CryptoSys PKI Toolkit Manual

CMS_VerifySigData

CMS_VerifySigData verifies the signature and content of a signed-data CMS object file.

VB6/VBA Syntax

Public Declare Function CMS_VerifySigData Lib "diCrPKI.dll" (ByVal strFileIn As String, ByVal strCertFile As String, ByVal strHexDigest As String, ByVal nOptions As Long) As Long

nRet = CMS_VerifySigData(strFileIn, strCertFile, strHexDigest, nOptions) As Long

Parameters

strFileIn
[in] String specifying the name of the signed-data CMS object file.
strCertFile
[in] String (optional) specifying an X.509 certificate file to be used to identify the signer. Specify an empty string "" to use the certificate(s) in the input file.
strHexDigest
[in] String (optional) specifying a message digest encoded in hexadecimal format. Use this to verify a "detached-signature" input file. Specify an empty string "" to verify the eContent data in the SignedData file.
nOptions
[in] Long option flags:
PKI_DEFAULT (0) for default options
PKI_CMS_FORMAT_BASE64 to read input formatted with base64 encoding (default expected BER-encoded binary)

C/C++ Syntax

long _stdcall CMS_VerifySigData(const char *szFileIn, const char *szX509File, const char *szHexDigest, long nOptions);

Returns (VB6/C)

Long: If successful, the return value is zero; otherwise it returns a negative error code.

.NET Equivalent

Cms.VerifySigData Method

Remarks

This function verifies that the content was indeed signed by the purported signer. Note that it returns zero to indicate success, not true. If a certificate is specified in strCertFile then the public key from that certificate will be used and a matching signerInfo will be searched for in the SignedData file. Otherwise the first matching pair of certificate and signerInfo found in the SignedData file will be used. If the signed content (eContent) is included in the SignedData object (this is the usual case), then specify an empty string ("") for strHexDigest. For a "detached-signature" file where the signed content has been passed to the user by other means, create a separate message digest of the data and pass it to the function in the strHexDigest parameter. This function handles SignedData objects both with and without signedAttributes (a.k.a. authenticatedAttributes).

Example

Dim nRet As Long
Dim strInputFile As String
strInputFile = "BasicSignByAlice.bin"
nRet = CMS_VerifySigData(strInputFile, "", "", 0)
Debug.Print "CMS_VerifySigData returns " & nRet & " (expecting 0)"

See Also

CMS_GetSigDataDigest

[Contents] [Index]

[HOME]   [NEXT: CNV_B64Filter...]
Copyright © 2004-9 D.I. Management Services Pty Ltd. All rights reserved.