1 /* 2 * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* Simple S/MIME verification example */ 11 #include <openssl/pem.h> 12 #include <openssl/pkcs7.h> 13 #include <openssl/err.h> 14 15 int main(int argc, char **argv) 16 { 17 BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL; 18 X509_STORE *st = NULL; 19 X509 *cacert = NULL; 20 PKCS7 *p7 = NULL; 21 int ret = EXIT_FAILURE; 22 23 OpenSSL_add_all_algorithms(); 24 ERR_load_crypto_strings(); 25 26 /* Set up trusted CA certificate store */ 27 28 st = X509_STORE_new(); 29 if (st == NULL) 30 goto err; 31 32 /* Read in signer certificate and private key */ 33 tbio = BIO_new_file("cacert.pem", "r"); 34 35 if (tbio == NULL) 36 goto err; 37 38 cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL); 39 40 if (cacert == NULL) 41 goto err; 42 43 if (!X509_STORE_add_cert(st, cacert)) 44 goto err; 45 46 /* Open content being signed */ 47 48 in = BIO_new_file("smout.txt", "r"); 49 50 if (in == NULL) 51 goto err; 52 53 /* Sign content */ 54 p7 = SMIME_read_PKCS7(in, &cont); 55 56 if (p7 == NULL) 57 goto err; 58 59 /* File to output verified content to */ 60 out = BIO_new_file("smver.txt", "w"); 61 if (out == NULL) 62 goto err; 63 64 if (!PKCS7_verify(p7, NULL, st, cont, out, 0)) { 65 fprintf(stderr, "Verification Failure\n"); 66 goto err; 67 } 68 69 printf("Verification Successful\n"); 70 71 ret = EXIT_SUCCESS; 72 err: 73 if (ret != EXIT_SUCCESS) { 74 fprintf(stderr, "Error Verifying Data\n"); 75 ERR_print_errors_fp(stderr); 76 } 77 78 X509_STORE_free(st); 79 PKCS7_free(p7); 80 X509_free(cacert); 81 BIO_free(in); 82 BIO_free(out); 83 BIO_free(tbio); 84 return ret; 85 } 86