Sample code for 30+ languages & platforms
Tcl

Decrypt S/MIME and Verify S/MIME Signatures

See more MIME Examples

_LANGUAGE_ example to decrypt S/MIME and verify S/MIME signatures. The S/MIME is unwrapped to get the original MIME prior to signing/encrypting.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set mime [new_CkMime]

# Load an S/MIME message from a file:
set success [CkMime_LoadMimeFile $mime "signedMime.txt"]
if {$success == 0} then {
    puts [CkMime_lastErrorText $mime]
    delete_CkMime $mime
    exit
}

# The ContainsEncryptedParts/ContainsSignedParts methods
# can be called to determine if the MIME is encrypted and/or signed:
set isEncrypted [CkMime_ContainsEncryptedParts $mime]
set isSigned [CkMime_ContainsSignedParts $mime]

# We don't want the "unwrap extras".  You'll see what those
# are in a few moments...
CkMime_put_UnwrapExtras $mime 0

# To verify the signature, call UnwrapSecurity.  This will
# verify the signature(s) and decrypt the S/MIME and restore
# the MIME to the unsigned/unencrypted state.
# The results of what was found are present in the MIME object's
# properties, as well as extra header fields that are added
# to the unwrapped MIME.
set success [CkMime_UnwrapSecurity $mime]
if {$success != 1} then {
    # UnwrapSecurity returns 1 if all signatures were
    # verified and all parts decrypted.
    puts [CkMime_lastErrorText $mime]
    delete_CkMime $mime
    exit
}

# The mime.UnwrapExtras property controls whether or not
# these additional fields are added to the unwrapped MIME:
# 
# X-NumPartsSigned: 1
# X-SignaturesValid: yes
# X-NumPartsEncrypted: 1
# X-Decrypted: no
# 
# The X-NumPartsSigned/X-SignaturesValid headers are added
# if the MIME was signed.  
# 
# The X-NumPartsEncrypted/X-Decrypted headers are added
# if the MIME was encrypted.
# 

# If the MIME was signed, get the certificate used for signing.
if {$isSigned == 1} then {
    set signerCert [new_CkCert]

    # The NumSignerCerts property indicates how many certificates
    # were used for signing.  This example will assume the value is 1.
    # To get the 1st signer cert, call LastSignerCert with an index of 0:
    set success [CkMime_LastSignerCert $mime 0 $signerCert]
    if {$success == 1} then {
        puts "**** Signer Cert: [CkCert_subjectCN $signerCert]"
    }

}

# If the MIME was encrypted, get the certificate used for decryption
if {$isEncrypted == 1} then {
    # The NumDecryptCerts property indicates how many certificates
    # were used for decrypting.  This example will assume the value is 1.
    # To get the 1st decrypt cert, call LastDecryptCert with an index of 0:
    set decryptCert [new_CkCert]

    set success [CkMime_LastDecryptCert $mime 0 $decryptCert]
    if {$success == 1} then {
        puts "**** Decrypt Cert: [CkCert_subjectCN $decryptCert]"
    }

}

# Display the unwrapped MIME:
puts [CkMime_getMime $mime]

# Save the unwrapped MIME to a file:
set success [CkMime_SaveMime $mime "unwrappedMime.txt"]

delete_CkMime $mime
delete_CkCert $signerCert
delete_CkCert $decryptCert