1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
#include <botan/botan.h>
#include <botan/pkcs8.h>
#include <botan/cms_dec.h>
using namespace Botan;
#include <iostream>
#include <memory>
int main(int argc, char* argv[])
{
if(argc != 2)
{
printf("Usage: %s <filename>\n", argv[0]);
return 1;
}
LibraryInitializer init;
try {
std::auto_ptr<RandomNumberGenerator> rng(
RandomNumberGenerator::make_rng());
X509_Certificate mycert("mycert.pem");
PKCS8_PrivateKey* mykey = PKCS8::load_key("mykey.pem", *rng, "cut");
X509_Certificate yourcert("yourcert.pem");
X509_Certificate cacert("cacert.pem");
X509_Certificate int_ca("int_ca.pem");
X509_Store store;
store.add_cert(mycert);
store.add_cert(yourcert);
store.add_cert(cacert, true);
store.add_cert(int_ca);
DataSource_Stream message(argv[1]);
User_Interface ui;
CMS_Decoder decoder(message, store, ui, mykey);
while(decoder.layer_type() != CMS_Decoder::DATA)
{
CMS_Decoder::Status status = decoder.layer_status();
CMS_Decoder::Content_Type content = decoder.layer_type();
if(status == CMS_Decoder::FAILURE)
{
std::cout << "Failure reading CMS data" << std::endl;
break;
}
if(content == CMS_Decoder::DIGESTED)
{
std::cout << "Digested data, hash = " << decoder.layer_info()
<< std::endl;
std::cout << "Hash is "
<< ((status == CMS_Decoder::GOOD) ? "good" : "bad")
<< std::endl;
}
if(content == CMS_Decoder::SIGNED)
{
// how to handle multiple signers? they can all exist within a
// single level...
std::cout << "Signed by " << decoder.layer_info() << std::endl;
//std::cout << "Sign time: " << decoder.xxx() << std::endl;
std::cout << "Signature is ";
if(status == CMS_Decoder::GOOD)
std::cout << "valid";
else if(status == CMS_Decoder::BAD)
std::cout << "bad";
else if(status == CMS_Decoder::NO_KEY)
std::cout << "(cannot check, no known cert)";
std::cout << std::endl;
}
if(content == CMS_Decoder::ENVELOPED ||
content == CMS_Decoder::COMPRESSED ||
content == CMS_Decoder::AUTHENTICATED)
{
if(content == CMS_Decoder::ENVELOPED)
std::cout << "Enveloped";
if(content == CMS_Decoder::COMPRESSED)
std::cout << "Compressed";
if(content == CMS_Decoder::AUTHENTICATED)
std::cout << "MACed";
std::cout << ", algo = " << decoder.layer_info() << std::endl;
if(content == CMS_Decoder::AUTHENTICATED)
{
std::cout << "MAC status is ";
if(status == CMS_Decoder::GOOD)
std::cout << "valid";
else if(status == CMS_Decoder::BAD)
std::cout << "bad";
else if(status == CMS_Decoder::NO_KEY)
std::cout << "(cannot check, no key)";
std::cout << std::endl;
}
}
decoder.next_layer();
}
if(decoder.layer_type() == CMS_Decoder::DATA)
std::cout << "Message is \"" << decoder.get_data()
<< '"' << std::endl;
else
std::cout << "No data anywhere?" << std::endl;
}
catch(std::exception& e)
{
std::cerr << e.what() << std::endl;
}
return 0;
}
|