(Visual FoxPro) Verify and Unwrap S/MIME, and get Information about CMS Signature

Demonstrates calling the Verify method to verify and unwrap S/MIME. The MIME is restored to the original structure that it would have originally had prior to signing. The Verify method works with both detached signatures, as well as opaque/attached signatures.

Calls LastJsonData to get information about the signature(s) that were verified.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

LOCAL loMime
LOCAL lnSuccess
LOCAL lnVerified
LOCAL loJson
LOCAL loSigningTime
LOCAL loAuthAttrSigningTimeUtctime
LOCAL lcIssuerCN
LOCAL lcSerial
LOCAL lcStrVal
LOCAL lcCertSerialNumber
LOCAL lcCertIssuerCN
LOCAL lcCertDigestAlgOid
LOCAL lcCertDigestAlgName
LOCAL lcContentType
LOCAL lcMessageDigest
LOCAL lcSigningAlgOid
LOCAL lcSigningAlgName
LOCAL lcAuthAttrContentTypeName
LOCAL lcAuthAttrContentTypeOid
LOCAL lcAuthAttrSigningTimeName
LOCAL lcAuthAttrMessageDigestName
LOCAL lcAuthAttrMessageDigestDigest
LOCAL lcAuthAttr1_2_840_113549_1_9_15Der
LOCAL lcAuthAttr1_3_6_1_4_1_311_16_4Der
LOCAL i
LOCAL lnCount_i

* This example requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Mime')
loMime = CreateObject('Chilkat.Mime')

* Load the signed MIME from a file...
lnSuccess = loMime.LoadMimeFile("qa_data/mime/detached_sig.eml")
IF (lnSuccess = 0) THEN
    ? loMime.LastErrorText
    RELEASE loMime
    CANCEL
ENDIF

* Verify the S/MIME and restore the MIME
* to the structure/content it had prior to signing.
lnVerified = loMime.Verify()
IF (lnVerified = 0) THEN
    ? loMime.LastErrorText
    RELEASE loMime
    CANCEL
ENDIF

* Examine the details of what was verified.
loJson = loMime.LastJsonData()
loJson.EmitCompact = 0
? loJson.Emit()

* The code to parse the following JSON (i.e. extract desired information) is shown below..

* {
*   "pkcs7": {
*     "verify": {
*       "certs": [
*         {
*           "issuerCN": "VeriSign Class 1 Public Primary Certification Authority - G3",
*           "serial": "0702A21A85B84B659E180A6EE6F5A365"
*         },
*         {
*           "issuerCN": "VeriSign Class 1 Public Primary Certification Authority - G3",
*           "serial": "008B5B75568454850B00CFAF3848CEB1A4"
*         },
*         {
*           "issuerCN": "Symantec Class 1 Individual Subscriber CA - G5",
*           "serial": "619C55C32FF6BD1A7B7E0330D21C8F3C"
*         }
*       ],
*       "digestAlgorithms": [
*         "sha1"
*       ],
*       "signerInfo": [
*         {
*           "cert": {
*             "serialNumber": "619C55C32FF6BD1A7B7E0330D21C8F3C",
*             "issuerCN": "Symantec Class 1 Individual Subscriber CA - G5",
*             "digestAlgOid": "1.3.14.3.2.26",
*             "digestAlgName": "SHA1"
*           },
*           "contentType": "1.2.840.113549.1.7.1",
*           "signingTime": "160428055000Z",
*           "messageDigest": "2hJJVmO/jtaJV5uCKMFzIkRRvtY=",
*           "signingAlgOid": "1.2.840.113549.1.1.1",
*           "signingAlgName": "RSA-PKCSV-1_5",
*           "authAttr": {
*             "1.2.840.113549.1.9.3": {
*               "name": "contentType",
*               "oid": "1.2.840.113549.1.7.1"
*             },
*             "1.2.840.113549.1.9.5": {
*               "name": "signingTime",
*               "utctime": "160428055000Z"
*             },
*             "1.2.840.113549.1.9.4": {
*               "name": "messageDigest",
*               "digest": "2hJJVmO/jtaJV5uCKMFzIkRRvtY="
*             },
*             "1.2.840.113549.1.9.15": {
*               "der": "MFAwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKA=="
*             },
*             "1.3.6.1.4.1.311.16.4": {
*               "der": "MIG7MIG...7fgMw0hyPPA=="
*             }
*           }
*         }
*       ]
*     }
*   }
* }

* Use this online tool to generate parsing code from sample JSON: 
* Generate Parsing Code from JSON

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.DtObj')
loSigningTime = CreateObject('Chilkat.DtObj')
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.DtObj')
loAuthAttrSigningTimeUtctime = CreateObject('Chilkat.DtObj')

i = 0
lnCount_i = loJson.SizeOfArray("pkcs7.verify.certs")
DO WHILE i < lnCount_i
    loJson.I = i
    lcIssuerCN = loJson.StringOf("pkcs7.verify.certs[i].issuerCN")
    lcSerial = loJson.StringOf("pkcs7.verify.certs[i].serial")
    i = i + 1
ENDDO
i = 0
lnCount_i = loJson.SizeOfArray("pkcs7.verify.digestAlgorithms")
DO WHILE i < lnCount_i
    loJson.I = i
    lcStrVal = loJson.StringOf("pkcs7.verify.digestAlgorithms[i]")
    i = i + 1
ENDDO
i = 0
lnCount_i = loJson.SizeOfArray("pkcs7.verify.signerInfo")
DO WHILE i < lnCount_i
    loJson.I = i
    lcCertSerialNumber = loJson.StringOf("pkcs7.verify.signerInfo[i].cert.serialNumber")
    lcCertIssuerCN = loJson.StringOf("pkcs7.verify.signerInfo[i].cert.issuerCN")
    lcCertDigestAlgOid = loJson.StringOf("pkcs7.verify.signerInfo[i].cert.digestAlgOid")
    lcCertDigestAlgName = loJson.StringOf("pkcs7.verify.signerInfo[i].cert.digestAlgName")
    lcContentType = loJson.StringOf("pkcs7.verify.signerInfo[i].contentType")
    loJson.DtOf("pkcs7.verify.signerInfo[i].signingTime",0,loSigningTime)
    lcMessageDigest = loJson.StringOf("pkcs7.verify.signerInfo[i].messageDigest")
    lcSigningAlgOid = loJson.StringOf("pkcs7.verify.signerInfo[i].signingAlgOid")
    lcSigningAlgName = loJson.StringOf("pkcs7.verify.signerInfo[i].signingAlgName")
    lcAuthAttrContentTypeName = loJson.StringOf('pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.3".name')
    lcAuthAttrContentTypeOid = loJson.StringOf('pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.3".oid')
    lcAuthAttrSigningTimeName = loJson.StringOf('pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.5".name')
    loJson.DtOf('pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.5".utctime',0,loAuthAttrSigningTimeUtctime)
    lcAuthAttrMessageDigestName = loJson.StringOf('pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.4".name')
    lcAuthAttrMessageDigestDigest = loJson.StringOf('pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.4".digest')
    lcAuthAttr1_2_840_113549_1_9_15Der = loJson.StringOf('pkcs7.verify.signerInfo[i].authAttr."1.2.840.113549.1.9.15".der')
    lcAuthAttr1_3_6_1_4_1_311_16_4Der = loJson.StringOf('pkcs7.verify.signerInfo[i].authAttr."1.3.6.1.4.1.311.16.4".der')
    i = i + 1
ENDDO

RELEASE loJson

RELEASE loMime
RELEASE loSigningTime
RELEASE loAuthAttrSigningTimeUtctime