(PowerShell) Duplicate OpensSSL to Create Signature using Cert and Key Files

This example duplicates the following:

openssl smime –sign -in something.xml -out something.der -signer mycert.crt -inkey cert.key -outform der –nodetach

Note: Although "smime" is the OpenSSL command, it's not actually producing S/MIME. The arguments "-outform der -binary" indicates that the output is binary DER (i.e. the PKCS7 binary signature). The input can be any type of file: XML, PDF, JPG, ... *anything*...

Chilkat .NET Downloads Chilkat .NET Assemblies

Add-Type -Path "C:\chilkat\ChilkatDotNet47-9.5.0-x64\ChilkatDotNet47.dll"

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

$crypt = New-Object Chilkat.Crypt2

# Load the cert and private key from separate files.
$cert = New-Object Chilkat.Cert
$success = $cert.LoadFromFile("myCert.crt")
if ($success -ne $true) {
    $($cert.LastErrorText)
    exit
}

$bd = New-Object Chilkat.BinData
$success = $bd.LoadFile("cert.key")
$privkey = New-Object Chilkat.PrivateKey
# Load from any format private key.
# If the file does not need a password, the 2nd arg is ignored.
$success = $privkey.LoadAnyFormat($bd,"password_if_needed")
if ($success -ne $true) {
    $($privkey.LastErrorText)
    exit
}

$success = $crypt.SetSigningCert2($cert,$privkey)
if ($success -ne $true) {
    $($crypt.LastErrorText)
    exit
}

# Create the opaque signature (PKCS7 binary DER that contains both the signature and original file data).
$success = $crypt.CreateP7M("qa_data/infile.anything","qa_output/outfile.der")
if ($success -ne $true) {
    $($crypt.LastErrorText)
    exit
}

$("Success.")