|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Verify and Unwrap S/MIME, and get Information about CMS SignatureDemonstrates calling the Verify method to verify and unwrap S/MIME. The MIME is restored to the original structure that it would have originally had prior to signing. The Verify method works with both detached signatures, as well as opaque/attached signatures. Calls LastJsonData to get information about the signature(s) that were verified.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. set mime [new_CkMime] # Load the signed MIME from a file... set success [CkMime_LoadMimeFile $mime "qa_data/mime/detached_sig.eml"] if {$success == 0} then { puts [CkMime_lastErrorText $mime] delete_CkMime $mime exit } # Verify the S/MIME and restore the MIME # to the structure/content it had prior to signing. set verified [CkMime_Verify $mime] if {$verified == 0} then { puts [CkMime_lastErrorText $mime] delete_CkMime $mime exit } # Examine the details of what was verified. # json is a CkJsonObject set json [CkMime_LastJsonData $mime] CkJsonObject_put_EmitCompact $json 0 puts [CkJsonObject_emit $json] # The code to parse the following JSON (i.e. extract desired information) is shown below.. # { # "pkcs7": { # "verify": { # "certs": [ # { # "issuerCN": "VeriSign Class 1 Public Primary Certification Authority - G3", # "serial": "0702A21A85B84B659E180A6EE6F5A365" # }, # { # "issuerCN": "VeriSign Class 1 Public Primary Certification Authority - G3", # "serial": "008B5B75568454850B00CFAF3848CEB1A4" # }, # { # "issuerCN": "Symantec Class 1 Individual Subscriber CA - G5", # "serial": "619C55C32FF6BD1A7B7E0330D21C8F3C" # } # ], # "digestAlgorithms": [ # "sha1" # ], # "signerInfo": [ # { # "cert": { # "serialNumber": "619C55C32FF6BD1A7B7E0330D21C8F3C", # "issuerCN": "Symantec Class 1 Individual Subscriber CA - G5", # "digestAlgOid": "1.3.14.3.2.26", # "digestAlgName": "SHA1" # }, # "contentType": "1.2.840.113549.1.7.1", # "signingTime": "160428055000Z", # "messageDigest": "2hJJVmO/jtaJV5uCKMFzIkRRvtY=", # "signingAlgOid": "1.2.840.113549.1.1.1", # "signingAlgName": "RSA-PKCSV-1_5", # "authAttr": { # "1.2.840.113549.1.9.3": { # "name": "contentType", # "oid": "1.2.840.113549.1.7.1" # }, # "1.2.840.113549.1.9.5": { # "name": "signingTime", # "utctime": "160428055000Z" # }, # "1.2.840.113549.1.9.4": { # "name": "messageDigest", # "digest": "2hJJVmO/jtaJV5uCKMFzIkRRvtY=" # }, # "1.2.840.113549.1.9.15": { # "der": "MFAwCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKA==" # }, # "1.3.6.1.4.1.311.16.4": { # "der": "MIG7MIG...7fgMw0hyPPA==" # } # } # } # ] # } # } # } # Use this online tool to generate parsing code from sample JSON: # Generate Parsing Code from JSON set signingTime [new_CkDtObj] set authAttrSigningTimeUtctime [new_CkDtObj] set i 0 set count_i [CkJsonObject_SizeOfArray $json "pkcs7.verify.certs"] while {$i < $count_i} { CkJsonObject_put_I $json $i set issuerCN [CkJsonObject_stringOf $json "pkcs7.verify.certs[i].issuerCN"] set serial [CkJsonObject_stringOf $json "pkcs7.verify.certs[i].serial"] set i [expr $i + 1] } set i 0 set count_i [CkJsonObject_SizeOfArray $json "pkcs7.verify.digestAlgorithms"] while {$i < $count_i} { CkJsonObject_put_I $json $i set strVal [CkJsonObject_stringOf $json "pkcs7.verify.digestAlgorithms[i]"] set i [expr $i + 1] } set i 0 set count_i [CkJsonObject_SizeOfArray $json "pkcs7.verify.signerInfo"] while {$i < $count_i} { CkJsonObject_put_I $json $i set certSerialNumber [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].cert.serialNumber"] set certIssuerCN [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].cert.issuerCN"] set certDigestAlgOid [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].cert.digestAlgOid"] set certDigestAlgName [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].cert.digestAlgName"] set contentType [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].contentType"] CkJsonObject_DtOf $json "pkcs7.verify.signerInfo[i].signingTime" 0 $signingTime set messageDigest [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].messageDigest"] set signingAlgOid [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].signingAlgOid"] set signingAlgName [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].signingAlgName"] set authAttrContentTypeName [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.3\".name"] set authAttrContentTypeOid [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.3\".oid"] set authAttrSigningTimeName [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.5\".name"] CkJsonObject_DtOf $json "pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.5\".utctime" 0 $authAttrSigningTimeUtctime set authAttrMessageDigestName [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.4\".name"] set authAttrMessageDigestDigest [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.4\".digest"] set authAttr1_2_840_113549_1_9_15Der [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].authAttr.\"1.2.840.113549.1.9.15\".der"] set authAttr1_3_6_1_4_1_311_16_4Der [CkJsonObject_stringOf $json "pkcs7.verify.signerInfo[i].authAttr.\"1.3.6.1.4.1.311.16.4\".der"] set i [expr $i + 1] } delete_CkJsonObject $json delete_CkMime $mime delete_CkDtObj $signingTime delete_CkDtObj $authAttrSigningTimeUtctime |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.