CMS signature verification with PL/SQL

CMS (Cryptography message syntax) digital signatures usually contain the X.509 certificate of the signer embedded inside them. In that case, we can verify the validity of the signature with only the signature itself.

Verifying CMS signature located in a CLOB field

The example code below illustrates how to verify the validity of a CMS signature with PL/SQL

  message CLOB;
  signature CLOB;
  signature_check_result PLS_INTEGER;
    signature := ... -- load the signature
    signature_check_result := ORA_RSA.CMS_VERIFY_CLOB(message => signature);
    IF signature_check_result = 1 THEN
       DBMS_OUTPUT.put_line('Signature verification passed.'); 
       DBMS_OUTPUT.put_line('Signature verification failed!'); 
    END IF;