1=pod 2 3=head1 NAME 4 5PKCS7_verify, PKCS7_get0_signers - verify a PKCS#7 signedData structure 6 7=head1 SYNOPSIS 8 9 #include <openssl/pkcs7.h> 10 11 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags); 12 13 STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); 14 15=head1 DESCRIPTION 16 17PKCS7_verify() verifies a PKCS#7 signedData structure. B<p7> is the PKCS7 18structure to verify. B<certs> is a set of certificates in which to search for 19the signer's certificate. B<store> is a trusted certficate store (used for 20chain verification). B<indata> is the signed data if the content is not 21present in B<p7> (that is it is detached). The content is written to B<out> 22if it is not NULL. 23 24B<flags> is an optional set of flags, which can be used to modify the verify 25operation. 26 27PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does 28B<not> check their validity or whether any signatures are valid. The B<certs> 29and B<flags> parameters have the same meanings as in PKCS7_verify(). 30 31=head1 VERIFY PROCESS 32 33Normally the verify process proceeds as follows. 34 35Initially some sanity checks are performed on B<p7>. The type of B<p7> must 36be signedData. There must be at least one signature on the data and if 37the content is detached B<indata> cannot be B<NULL>. 38 39An attempt is made to locate all the signer's certificates, first looking in 40the B<certs> parameter (if it is not B<NULL>) and then looking in any certificates 41contained in the B<p7> structure itself. If any signer's certificates cannot be 42located the operation fails. 43 44Each signer's certificate is chain verified using the B<smimesign> purpose and 45the supplied trusted certificate store. Any internal certificates in the message 46are used as untrusted CAs. If any chain verify fails an error code is returned. 47 48Finally the signed content is read (and written to B<out> is it is not NULL) and 49the signature's checked. 50 51If all signature's verify correctly then the function is successful. 52 53Any of the following flags (ored together) can be passed in the B<flags> parameter 54to change the default verify behaviour. Only the flag B<PKCS7_NOINTERN> is 55meaningful to PKCS7_get0_signers(). 56 57If B<PKCS7_NOINTERN> is set the certificates in the message itself are not 58searched when locating the signer's certificate. This means that all the signers 59certificates must be in the B<certs> parameter. 60 61If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted 62from the content. If the content is not of type B<text/plain> then an error is 63returned. 64 65If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified. 66 67If B<PKCS7_NOCHAIN> is set then the certificates contained in the message are 68not used as untrusted CAs. This means that the whole verify chain (apart from 69the signer's certificate) must be contained in the trusted store. 70 71If B<PKCS7_NOSIGS> is set then the signatures on the data are not checked. 72 73=head1 NOTES 74 75One application of B<PKCS7_NOINTERN> is to only accept messages signed by 76a small number of certificates. The acceptable certificates would be passed 77in the B<certs> parameter. In this case if the signer is not one of the 78certificates supplied in B<certs> then the verify will fail because the 79signer cannot be found. 80 81Care should be taken when modifying the default verify behaviour, for example 82setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification 83and any signed message will be considered valid. This combination is however 84useful if one merely wishes to write the content to B<out> and its validity 85is not considered important. 86 87Chain verification should arguably be performed using the signing time rather 88than the current time. However since the signing time is supplied by the 89signer it cannot be trusted without additional evidence (such as a trusted 90timestamp). 91 92=head1 RETURN VALUES 93 94PKCS7_verify() returns one for a successful verification and zero 95if an error occurs. 96 97PKCS7_get0_signers() returns all signers or B<NULL> if an error occurred. 98 99The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)> 100 101=head1 BUGS 102 103The trusted certificate store is not searched for the signers certificate, 104this is primarily due to the inadequacies of the current B<X509_STORE> 105functionality. 106 107The lack of single pass processing and need to hold all data in memory as 108mentioned in PKCS7_sign() also applies to PKCS7_verify(). 109 110=head1 SEE ALSO 111 112L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)> 113 114=head1 HISTORY 115 116PKCS7_verify() was added to OpenSSL 0.9.5 117 118=cut 119