Archived Forum Post

Index of archived forum posts

Question:

Can not get signer cert in smime after call verifyVerifyBytes:sigData: in objective C

Dec 10 '14 at 00:01

I try to parse smime send from outlook (opaque signature p7m with certificate inside) but I cannot get the signer certificate

This is the sample code

CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];
if (![crypt UnlockComponent: @"Anything for 30-day trial"]) {
    return;
}
crypt.CryptAlgorithm = @"pki";
CkoCert *cert = cert =[[CkoCert alloc] init];
[cert LoadFromBinary:cert];
[crypt SetVerifyCert:cert];

NSData *data = [crypt OpaqueVerifyBytes:p7m];
if (!data) {
    return;
}

NSLog(@"LastErrorText =\n%@", crypt.LastErrorText);
CkoCert *cert__ =[crypt GetSignerCert:[NSNumber numberWithInt:0]];
NSLog(@"--%@--", [cert__ ExportCertPem]);

Everything work and this is the log text

LastErrorText =
ChilkatLog:
  OpaqueVerifyBytes:
    DllDate: Oct  2 2014
    ChilkatVersion: 9.5.0.44
    UnlockPrefix: Anything for 30-day trial
    Architecture: Little Endian; 64-bit
    Language: IOS Objective-C
    VerboseLogging: 0
    verifyOpaqueSignature:
      loadPkcs7Der:
        loadPkcs7Xml:
          loadSignedDataXml:
            NumDigestAlgorithmIdentifiers: 1
            AlgorithmIdentifier:
              oid: 2.16.840.1.101.3.4.2.1
            --AlgorithmIdentifier
            This is an opaque signature.
            Recovered original content.
            OriginalContentLen: 742
            numSigners: 1
            SignerInfo:
              signerInfoLoadXml:
                contentType: 1.2.840.113549.1.7.1
                messageDigestHex: 8D65 A460 0900 54A6 8CB7 3ABD F1C0 223F
2EEB 2FF6 BE9C 16BD 68D3 C57F F83E 0B8D
                signingTime: 141119084046Z
              --signerInfoLoadXml
            --SignerInfo
          --loadSignedDataXml
        --loadPkcs7Xml
        extractCertsFromSignedData:
          numCerts: 1
        --extractCertsFromSignedData
      --loadPkcs7Der
      verifyOpaqueSignature:
        verifySignature:
          numSigners: 1
          numDigestAlgorithms: 1
          Computing SHA256 message digest.
          numBytesDigested: 742
          numSigners: 1
          signerDigestAlgOid: 2.16.840.1.101.3.4.2.1
          messageDigestSize: 32
          Signer_0:
            issuerCN: USER B
            serialNum: 01
            digestOid: 2.16.840.1.101.3.4.2.1
            Digest of authenticated attributes DER matches.
          --Signer_0
          Signature verified but skipping verification of certificates.
        --verifySignature
      --verifyOpaqueSignature
    --verifyOpaqueSignature
    Success.
  --OpaqueVerifyBytes
--ChilkatLog

Log 2:
--(null)--

I don't know why I cannot get the signer cert while the software can parse it (show in LastErrorText => issuerCN: USER C serialNum: 01) This is trial version

Please help to get signercert after verify


Answer

The only way to help with this problem is for Chilkat to obtain a sample .p7m signed file so that it can be tested directly.