PureBasic
PureBasic
Get PDF DSS (Document Security Store)
See more PDF Signatures Examples
This example demonstrates how to extract the information from a PDF's DSS (Document Security Store), if a /DSS exists. (Just because a PDF is signed does not mean a /DSS will exists. In fact, the /DSS is typically created at the point of adding the 2nd or greater signature because the /DSS contains LTV (long term validation) information about the previous signature at the time of adding an additional signature.)Note: This example requires Chilkat v9.5.0.85 or greater.
Chilkat PureBasic Downloads
IncludeFile "CkDtObj.pb"
IncludeFile "CkJsonObject.pb"
IncludeFile "CkPdf.pb"
Procedure ChilkatExample()
success.i = 0
; This example requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
pdf.i = CkPdf::ckCreate()
If pdf.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkPdf::ckLoadFile(pdf,"qa_data/pdf/sign_testing_1/helloSigned2.pdf")
If success = 0
Debug CkPdf::ckLastErrorText(pdf)
CkPdf::ckDispose(pdf)
ProcedureReturn
EndIf
json.i = CkJsonObject::ckCreate()
If json.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkJsonObject::setCkEmitCompact(json, 0)
success = CkPdf::ckGetDss(pdf,json)
Debug CkJsonObject::ckEmit(json)
; The document security store contains certificates, OCSP responses, and CRLs.
; The following JSON is a sample of what the /DSS can contain.
; Unfortunately, our sample contains /Certs and /OCSPs, but no /CRLs.
; It's no problem because whatever JSON you get back, you can use the
; following online tool to generate code to parse.
; Generate Parsing Code from JSON
; The code generated by the online tool for this JSON is shown below..
; {
; "/VRI": {
; "/EC5BB34CC1F8A0C5FE674427E16E313A08C80808": {}
; },
; "/Certs": [
; {
; "serial": "02",
; "validFrom": "2011-08-07T19:00:00-05:00",
; "validTo": "2021-08-10T23:59:59-05:00",
; "expired": false,
; "subject": {
; "CN": "XYZ Corporation",
; "O": "XYZ"
; },
; "issuer": {
; "CN": "XYZ Corporation",
; "O": "XYZ"
; },
; "keyType": "RSA",
; "keySize": "2048",
; "der": "MIIDz...Q4Zt"
; },
; {
; "serial": "01",
; "validFrom": "2011-08-07T19:00:00-05:00",
; "validTo": "2021-08-10T23:59:59-05:00",
; "expired": false,
; "subject": {
; "CN": "XYZ Corporation",
; "O": "XYZ"
; },
; "issuer": {
; "CN": "XYZ Corporation",
; "O": "XYZ"
; },
; "keyType": "RSA",
; "keySize": "2048",
; "der": "MIID...jXYFc="
; },
; {
; "serial": "0AA125D6D6321B7E41E405DA3697C215",
; "validFrom": "2016-01-07T06:00:00-06:00",
; "validTo": "2031-01-07T12:00:00-06:00",
; "expired": false,
; "subject": {
; "CN": "DigiCert SHA2 Assured ID Timestamping CA",
; "OU": "www.digicert.com",
; "O": "DigiCert Inc",
; "C": "US"
; },
; "issuer": {
; "CN": "DigiCert Assured ID Root CA",
; "OU": "www.digicert.com",
; "O": "DigiCert Inc",
; "C": "US"
; },
; "keyType": "RSA",
; "keySize": "2048",
; "der": "MIIF...OUg=="
; },
