On Mon, Oct 20, 2014, Rares Dumitrache wrote: > Hello, > > I have a signing certificate with which I sign a message with > openssl command line. I do NOT use -nocerts option, so the signing > certificate should be embedded in the CMS message. I verify that it > exists by retrieving it with command: > openssl cms -verify -in infile.ini -certsout cert_to_test.pem and > I test the certificate and it works. > > Now I want to retrieve the certificate in C, using openssl library. > I read the CMS message file, then I read the SMIME and trz to get > the signer. Here is the function called: > > pBioFile= BIO_new_file(file, "r"); > > pCms = SMIME_read_CMS(pBioFile, NULL); > > pCms_signer = CMS_get0_SignerInfos(pCms); > > sk_CMS_SignerInfo_num(pskCms_signer ) -> return 0 meaning no > certificates were found. >
No, that means no signers were found which is a little strange if you signed the original message. What command did you use? If you didn't sign the message and just included the certificate (this is sometimes done as a way of packaging multiple certificates). then you just want to retrieve all certificates in the message. You can use CMS_get1_certs() for that. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
