222561fe8e
Don't check for NULL before calling a free routine. This gets X509_.*free: x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free X509_STORE_free X509_STORE_CTX_free X509_PKEY_free X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free Reviewed-by: Richard Levitte <levitte@openssl.org>
74 lines
1.4 KiB
C
74 lines
1.4 KiB
C
/* Simple S/MIME verification example */
|
|
#include <openssl/pem.h>
|
|
#include <openssl/pkcs7.h>
|
|
#include <openssl/err.h>
|
|
|
|
int main(int argc, char **argv)
|
|
{
|
|
BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL;
|
|
X509_STORE *st = NULL;
|
|
X509 *cacert = NULL;
|
|
PKCS7 *p7 = NULL;
|
|
|
|
int ret = 1;
|
|
|
|
OpenSSL_add_all_algorithms();
|
|
ERR_load_crypto_strings();
|
|
|
|
/* Set up trusted CA certificate store */
|
|
|
|
st = X509_STORE_new();
|
|
|
|
/* Read in signer certificate and private key */
|
|
tbio = BIO_new_file("cacert.pem", "r");
|
|
|
|
if (!tbio)
|
|
goto err;
|
|
|
|
cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
|
|
|
|
if (!cacert)
|
|
goto err;
|
|
|
|
if (!X509_STORE_add_cert(st, cacert))
|
|
goto err;
|
|
|
|
/* Open content being signed */
|
|
|
|
in = BIO_new_file("smout.txt", "r");
|
|
|
|
if (!in)
|
|
goto err;
|
|
|
|
/* Sign content */
|
|
p7 = SMIME_read_PKCS7(in, &cont);
|
|
|
|
if (!p7)
|
|
goto err;
|
|
|
|
/* File to output verified content to */
|
|
out = BIO_new_file("smver.txt", "w");
|
|
if (!out)
|
|
goto err;
|
|
|
|
if (!PKCS7_verify(p7, NULL, st, cont, out, 0)) {
|
|
fprintf(stderr, "Verification Failure\n");
|
|
goto err;
|
|
}
|
|
|
|
fprintf(stderr, "Verification Successful\n");
|
|
|
|
ret = 0;
|
|
|
|
err:
|
|
if (ret) {
|
|
fprintf(stderr, "Error Verifying Data\n");
|
|
ERR_print_errors_fp(stderr);
|
|
}
|
|
PKCS7_free(p7);
|
|
X509_free(cacert);
|
|
BIO_free(in);
|
|
BIO_free(out);
|
|
BIO_free(tbio);
|
|
return ret;
|
|
}
|