(PowerShell) Get Certificates within XML Signature

Demonstrates how to get the certificates contained within an XML signature.

Chilkat .NET Downloads Chilkat .NET Assemblies

Add-Type -Path "C:\chilkat\ChilkatDotNet47-9.5.0-x64\ChilkatDotNet47.dll"

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

$sbXml = New-Object Chilkat.StringBuilder

# Load XML containing one or more signatures.
$success = $sbXml.LoadFile("qa_data/xml_dsig_valid_samples/multipleSigners/sp.pdf.XAdES.xml","utf-8")
if ($success -eq $false) {
    $("Failed to load the XML file..")
    exit
}

$dsig = New-Object Chilkat.XmlDSig

# First load the XML containing the signatures to be verified.
# Note that this particular Signature already contains the RSA public key that will be used
# for verification.
$success = $dsig.LoadSignatureSb($sbXml)
if ($success -ne $true) {
    $($dsig.LastErrorText)
    exit
}

# For each signature, verify and also get the certificate(s) contained within each Signature.
$i = 0
$saCerts = New-Object Chilkat.StringArray
$cert = New-Object Chilkat.Cert

$("numSignatures = " + $dsig.NumSignatures)

while ($i -lt $dsig.NumSignatures) {
    # Select the Nth signature by setting the Selector property.
    $dsig.Selector = $i

    $bVerifyReferenceDigests = $true
    $bVerified = $dsig.VerifySignature($bVerifyReferenceDigests)
    $("Signature " + $i + 1 + " verified = " + $bVerified)

    # Get the certificates embedded in this signature.
    $saCerts.Clear()
    $success = $dsig.GetCerts($saCerts)
    if ($success -eq $true) {
        $j = 0
        while ($j -lt $saCerts.Count) {
            $success = $cert.LoadFromBase64($saCerts.GetString($j))
            if ($success -eq $true) {
                $("    " + $cert.SubjectDN)
            }

            $j = $j + 1
        }

    }

    $i = $i + 1
}