|
|
|
|
Bookmark this on Delicious
Share on Facebook
 Slashdot It!
Digg  openssl_pkcs7_verify
Verifies the signature of an S/MIME signed message
(PHP 4 >= 4.0.6, PHP 5)
Code Examples / Notes » openssl_pkcs7_verify14-feb-2006 12:59
There is a hidden sixth argument: string pointing to a file where the contents of the signed message should be saved. It is very important for verifying signed and encrypted messages from MS Outlook which uses opaque signing. After decrypting of message you will get another MIME envelope like this: MIME-Version: 1.0 Content-Disposition: attachment; filename="smime.p7m" Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m" Content-Transfer-Encoding: base64 MIIM/QYJ... Even if you use base64_decode() you will not get decrypted message but PKCS #7 object. BTW: How to create opaque signed message like from MS Outlook? Switch off PKCS7_DETACHED flag (the last 0 does it): openssl_pkcs7_sign( "full_path_to_message_file", "full_path_where_to_store_signed_message_file", "file://full_path_to_my_public_certificate.pem", array("file://full_path_to_my_private_key.pem", "password"), array(), 0 ); hema
As someone already mentioned in the previous comment it didn't work for me until I passed in that hidden sixth argument and also explicitly add the mime header into the $in_filename contents. (I am using PHP5) $data = file_get_contents($in_filename); file_put_contents($in_filename, "MIME-Version: 1.0\nContent-Disposition: attachment; filename=\"smime.p7m\"\nContent-Type: app lication/x-pkcs7-mime; name=\"smime.p7m\"\nContent-Transfer-Encoding: base64\n\n$data"); openssl_pkcs7_verify("$in_filename", $flag, "$out_filename.cert", array($path_to_cert), $path_to_cert, $out_filename)); |
Change Language
openssl_csr_export_to_file openssl_csr_export openssl_csr_get_public_key openssl_csr_get_subject openssl_csr_new openssl_csr_sign openssl_error_string openssl_free_key openssl_get_privatekey openssl_get_publickey openssl_open openssl_pkcs12_export_to_file openssl_pkcs12_export openssl_pkcs12_read openssl_pkcs7_decrypt openssl_pkcs7_encrypt openssl_pkcs7_sign openssl_pkcs7_verify openssl_pkey_export_to_file openssl_pkey_export openssl_pkey_free openssl_pkey_get_details openssl_pkey_get_private openssl_pkey_get_public openssl_pkey_new openssl_private_decrypt openssl_private_encrypt openssl_public_decrypt openssl_public_encrypt openssl_seal openssl_sign openssl_verify openssl_x509_check_private_key openssl_x509_checkpurpose openssl_x509_export_to_file openssl_x509_export openssl_x509_free openssl_x509_parse openssl_x509_read |
