Frank Geck wrote:
>
> Thanks. Well did not use PKCS7_verify() because I could not find examples using
> it. Since you wrote it I guess you might have some examples?
>
> As you know lots of this is undocumented and it's hard to figure out what to use.
>
Well currently there's the stuff in apps/smime.c The function is pretty
simple to use:
int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
BIO *indata, BIO *out, int flags);
p7 is the PKCS#7 structure to verify
certs is some optional additional certificates which will be searched to
find the signers certificate, normally NULL.
store is a trusted certificate store.
indata is the signed data (if not included in the PKCS#7 structure)
out is a BIO to write the data to and flags
flags various flags, normally set to 0.
I'll look into adding some docs for this stuff.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Gemplus: http://www.gemplus.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
