(Perl) CMS Sign Hash

Demonstrates how to use the SignHashENC method to sign a pre-computed hash. This method creates a CMS signature (PKCS7 detached signature).

This example requires Chilkat v9.5.0.90 or later.

Chilkat Perl Downloads Perl Module for Windows, MacOS, Linux, Alpine Linux, Solaris

use chilkat();

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

$crypt = chilkat::CkCrypt2->new();

# Create the hash to be signed...
$crypt->put_HashAlgorithm("sha256");
$crypt->put_EncodingMode("base64");
$crypt->put_Charset("utf-8");
# Create the SHA256 hash of a string using the utf-8 byte representation.
# Return the hash as base64.
$base64Hash = $crypt->hashStringENC("This is the string to be hashed");

# Load a certificate for signing.
$cert = chilkat::CkCert->new();
$success = $cert->LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123");
if ($success == 0) {
    print $cert->lastErrorText() . "\r\n";
    exit;
}

$crypt->SetSigningCert($cert);

# Sign the hash to create a base64 CMS signature (which does not contain the original data).
# We can get the signature in a single line of base64 by specifying "base64", or 
# we can get multi-line base64 by specifying "base64_mime".
$crypt->put_EncodingMode("base64_mime");
$base64CmsSig = $crypt->signHashENC($base64Hash,"sha256","base64");
if ($crypt->get_LastMethodSuccess() == 0) {
    print $crypt->lastErrorText() . "\r\n";
    exit;
}

# Note: In the above call to SignHashENC, the encoding of the returned CMS signature is specified by the EncodingMode property.
# However, the encoding of the passed-in hash is indicated by the 3rd argument.

print "CMS Signature: " . $base64CmsSig . "\r\n";