; {
; "serial": "04CD3F8568AE76C61BB0FE7160CCA76D",
; "validFrom": "2019-09-30T19:00:00-05:00",
; "validTo": "2030-10-17T00:00:00-05:00",
; "expired": false,
; "subject": {
; "CN": "TIMESTAMP-SHA256-2019-10-15",
; "O": "DigiCert, Inc.",
; "C": "US"
; },
; "issuer": {
; "CN": "DigiCert SHA2 Assured ID Timestamping CA",
; "OU": "www.digicert.com",
; "O": "DigiCert Inc",
; "C": "US"
; },
; "keyType": "RSA",
; "keySize": "2048",
; "der": "MIIG...MJtPc="
; },
; {
; "serial": "0CE7E0E517D846FE8FE560FC1BF03039",
; "validFrom": "2006-11-09T18:00:00-06:00",
; "validTo": "2031-11-10T00:00:00-06:00",
; "expired": false,
; "subject": {
; "CN": "DigiCert Assured ID Root CA",
; "OU": "www.digicert.com",
; "O": "DigiCert Inc",
; "C": "US"
; },
; "issuer": {
; "CN": "DigiCert Assured ID Root CA",
; "OU": "www.digicert.com",
; "O": "DigiCert Inc",
; "C": "US"
; },
; "keyType": "RSA",
; "keySize": "2048",
; "der": "MIIDt...FL6Lw8g=="
; },
; {
; "serial": "E4D34D01798BE686424AF7F6F0C3BF41",
; "validFrom": "2015-03-24T10:58:16-05:00",
; "validTo": "2039-12-31T23:59:59-06:00",
; "expired": false,
; "subject": {
; "CN": "www.xyz.com"
; },
; "issuer": {
; "CN": "www.xyz.com"
; },
; "keyType": "RSA",
; "keySize": "1024",
; "der": "MIIB9DCCAWG...UR10lz"
; }
; ],
; "/OCSPs": [
; {
; "responseStatus": 0,
; "responseTypeOid": "1.3.6.1.5.5.7.48.1.1",
; "responseTypeName": "ocspBasic",
; "response": {
; "responderIdChoice": "KeyHash",
; "responderKeyHash": "Reuir/SSy4IxLVGLp6chnfNtyA8=",
; "dateTime": "20201005173921Z",
; "cert": [
; {
; "hashOid": "1.3.14.3.2.26",
; "hashAlg": "SHA-1",
; "issuerNameHash": "98S+C0C1w0QzPT+uuU1uONr67FE=",
; "issuerKeyHash": "Reuir/SSy4IxLVGLp6chnfNtyA8=",
; "serialNumber": "0AA125D6D6321B7E41E405DA3697C215",
; "status": 0,
; "thisUpdate": "20201005173921Z",
; "nextUpdate": "20201012173921Z"
; }
; ]
; }
; },
; {
; "responseStatus": 0,
; "responseTypeOid": "1.3.6.1.5.5.7.48.1.1",
; "responseTypeName": "ocspBasic",
; "response": {
; "responderIdChoice": "KeyHash",
; "responderKeyHash": "9LbhIB3+Ka7S5GGlsqIlssgXNW4=",
; "dateTime": "20201006114501Z",
; "cert": [
; {
; "hashOid": "1.3.14.3.2.26",
; "hashAlg": "SHA-1",
; "issuerNameHash": "+YYA+KSr7NIxRSxCjUNQo25SyD0=",
; "issuerKeyHash": "9LbhIB3+Ka7S5GGlsqIlssgXNW4=",
; "serialNumber": "04CD3F8568AE76C61BB0FE7160CCA76D",
; "status": 0,
; "thisUpdate": "20201006114501Z",
; "nextUpdate": "20201013110001Z"
; }
; ]
; }
; }
; ]
; }
responseDateTime.i = CkDtObj::ckCreate()
If responseDateTime.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
thisUpdate.i = CkDtObj::ckCreate()
If thisUpdate.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
nextUpdate.i = CkDtObj::ckCreate()
If nextUpdate.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
serial.s
validFrom.s
validTo.s
expired.i
subjectCN.s
subjectO.s
issuerCN.s
issuerO.s
keyType.s
keySize.s
der.s
subjectOU.s
subjectC.s
