--- /dev/null
+/* S/MIME detached data decrypt example: rarely done but
+ * should the need arise this is an example....
+ */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+ {
+ BIO *in = NULL, *out = NULL, *tbio = NULL, *dcont = NULL;
+ X509 *rcert = NULL;
+ EVP_PKEY *rkey = NULL;
+ CMS_ContentInfo *cms = NULL;
+ int ret = 1;
+
+ OpenSSL_add_all_algorithms();
+ ERR_load_crypto_strings();
+
+ /* Read in recipient certificate and private key */
+ tbio = BIO_new_file("signer.pem", "r");
+
+ if (!tbio)
+ goto err;
+
+ rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+ BIO_reset(tbio);
+
+ rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+ if (!rcert || !rkey)
+ goto err;
+
+ /* Open PEM file containing enveloped data */
+
+ in = BIO_new_file("smencr.pem", "r");
+
+ if (!in)
+ goto err;
+
+ /* Parse PEM content */
+ cms = PEM_read_bio_CMS(in, NULL, 0, NULL);
+
+ if (!cms)
+ goto err;
+
+ /* Open file containing detached content */
+ dcont = BIO_new_file("smencr.out", "rb");
+
+ if (!in)
+ goto err;
+
+ out = BIO_new_file("encrout.txt", "w");
+ if (!out)
+ goto err;
+
+ /* Decrypt S/MIME message */
+ if (!CMS_decrypt(cms, rkey, rcert, dcont, out, 0))
+ goto err;
+
+ ret = 0;
+
+ err:
+
+ if (ret)
+ {
+ fprintf(stderr, "Error Decrypting Data\n");
+ ERR_print_errors_fp(stderr);
+ }
+
+ if (cms)
+ CMS_ContentInfo_free(cms);
+ if (rcert)
+ X509_free(rcert);
+ if (rkey)
+ EVP_PKEY_free(rkey);
+
+ if (in)
+ BIO_free(in);
+ if (out)
+ BIO_free(out);
+ if (tbio)
+ BIO_free(tbio);
+ if (dcont)
+ BIO_free(dcont);
+
+ return ret;
+
+ }
if (!rcert || !rkey)
goto err;
- /* Open content being signed */
+ /* Open S/MIME message to decrypt */
in = BIO_new_file("smencr.txt", "r");
if (!in)
goto err;
- /* Sign content */
+ /* Parse message */
cms = SMIME_read_CMS(in, NULL);
if (!cms)
goto err;
- out = BIO_new_file("encrout.txt", "w");
+ out = BIO_new_file("decout.txt", "w");
if (!out)
goto err;
if (ret)
{
- fprintf(stderr, "Error Signing Data\n");
+ fprintf(stderr, "Error Decrypting Data\n");
ERR_print_errors_fp(stderr);
}
--- /dev/null
+/* S/MIME detached data encrypt example: rarely done but
+ * should the need arise this is an example....
+ */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+ {
+ BIO *in = NULL, *out = NULL, *tbio = NULL, *dout = NULL;
+ X509 *rcert = NULL;
+ STACK_OF(X509) *recips = NULL;
+ CMS_ContentInfo *cms = NULL;
+ int ret = 1;
+
+ int flags = CMS_STREAM|CMS_DETACHED;
+
+ OpenSSL_add_all_algorithms();
+ ERR_load_crypto_strings();
+
+ /* Read in recipient certificate */
+ tbio = BIO_new_file("signer.pem", "r");
+
+ if (!tbio)
+ goto err;
+
+ rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+ if (!rcert)
+ goto err;
+
+ /* Create recipient STACK and add recipient cert to it */
+ recips = sk_X509_new_null();
+
+ if (!recips || !sk_X509_push(recips, rcert))
+ goto err;
+
+ /* sk_X509_pop_free will free up recipient STACK and its contents
+ * so set rcert to NULL so it isn't freed up twice.
+ */
+ rcert = NULL;
+
+ /* Open content being encrypted */
+
+ in = BIO_new_file("encr.txt", "r");
+
+ dout = BIO_new_file("smencr.out", "wb");
+
+ if (!in)
+ goto err;
+
+ /* encrypt content */
+ cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+ if (!cms)
+ goto err;
+
+ out = BIO_new_file("smencr.pem", "w");
+ if (!out)
+ goto err;
+
+ if (!CMS_final(cms, in, dout, flags))
+ goto err;
+
+ /* Write out CMS structure without content */
+ if (!PEM_write_bio_CMS(out, cms))
+ goto err;
+
+ ret = 0;
+
+ err:
+
+ if (ret)
+ {
+ fprintf(stderr, "Error Encrypting Data\n");
+ ERR_print_errors_fp(stderr);
+ }
+
+ if (cms)
+ CMS_ContentInfo_free(cms);
+ if (rcert)
+ X509_free(rcert);
+ if (recips)
+ sk_X509_pop_free(recips, X509_free);
+
+ if (in)
+ BIO_free(in);
+ if (out)
+ BIO_free(out);
+ if (dout)
+ BIO_free(dout);
+ if (tbio)
+ BIO_free(tbio);
+
+ return ret;
+
+ }
projects / openssl.git / commitdiff