int VerifyPkcs7Signature(PKCS7 *pkcs7)
{
BIO *p7bio = NULL;
int res = 0;
char buf[1024*4];
STACK_OF(PKCS7_SIGNER_INFO) *sk;
PKCS7_SIGNER_INFO *si;
X509 * x509;
int i;
//p7bio = PKCS7_dataInit(pkcs7,NULL);
p7bio = PKCS7_dataDecode(pkcs7, 0, 0, 0);
// We now have to 'read' from p7bio to calculate digests etc.
for (;;)
{
i=BIO_read(p7bio,buf,sizeof(buf));
if (i <= 0)
break;
}
// We can now verify signatures
sk = PKCS7_get_signer_info(pkcs7);
if (sk == NULL)
{
goto end;
}
else
{
if (sk_PKCS7_SIGNER_INFO_num(sk) == 0)
{
goto end;
}
/* Ok, first we need to, for each subject entry,
* see if we can verify */
for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sk); i++)
{
si = sk_PKCS7_SIGNER_INFO_value(sk, i);
x509 = X509_find_by_issuer_and_serial(pkcs7->d.sign->cert,si->issuer_and_serial->issuer,si->issuer_and_serial->serial);
i = PKCS7_signatureVerify(p7bio, pkcs7, si, x509);
if (i <= 0)
goto end;
}
}
res = 1;
end:
if (p7bio)
BIO_free_all(p7bio);
return res;
}