Verifiy digital signatures

[Böhrer]

Hi there,

i noticed that Securebridge offers the possibility to verify digital signatures and certificates (PKCS).
Unfortunately I couldn't find any example code or documentation.

Does anyone have Delphi code to verify a mail received via Indy that was signed with a smime.p7s file.

[Dimon]

Currently SecureBridge does not provide functionality to verify a signed mail.
You can suggest this feature at our UserVoice ( https://devart.uservoice.com/forums/174370-securebridge ). If the suggestion gets a lot of votes, we will consider the possibility to implement it.

[marcosfbarbosa]

Good afternoon. Studying the sources of the Secure Bridge component in version 9.4.1, I noticed that the data of a certain digital certificate is validated according to its property. I would like to know if there is any internal function or procedure that validates the PIN of the selected certificate.
I had to merge wincrypt for certificate selection and then use the component for certificate validation. See code below

Code: Select all

function GetCertificado: boolean;
var
  hStore: HCERTSTORE;
  ACertContext: PCCERT_CONTEXT;
  certString : string;

  Store : TScCryptoAPIStorage;
  storage : TScFileStorage;
  Cert : TScCertificate;
  i : integer;
  pDT, pSG : TBytes;
  iPdt : array of TBytes;
  user : TScUser;
begin
  Result := False;
  hStore := nil;
  try
	//Using wincrypt for certificate selection
	hStore := CertOpenSystemStore(0, 'My');
    ACertContext := CryptUIDlgSelectCertificateFromStore(hStore, 0, 'Selecione um Certificado', 'Selecione o Certificado que deseja utilizar:', CRYPTUI_SELECT_ISSUEDTO_COLUMN, 0, Nil);

    if (Assigned(ACertContext)) and (ACertContext <> nil) then
    begin
       certString := String(CertToDERBase64(ACertContext));	   
	   //Validating if certificate is plugged in and drivers installed with wincrypt
       if GetCertIsHardware(ACertContext) then
       begin
	    //Fetching selected certificate data with ScBridge component
        Store := TScCryptoAPIStorage.Create(nil);
        Store.CertStoreName := 'My';

        for i := 0 to Store.Certificates.Count - 1 do
        begin
          cert := Store.Certificates[i];
          if (Cert.Ready) and (cert.SerialNumber = GetSerialNumber(ACertContext)) then
          begin
            //function or procedure to validate user pin, what to use, how to do it
            Break;
          end;
        end; 
       end; 
    end;
  finally
    CertCloseStore(hStore, 0);
  end;
end;

[Dimon]

Please clarify what do you mean by "the PIN of the selected certificate"?

[2048tm]

Please clarify what do you mean by "the PIN of the selected certificate"?

Same question

[marcosfbarbosa]

The PIN would be the user who uses the digital certificate. How to authenticate this user