Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(PHP ActiveX) Verify Opaque Signature and Retrieve Signing CertificatesDemonstrates how to verify a PCKS7 opaque digital signature (signed data), extract the original file/data, and then extract the certificate(s) that were used to sign.
<?php // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Crypt2') $crypt = new COM("Chilkat.Crypt2"); // Verify a PKCS7 signed-data (opaque signature) file and extract the original content to a file. $success = $crypt->VerifyP7M('qa_data/p7m/opaqueSig.p7','qa_output/originalData.dat'); if ($success != 1) { print $crypt->LastErrorText . "\n"; exit; } // Alternatively, we can do it in memory... // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.BinData') $binData = new COM("Chilkat.BinData"); $success = $binData->LoadFile('qa_data/p7m/opaqueSig.p7'); // Your app should check for success, but we'll skip the check for brevity.. // If verified, the signature is unwrapped and binData is replaced with the original data that was signed. $success = $crypt->OpaqueVerifyBd($binData); if ($success != 1) { print $crypt->LastErrorText . "\n"; exit; } // For our testing, we signed some text, so we can get it from the binData.. print 'Original Data:' . "\n"; print $binData->getString('utf-8') . "\n"; // After any method call that verifies a signature, the crypt object will contain the certificate(s) // that were used for signing (assuming the X.509 certs were available in the signature, which is typically the case). // Get the number of signing certificates, and get each.. $numCerts = $crypt->NumSignerCerts; $i = 0; while ($i < $numCerts) { // cert is a Chilkat.Cert $cert = $crypt->GetSignerCert($i); print $cert->SubjectDN . "\n"; $i = $i + 1; } // We could also get the complete certificate chain of each signer cert, // assuming the certs in the chain of authentication to the trusted root // are available on the system, or provided to Chilkat by some other means // (such as via the XmlCertVault class, the TrustedRoots class, etc.) $i = 0; while ($i < $numCerts) { // certChain is a Chilkat.CertChain $certChain = $crypt->GetSignerCertChain($i); // You can examine the various properties and methods for certChain in the online // reference documentation... $i = $i + 1; } ?> |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.