Tcl
Tcl
Decrypt S/MIME and Verify S/MIME Signatures
See more MIME Examples
_LANGUAGE_ example to decrypt S/MIME and verify S/MIME signatures. The S/MIME is unwrapped to get the original MIME prior to signing/encrypting.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
set mime [new_CkMime]
# Load an S/MIME message from a file:
set success [CkMime_LoadMimeFile $mime "signedMime.txt"]
if {$success == 0} then {
puts [CkMime_lastErrorText $mime]
delete_CkMime $mime
exit
}
# The ContainsEncryptedParts/ContainsSignedParts methods
# can be called to determine if the MIME is encrypted and/or signed:
set isEncrypted [CkMime_ContainsEncryptedParts $mime]
set isSigned [CkMime_ContainsSignedParts $mime]
# We don't want the "unwrap extras". You'll see what those
# are in a few moments...
CkMime_put_UnwrapExtras $mime 0
# To verify the signature, call UnwrapSecurity. This will
# verify the signature(s) and decrypt the S/MIME and restore
# the MIME to the unsigned/unencrypted state.
# The results of what was found are present in the MIME object's
# properties, as well as extra header fields that are added
# to the unwrapped MIME.
set success [CkMime_UnwrapSecurity $mime]
if {$success != 1} then {
# UnwrapSecurity returns 1 if all signatures were
# verified and all parts decrypted.
puts [CkMime_lastErrorText $mime]
delete_CkMime $mime
exit
}
# The mime.UnwrapExtras property controls whether or not
# these additional fields are added to the unwrapped MIME:
#
# X-NumPartsSigned: 1
# X-SignaturesValid: yes
# X-NumPartsEncrypted: 1
# X-Decrypted: no
#
# The X-NumPartsSigned/X-SignaturesValid headers are added
# if the MIME was signed.
#
# The X-NumPartsEncrypted/X-Decrypted headers are added
# if the MIME was encrypted.
#
# If the MIME was signed, get the certificate used for signing.
if {$isSigned == 1} then {
set signerCert [new_CkCert]
# The NumSignerCerts property indicates how many certificates
# were used for signing. This example will assume the value is 1.
# To get the 1st signer cert, call LastSignerCert with an index of 0:
set success [CkMime_LastSignerCert $mime 0 $signerCert]
if {$success == 1} then {
puts "**** Signer Cert: [CkCert_subjectCN $signerCert]"
}
}
# If the MIME was encrypted, get the certificate used for decryption
if {$isEncrypted == 1} then {
# The NumDecryptCerts property indicates how many certificates
# were used for decrypting. This example will assume the value is 1.
# To get the 1st decrypt cert, call LastDecryptCert with an index of 0:
set decryptCert [new_CkCert]
set success [CkMime_LastDecryptCert $mime 0 $decryptCert]
if {$success == 1} then {
puts "**** Decrypt Cert: [CkCert_subjectCN $decryptCert]"
}
}
# Display the unwrapped MIME:
puts [CkMime_getMime $mime]
# Save the unwrapped MIME to a file:
set success [CkMime_SaveMime $mime "unwrappedMime.txt"]
delete_CkMime $mime
delete_CkCert $signerCert
delete_CkCert $decryptCert