Extracts message digest from a CMS signed-data object file and verifies the signature.
VB6/VBA
Debug.Print "Testing CMS_GetSigDataDigest ..." Dim strCmsFile As String Dim strHexDigest As String Dim nDigAlg As Long Dim strData As String Dim nDataLen As Long Dim strContentDigest As String Dim nHashLen As Long strCmsFile = "4.2.bin" ' 1. Get the digest value strHexDigest = String(PKI_MAX_HASH_CHARS, " ") nDigAlg = CMS_GetSigDataDigest(strHexDigest, _ Len(strHexDigest), strCmsFile, "", 0) Debug.Print "CMS_GetSigDataDigest returns " & nDigAlg If nDigAlg < 0 Then Exit Sub End If Debug.Print "Extracted digest is" Debug.Print "[" & strHexDigest & "]" ' 2. Go get the content - in this case it's in the signed-data object nDataLen = CMS_ReadSigDataToString("", 0, strCmsFile, 0) If nDataLen <= 0 Then Exit Sub End If strData = String(nDataLen, " ") nDataLen = CMS_ReadSigDataToString(strData, nDataLen, strCmsFile, 0) Debug.Print "CMS_ReadSigDataToString returns " & nDataLen Debug.Print "Data is [" & strData & "]" ' 3. Compute independently the hash of what we found ' (Note how we use the digest algorithm code returned above) strContentDigest = String(PKI_MAX_HASH_CHARS, " ") nHashLen = HASH_HexFromString(strContentDigest, _ Len(strContentDigest), strData, nDataLen, nDigAlg) Debug.Print "Computed hash of content is" Debug.Print "[" & strContentDigest & "]" ' 4. Can we match this hash digest with ' what we extracted from the signed-data? strContentDigest = Left(strContentDigest, nHashLen) strHexDigest = Left(strHexDigest, nHashLen) If strContentDigest = strHexDigest Then Debug.Print "SUCCESS - digests match!" Else Debug.Print "FAILS! - no match" End If
Output
Testing CMS_GetSigDataDigest ... CMS_GetSigDataDigest returns 0 Extracted digest is [406aec085279ba6e16022d9e0629c0229687dd48 ] CMS_ReadSigDataToString returns 28 Data is [This is some sample content.] Computed hash of content is [406aec085279ba6e16022d9e0629c0229687dd48 ] SUCCESS - digests match!
VB.NET
Console.WriteLine("Testing CMS_GetSigDataDigest ...")
Dim strCmsFile As String
Dim strHexDigest As String
''Dim nDigAlg As Integer
Dim strData As String
''Dim nDataLen As Integer
Dim strContentDigest As String
''Dim nHashLen As Integer
Dim strDigestAlg As String
strCmsFile = "4.2.bin"
' 1. Get the digest value
''strHexDigest = String(PKI_MAX_HASH_CHARS, " ")
strHexDigest = Cms.GetSigDataDigest(strCmsFile, "", False)
''Console.WriteLine("CMS_GetSigDataDigest returns " & nDigAlg)
If strHexDigest.Length = 0 Then
Exit Sub
End If
Console.WriteLine("Extracted digest is")
Console.WriteLine("[" & strHexDigest & "]")
' 2. Go get the content - in this case it's in the signed-data object
strData = Cms.ReadSigDataToString(strCmsFile, False)
If strData.Length = 0 Then
Exit Sub
End If
Console.WriteLine("Data is [" & strData & "]")
' 3. Compute independently the hash of what we found
' [.NET] We have to query the signed data to find the hash algorithm
strDigestAlg = Cms.QuerySigData(strCmsFile, "digestAlgorithm", False)
Console.WriteLine("digestAlgorithm=" & strDigestAlg)
strContentDigest = Hash.HexFromString(strData, HashAlgorithm.Sha1)
Console.WriteLine("Computed hash of content is")
Console.WriteLine("[" & strContentDigest & "]")
' 4. Can we match this hash digest with
' what we extracted from the signed-data?
If strContentDigest = strHexDigest Then
Console.WriteLine("SUCCESS - digests match!")
Else
Console.WriteLine("FAILS! - no match")
End If
Remarks
strDigest = Trim(strDigest) to remove the trailing blanks.
[Contents]