1/* Simple S/MIME verification example */ 2#include <openssl/pem.h> 3#include <openssl/pkcs7.h> 4#include <openssl/err.h> 5 6int main(int argc, char **argv) 7{ 8 BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL; 9 X509_STORE *st = NULL; 10 X509 *cacert = NULL; 11 PKCS7 *p7 = NULL; 12 13 int ret = 1; 14 15 OpenSSL_add_all_algorithms(); 16 ERR_load_crypto_strings(); 17 18 /* Set up trusted CA certificate store */ 19 20 st = X509_STORE_new(); 21 22 /* Read in signer certificate and private key */ 23 tbio = BIO_new_file("cacert.pem", "r"); 24 25 if (!tbio) 26 goto err; 27 28 cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL); 29 30 if (!cacert) 31 goto err; 32 33 if (!X509_STORE_add_cert(st, cacert)) 34 goto err; 35 36 /* Open content being signed */ 37 38 in = BIO_new_file("smout.txt", "r"); 39 40 if (!in) 41 goto err; 42 43 /* Sign content */ 44 p7 = SMIME_read_PKCS7(in, &cont); 45 46 if (!p7) 47 goto err; 48 49 /* File to output verified content to */ 50 out = BIO_new_file("smver.txt", "w"); 51 if (!out) 52 goto err; 53 54 if (!PKCS7_verify(p7, NULL, st, cont, out, 0)) { 55 fprintf(stderr, "Verification Failure\n"); 56 goto err; 57 } 58 59 fprintf(stderr, "Verification Successful\n"); 60 61 ret = 0; 62 63 err: 64 65 if (ret) { 66 fprintf(stderr, "Error Verifying Data\n"); 67 ERR_print_errors_fp(stderr); 68 } 69 70 if (p7) 71 PKCS7_free(p7); 72 73 if (cacert) 74 X509_free(cacert); 75 76 if (in) 77 BIO_free(in); 78 if (out) 79 BIO_free(out); 80 if (tbio) 81 BIO_free(tbio); 82 83 return ret; 84 85} 86