ChilkatAx-win32.pkg

Procedure Test
    Handle hoCrypt
    String sInFile
    String sOutFile
    Boolean iSuccess
    Variant vJson
    Handle hoJson
    Integer i
    Integer iCount_i
    String sStrVal
    String sCertSerialNumber
    String sCertIssuerCN
    String sCertIssuerDN
    String sCertDigestAlgOid
    String sCertDigestAlgName
    String sContentType
    String sSigningTime
    String sMessageDigest
    String sSigningAlgOid
    String sSignerDigest
    Integer j
    Integer iCount_j
    String sOid
    String sOidName
    String sDer
    String sTemp1

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
    If (Not(IsComObjectCreated(hoCrypt))) Begin
        Send CreateComObject of hoCrypt
    End

    Move "qa_data/p7m/brainpoolP256r1.p7m" To sInFile
    Move "qa_output/something.dat" To sOutFile

    // Verify and extract the signed data.
    Get ComVerifyP7M Of hoCrypt sInFile sOutFile To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoCrypt To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Examine details about the signature(s)
    Get ComLastJsonData Of hoCrypt To vJson
    If (IsComObject(vJson)) Begin
        Get Create (RefClass(cComChilkatJsonObject)) To hoJson
        Set pvComObject Of hoJson To vJson
    End
    Set ComEmitCompact Of hoJson To False
    Get ComEmit Of hoJson To sTemp1
    Showln sTemp1

    // Sample output

    // {
    //   "pkcs7": {
    //     "verify": {
    //       "digestAlgorithms": [
    //         "sha256"
    //       ],
    //       "signerInfo": [
    //         {
    //           "cert": {
    //             "serialNumber": "FFFFE552B302FFFFFF1E34C3ACEB2FFFF",
    //             "issuerCN": "The common name of the cert...",
    //             "issuerDN": "",
    //             "digestAlgOid": "2.16.840.1.101.3.4.2.1",
    //             "digestAlgName": "SHA256"
    //           },
    //           "contentType": "1.2.840.113549.1.7.1",
    //           "signingTime": "190409140500Z",
    //           "messageDigest": "lQe9If7vZKFf/NlSYu5Esmlw3phVK/RFsbbb1uH73t8=",
    //           "signingAlgOid": "1.2.840.10045.4.3.2",
    //           "signerDigest": "lQe9If7vZKFf/NlSYu5Esmlw3phVK/RFsbbb1uH73t8=",
    //           "authAttr": [
    //             {
    //               "oid": "1.2.840.113549.1.9.3",
    //               "oidName": "contentType"
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.5",
    //               "oidName": "signingTime"
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.52",
    //               "oidName": "1.2.840.113549.1.9.52",
    //               "der": "MBs ... AwI="
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.4",
    //               "oidName": "messageDigest"
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.16.2.47",
    //               "oidName": "signingCertificateV2",
    //               "der": "MCYw .. 7PlQ=="
    //             },
    //             {
    //               "oid": "1.2.840.113549.1.9.20",
    //               "oidName": "1.2.840.113549.1.9.20"
    //             }
    //           ]
    //         }
    //       ]
    //     }
    //   }
    // }

    // Code for parsing the above JSON...

    Move 0 To i
    Get ComSizeOfArray Of hoJson "pkcs7.verify.digestAlgorithms" To iCount_i
    While (i < iCount_i)
        Set ComI Of hoJson To i
        Get ComStringOf Of hoJson "pkcs7.verify.digestAlgorithms[i]" To sStrVal
        Move (i + 1) To i
    Loop

    Move 0 To i
    Get ComSizeOfArray Of hoJson "pkcs7.verify.signerInfo" To iCount_i
    While (i < iCount_i)
        Set ComI Of hoJson To i
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].cert.serialNumber" To sCertSerialNumber
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].cert.issuerCN" To sCertIssuerCN
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].cert.issuerDN" To sCertIssuerDN
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].cert.digestAlgOid" To sCertDigestAlgOid
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].cert.digestAlgName" To sCertDigestAlgName
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].contentType" To sContentType
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].signingTime" To sSigningTime
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].messageDigest" To sMessageDigest
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].signingAlgOid" To sSigningAlgOid
        Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].signerDigest" To sSignerDigest
        Move 0 To j
        Get ComSizeOfArray Of hoJson "pkcs7.verify.signerInfo[i].authAttr" To iCount_j
        While (j < iCount_j)
            Set ComJ Of hoJson To j
            Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].authAttr[j].oid" To sOid
            Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].authAttr[j].oidName" To sOidName
            Get ComStringOf Of hoJson "pkcs7.verify.signerInfo[i].authAttr[j].der" To sDer
            Move (j + 1) To j
        Loop

        Move (i + 1) To i
    Loop

    Send Destroy of hoJson

    Showln "Success!"


End_Procedure