PureBasic
PureBasic
Duplicate OpensSSL to Sign File and Output Binary DER
See more OpenSSL Examples
This example duplicates the following:openssl smime -sign -in INPUT.xml -signer SIGN.PEM -passin pass:MYPASS -outform der -binary -nodetach -out SIGNED.P7M
Note: Although "smime" is the OpenSSL command, it's not actually producing S/MIME. The arguments "-outform der -binary" indicates that the output is binary DER (i.e. the PKCS7 binary signature). The input can be any type of file: XML, PDF, JPG, ... *anything*...
Chilkat PureBasic Downloads
IncludeFile "CkCert.pb"
IncludeFile "CkCrypt2.pb"
IncludeFile "CkPrivateKey.pb"
IncludeFile "CkPem.pb"
Procedure ChilkatExample()
success.i = 0
; This example requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
crypt.i = CkCrypt2::ckCreate()
If crypt.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Load the PEM containing cert + private key.
pem.i = CkPem::ckCreate()
If pem.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkPem::ckLoadPemFile(pem,"qa_data/pem/myPem.pem","password")
If success = 0
Debug CkPem::ckLastErrorText(pem)
CkCrypt2::ckDispose(crypt)
CkPem::ckDispose(pem)
ProcedureReturn
EndIf
privkey.i = CkPrivateKey::ckCreate()
If privkey.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkPem::ckPrivateKeyAt(pem,0,privkey)
If success = 0
Debug CkPem::ckLastErrorText(pem)
CkCrypt2::ckDispose(crypt)
CkPem::ckDispose(pem)
CkPrivateKey::ckDispose(privkey)
ProcedureReturn
EndIf
cert.i = CkCert::ckCreate()
If cert.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkPem::ckCertAt(pem,0,cert)
If success = 0
Debug CkPem::ckLastErrorText(pem)
CkCrypt2::ckDispose(crypt)
CkPem::ckDispose(pem)
CkPrivateKey::ckDispose(privkey)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
success = CkCrypt2::ckSetSigningCert2(crypt,cert,privkey)
If success = 0
Debug CkCrypt2::ckLastErrorText(crypt)
CkCrypt2::ckDispose(crypt)
CkPem::ckDispose(pem)
CkPrivateKey::ckDispose(privkey)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; Alternatively, we could use a .pfx/.p12 file.
; (Chilkat also supports other formats/sources for cert/private keys...)
certFromP12.i = CkCert::ckCreate()
If certFromP12.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkCert::ckLoadPfxFile(certFromP12,"qa_data/p12/myP12.p12","password")
If success = 0
Debug CkCert::ckLastErrorText(certFromP12)
CkCrypt2::ckDispose(crypt)
CkPem::ckDispose(pem)
CkPrivateKey::ckDispose(privkey)
CkCert::ckDispose(cert)
CkCert::ckDispose(certFromP12)
ProcedureReturn
EndIf
; The certificate, when loaded from a .pfx/.p12, will automatically
; include the associated private key, assuming it's present in the .p12.
; We don't have to explicitly provide the private key as in the
; lines of code above that use the PEM file.
success = CkCrypt2::ckSetSigningCert(crypt,certFromP12)
If success = 0
Debug CkCrypt2::ckLastErrorText(crypt)
CkCrypt2::ckDispose(crypt)
CkPem::ckDispose(pem)
CkPrivateKey::ckDispose(privkey)
CkCert::ckDispose(cert)
CkCert::ckDispose(certFromP12)
ProcedureReturn
EndIf
; Create the opaque signature (PKCS7 binary DER that contains both the signature and original file data).
success = CkCrypt2::ckCreateP7M(crypt,"qa_data/infile.anything","qa_output/outfile.p7m")
If success = 0
Debug CkCrypt2::ckLastErrorText(crypt)
CkCrypt2::ckDispose(crypt)
CkPem::ckDispose(pem)
CkPrivateKey::ckDispose(privkey)
CkCert::ckDispose(cert)
CkCert::ckDispose(certFromP12)
ProcedureReturn
EndIf
Debug "Success."
CkCrypt2::ckDispose(crypt)
CkPem::ckDispose(pem)
CkPrivateKey::ckDispose(privkey)
CkCert::ckDispose(cert)
CkCert::ckDispose(certFromP12)
ProcedureReturn
EndProcedure