Tcl
Tcl
CoSign PKCS7/CMS Signed Data
See more Digital Signatures Examples
Demonstrates how to add a 2nd signature to a CMS SignedData. This is to add an additional signature, SignerInfo and certificate(s) to an existing CMS signed data.In this example, we cosign an existing pdf.p7s
Note: The CoSign method is added in Chilkat v9.5.0.89.
Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
set crypt [new_CkCrypt2]
set cert [new_CkCert]
# If loading from a smart card, set the smartcard PIN.
CkCert_put_SmartCardPin $cert "0000"
# Load a certificate in some way, such as from a smart card.
# Chilkat provides other methods to load from a .pfx, .pem, or from the Windows certificate stores..
set success [CkCert_LoadFromSmartcard $cert ""]
if {$success == 0} then {
puts [CkCert_lastErrorText $cert]
delete_CkCrypt2 $crypt
delete_CkCert $cert
exit
}
set success [CkCrypt2_SetSigningCert $crypt $cert]
if {$success == 0} then {
puts [CkCrypt2_lastErrorText $crypt]
delete_CkCrypt2 $crypt
delete_CkCert $cert
exit
}
# Load the file to be co-signed.
# NOTE: This is to cosign a PDF file contained within a CMS (PKCS7) message.
# (In other words, the PDF is contained within the CMS SignedData, rather than the other way around
# where a CMS signature is contained within a PDF. Use Chilkat's PDF class to sign a PDF, which is
# to embed a CMS signature within the PDF.)
set bd [new_CkBinData]
set success [CkBinData_LoadFile $bd "qa_data/p7s/cosign/sample.pdf.p7s"]
if {$success == 0} then {
puts "Failed to load pdf.p7s input file."
delete_CkCrypt2 $crypt
delete_CkCert $cert
delete_CkBinData $bd
exit
}
# bd2 will contain the co-signed result.
set bd2 [new_CkBinData]
set success [CkCrypt2_CoSign $crypt $bd $cert $bd2]
if {$success == 0} then {
puts [CkCrypt2_lastErrorText $crypt]
delete_CkCrypt2 $crypt
delete_CkCert $cert
delete_CkBinData $bd
delete_CkBinData $bd2
exit
}
set success [CkBinData_WriteFile $bd "qa_output/cosigned.pdf.p7s"]
if {$success == 0} then {
puts "Failed to save pdf.p7s output file."
delete_CkCrypt2 $crypt
delete_CkCert $cert
delete_CkBinData $bd
delete_CkBinData $bd2
exit
}
puts "Success!"
delete_CkCrypt2 $crypt
delete_CkCert $cert
delete_CkBinData $bd
delete_CkBinData $bd2