issuerOU.s
issuerC.s
responseStatus.i
responseTypeOid.s
responseTypeName.s
responseResponderIdChoice.s
responseResponderKeyHash.s
j.i
count_j.i
hashOid.s
hashAlg.s
issuerNameHash.s
issuerKeyHash.s
serialNumber.s
status.i
i.i = 0
count_i.i = CkJsonObject::ckSizeOfArray(json,"/Certs")
While i < count_i
CkJsonObject::setCkI(json, i)
serial = CkJsonObject::ckStringOf(json,"/Certs[i].serial")
validFrom = CkJsonObject::ckStringOf(json,"/Certs[i].validFrom")
validTo = CkJsonObject::ckStringOf(json,"/Certs[i].validTo")
expired = CkJsonObject::ckBoolOf(json,"/Certs[i].expired")
subjectCN = CkJsonObject::ckStringOf(json,"/Certs[i].subject.CN")
subjectO = CkJsonObject::ckStringOf(json,"/Certs[i].subject.O")
issuerCN = CkJsonObject::ckStringOf(json,"/Certs[i].issuer.CN")
issuerO = CkJsonObject::ckStringOf(json,"/Certs[i].issuer.O")
keyType = CkJsonObject::ckStringOf(json,"/Certs[i].keyType")
keySize = CkJsonObject::ckStringOf(json,"/Certs[i].keySize")
der = CkJsonObject::ckStringOf(json,"/Certs[i].der")
subjectOU = CkJsonObject::ckStringOf(json,"/Certs[i].subject.OU")
subjectC = CkJsonObject::ckStringOf(json,"/Certs[i].subject.C")
issuerOU = CkJsonObject::ckStringOf(json,"/Certs[i].issuer.OU")
issuerC = CkJsonObject::ckStringOf(json,"/Certs[i].issuer.C")
i = i + 1
Wend
i = 0
count_i = CkJsonObject::ckSizeOfArray(json,"/OCSPs")
While i < count_i
CkJsonObject::setCkI(json, i)
responseStatus = CkJsonObject::ckIntOf(json,"/OCSPs[i].responseStatus")
responseTypeOid = CkJsonObject::ckStringOf(json,"/OCSPs[i].responseTypeOid")
responseTypeName = CkJsonObject::ckStringOf(json,"/OCSPs[i].responseTypeName")
responseResponderIdChoice = CkJsonObject::ckStringOf(json,"/OCSPs[i].response.responderIdChoice")
responseResponderKeyHash = CkJsonObject::ckStringOf(json,"/OCSPs[i].response.responderKeyHash")
CkJsonObject::ckDtOf(json,"/OCSPs[i].response.dateTime",0,responseDateTime)
j = 0
count_j = CkJsonObject::ckSizeOfArray(json,"/OCSPs[i].response.cert")
While j < count_j
CkJsonObject::setCkJ(json, j)
hashOid = CkJsonObject::ckStringOf(json,"/OCSPs[i].response.cert[j].hashOid")
hashAlg = CkJsonObject::ckStringOf(json,"/OCSPs[i].response.cert[j].hashAlg")
issuerNameHash = CkJsonObject::ckStringOf(json,"/OCSPs[i].response.cert[j].issuerNameHash")
issuerKeyHash = CkJsonObject::ckStringOf(json,"/OCSPs[i].response.cert[j].issuerKeyHash")
serialNumber = CkJsonObject::ckStringOf(json,"/OCSPs[i].response.cert[j].serialNumber")
status = CkJsonObject::ckIntOf(json,"/OCSPs[i].response.cert[j].status")
CkJsonObject::ckDtOf(json,"/OCSPs[i].response.cert[j].thisUpdate",0,thisUpdate)
CkJsonObject::ckDtOf(json,"/OCSPs[i].response.cert[j].nextUpdate",0,nextUpdate)
j = j + 1
Wend
i = i + 1
Wend
CkPdf::ckDispose(pdf)
CkJsonObject::ckDispose(json)
CkDtObj::ckDispose(responseDateTime)
CkDtObj::ckDispose(thisUpdate)
CkDtObj::ckDispose(nextUpdate)
ProcedureReturn
EndProcedure