Tcl
Tcl
Get Certificates within XML Signature
See more XML Digital Signatures Examples
Demonstrates how to get the certificates contained within an XML signature.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
set sbXml [new_CkStringBuilder]
# Load XML containing one or more signatures.
set success [CkStringBuilder_LoadFile $sbXml "qa_data/xml_dsig_valid_samples/multipleSigners/sp.pdf.XAdES.xml" "utf-8"]
if {$success == 0} then {
puts "Failed to load the XML file.."
delete_CkStringBuilder $sbXml
exit
}
set dsig [new_CkXmlDSig]
# First load the XML containing the signatures to be verified.
# Note that this particular Signature already contains the RSA public key that will be used
# for verification.
set success [CkXmlDSig_LoadSignatureSb $dsig $sbXml]
if {$success != 1} then {
puts [CkXmlDSig_lastErrorText $dsig]
delete_CkStringBuilder $sbXml
delete_CkXmlDSig $dsig
exit
}
# For each signature, verify and also get the certificate(s) contained within each Signature.
set i 0
set saCerts [new_CkStringArray]
set cert [new_CkCert]
puts "numSignatures = [CkXmlDSig_get_NumSignatures $dsig]"
while {$i < [CkXmlDSig_get_NumSignatures $dsig]} {
# Select the Nth signature by setting the Selector property.
CkXmlDSig_put_Selector $dsig $i
set bVerifyReferenceDigests 1
set bVerified [CkXmlDSig_VerifySignature $dsig $bVerifyReferenceDigests]
puts "Signature [expr $i + 1] verified = $bVerified"
# Get the certificates embedded in this signature.
CkStringArray_Clear $saCerts
set success [CkXmlDSig_GetCerts $dsig $saCerts]
if {$success == 1} then {
set j 0
while {$j < [CkStringArray_get_Count $saCerts]} {
set success [CkCert_LoadFromBase64 $cert [CkStringArray_getString $saCerts $j]]
if {$success == 1} then {
puts " [CkCert_subjectDN $cert]"
}
set j [expr $j + 1]
}
}
set i [expr $i + 1]
}
delete_CkStringBuilder $sbXml
delete_CkXmlDSig $dsig
delete_CkStringArray $saCerts
delete_CkCert $cert