Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(SQL Server) Create ICP-Brasil Compliant CMS SignatureDemonstrates how to create a .p7s signature that contains a data file, which in this case is a PDF. The .p7s will be compliant with the ICP-Brazil Digital Signature Standard. The .p7s file created by this example can be verified at ICP-Brasil Online Verifier For more information, see http://www.iti.gov.br/images/repositorio/consulta-publica/encerradas/DOC-ICP-15_-_Versao_2.2_VISAO_GERAL_SOBRE_ASSIN_DIG_NA_ICP-BRASIL_xx-xx-2015.pdf
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls. -- CREATE PROCEDURE ChilkatSample AS BEGIN DECLARE @hr int -- Important: Do not use nvarchar(max). See the warning about using nvarchar(max). DECLARE @sTmp0 nvarchar(4000) -- This example requires the Chilkat API to have been previously unlocked. -- See Global Unlock Sample for sample code. -- ------------------------------------------------------------------------------------------------------ -- Note: This example creates a CMS signature (.p7s) that contains the PDF. -- It is different than signing a PDF. To sign a PDF where the resulting PDF contains the CMS signature, -- see this example: Sign PDF for ICP-Brasil -- ------------------------------------------------------------------------------------------------------ DECLARE @crypt int -- Use "Chilkat_9_5_0.Crypt2" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Crypt2', @crypt OUT IF @hr <> 0 BEGIN PRINT 'Failed to create ActiveX component' RETURN END -- Any type of file can be signed. It doesn't have to be a PDF. DECLARE @inFile nvarchar(4000) SELECT @inFile = 'qa_data/pdf/helloWorld.pdf' DECLARE @bd int -- Use "Chilkat_9_5_0.BinData" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.BinData', @bd OUT DECLARE @success int EXEC sp_OAMethod @bd, 'LoadFile', @success OUT, @inFile IF @success = 0 BEGIN PRINT 'Failed to load ' + @inFile EXEC @hr = sp_OADestroy @crypt EXEC @hr = sp_OADestroy @bd RETURN END -- We'll be using a certificate w/ private key stored on a smartcard for signing. DECLARE @cert int -- Use "Chilkat_9_5_0.Cert" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT -- If the smartcard or token requires a PIN, we can set it here to avoid the dialog... EXEC sp_OASetProperty @cert, 'SmartCardPin', '000000' EXEC sp_OAMethod @cert, 'LoadFromSmartcard', @success OUT, '' IF @success <> 1 BEGIN EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @crypt EXEC @hr = sp_OADestroy @bd EXEC @hr = sp_OADestroy @cert RETURN END -- Tell the crypt component to use this cert. EXEC sp_OAMethod @crypt, 'SetSigningCert', @success OUT, @cert IF @success <> 1 BEGIN EXEC sp_OAGetProperty @crypt, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @crypt EXEC @hr = sp_OADestroy @bd EXEC @hr = sp_OADestroy @cert RETURN END -- Set properties for signing... EXEC sp_OASetProperty @crypt, 'HashAlgorithm', 'sha256' DECLARE @jsonSigningAttrs int -- Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jsonSigningAttrs OUT EXEC sp_OAMethod @jsonSigningAttrs, 'UpdateInt', @success OUT, 'contentType', 1 EXEC sp_OAMethod @jsonSigningAttrs, 'UpdateInt', @success OUT, 'signingTime', 1 EXEC sp_OAMethod @jsonSigningAttrs, 'UpdateInt', @success OUT, 'messageDigest', 1 EXEC sp_OAMethod @jsonSigningAttrs, 'UpdateBool', @success OUT, 'signingCertificateV2', 1 -- Listed here are the currently existing profiles. (Chilkat will add additional ICP Brasil policy profiles in future versions as new ones are created.) -- See https://www.gov.br/iti/pt-br/assuntos/repositorio/artefatos-de-assinatura-digital for more information. -- -- PA_AD_RA --> 2.16.76.1.7.1.5.1 -- PA_AD_RA_v1_1 --> 2.16.76.1.7.1.5.1.1 -- PA_AD_RA_v1_2 --> 2.16.76.1.7.1.5.1.2 -- PA_AD_RA_v2_0 --> 2.16.76.1.7.1.5.2 -- PA_AD_RA_v2_1 --> 2.16.76.1.7.1.5.2.1 -- PA_AD_RA_v2_2 --> 2.16.76.1.7.1.5.2.2 -- PA_AD_RA_v2_3 --> 2.16.76.1.7.1.5.2.3 -- PA_AD_RA_v2_4 --> 2.16.76.1.7.1.5.2.4 -- PA_AD_RB --> 2.16.76.1.7.1.1.1 -- PA_AD_RB_v1_1 --> 2.16.76.1.7.1.1.1.1 -- PA_AD_RB_v2_0 --> 2.16.76.1.7.1.1.2 -- PA_AD_RB_v2_1 --> 2.16.76.1.7.1.1.2.1 -- PA_AD_RB_v2_2 --> 2.16.76.1.7.1.1.2.2 -- PA_AD_RB_v2_3 --> 2.16.76.1.7.1.1.2.3 -- PA_AD_RC --> 2.16.76.1.7.1.4.1 -- PA_AD_RC_v1_1 --> 2.16.76.1.7.1.4.1.1 -- PA_AD_RC_v2_0 --> 2.16.76.1.7.1.4.2 -- PA_AD_RC_v2_1 --> 2.16.76.1.7.1.4.2.1 -- PA_AD_RC_v2_2 --> 2.16.76.1.7.1.4.2.2 -- PA_AD_RC_v2_3 --> 2.16.76.1.7.1.4.2.3 -- PA_AD_RT --> 2.16.76.1.7.1.2.1 -- PA_AD_RT_v1_1 --> 2.16.76.1.7.1.2.1.1 -- PA_AD_RT_v2_0 --> 2.16.76.1.7.1.2.2 -- PA_AD_RT_v2_1 --> 2.16.76.1.7.1.2.2.1 -- PA_AD_RT_v2_2 --> 2.16.76.1.7.1.2.2.2 -- PA_AD_RT_v2_3 --> 2.16.76.1.7.1.2.2.3 -- PA_AD_RV --> 2.16.76.1.7.1.3.1 -- PA_AD_RV_v1_1 --> 2.16.76.1.7.1.3.1.1 -- PA_AD_RV_v2_0 --> 2.16.76.1.7.1.3.2 -- PA_AD_RV_v2_1 --> 2.16.76.1.7.1.3.2.1 -- PA_AD_RV_v2_2 --> 2.16.76.1.7.1.3.2.2 -- PA_AD_RV_v2_3 --> 2.16.76.1.7.1.3.2.3 -- Set the policy OID and the profile name EXEC sp_OAMethod @jsonSigningAttrs, 'UpdateString', @success OUT, 'policyId.id', '2.16.76.1.7.1.1.2.3' EXEC sp_OAMethod @jsonSigningAttrs, 'UpdateString', @success OUT, 'policyId.profile', 'PA_AD_RB_v2_3' EXEC sp_OAMethod @jsonSigningAttrs, 'Emit', @sTmp0 OUT EXEC sp_OASetProperty @crypt, 'SigningAttributes', @sTmp0 -- The Brazil government validator requires the ASN.1 data to be in "constructed octets" form.. EXEC sp_OASetProperty @crypt, 'UncommonOptions', 'UseConstructedOctets,OmitAlgorithmIdNull' EXEC sp_OASetProperty @crypt, 'IncludeCertChain', 0 -- Sign. EXEC sp_OAMethod @crypt, 'OpaqueSignBd', @success OUT, @bd IF @success = 0 BEGIN EXEC sp_OAGetProperty @crypt, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @crypt EXEC @hr = sp_OADestroy @bd EXEC @hr = sp_OADestroy @cert EXEC @hr = sp_OADestroy @jsonSigningAttrs RETURN END -- Save to a .p7s EXEC sp_OAMethod @bd, 'WriteFile', @success OUT, 'qa_output/helloWorld.pdf.p7s' PRINT 'Success' EXEC @hr = sp_OADestroy @crypt EXEC @hr = sp_OADestroy @bd EXEC @hr = sp_OADestroy @cert EXEC @hr = sp_OADestroy @jsonSigningAttrs END GO |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.