1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
-
- This file is part of the OpenLink Software Virtuoso Open-Source (VOS)
- project.
-
- Copyright (C) 1998-2018 OpenLink Software
-
- This project is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by the
- Free Software Foundation; only version 2 of the License, dated June 1991.
-
- This program is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-
-
-->
<refentry id="fn_smime_verify">
<refmeta>
<refentrytitle>smime_verify</refentrytitle>
<refmiscinfo>mail</refmiscinfo>
</refmeta>
<refnamediv>
<refname>smime_verify</refname>
<refpurpose>Verifies signature of signed MIME message</refpurpose>
</refnamediv>
<refsynopsisdiv>
<funcsynopsis id="fsyn_smime_verify">
<funcprototype id="fproto_smime_verify">
<funcdef>varchar <function>smime_verify</function></funcdef>
<paramdef>in <parameter>msg_text</parameter> varchar</paramdef>
<paramdef>in <parameter>certs</parameter> any</paramdef>
<paramdef><optional>out <parameter>signer_certs</parameter> any</optional></paramdef>
<paramdef><optional>in <parameter>flags</parameter> integer</optional></paramdef>
</funcprototype>
</funcsynopsis>
</refsynopsisdiv>
<refsect1 id="desc_smime_verify"><title>Description</title>
<para>
This function takes the RFC822 text of an e-mail containing an S/MIME signed
message and verifies it's signature using the CA certificates in certs, which
is an array of strings containing single or multiple PEM-encoded certificates.
</para></refsect1>
<refsect1 id="params_smime_verify"><title>Parameters</title>
<refsect2><title>msg_text</title>
<para>The text of the message</para></refsect2>
<refsect2><title>certs</title>
<para>array of strings containing CA certificates</para></refsect2>
<refsect2><title>signer_certs</title>
<para>for receipt of PEM encoded certificates</para></refsect2>
<refsect2><title>flags</title>
<para>A bitmask. See table below for valid mask values. Default is 0.</para>
<table><title>Bit values for <parameter>flags</parameter></title>
<tgroup cols="3">
<thead>
<row>
<entry>Mask</entry>
<entry>Name</entry>
<entry>Description</entry>
</row>
</thead>
<tbody>
<row>
<entry>0x1</entry>
<entry>PKCS7_TEXT</entry>
<entry>strip the text/plain content type header (if present).
If no such header generate an error.</entry>
</row>
<row>
<entry>0x4</entry>
<entry>PKCS7_NOSIGS</entry>
<entry>don't verify the signatures</entry>
</row>
<row>
<entry>0x8</entry>
<entry>PKCS7_NOCHAIN</entry>
<entry>don't descend into the signer's certificate chain when verifying</entry>
</row>
<row>
<entry>0x10</entry>
<entry>PKCS7_NOINTERN</entry>
<entry>return only non-internal certificates in signer_certs</entry>
</row>
<row>
<entry>0x20</entry>
<entry>PKCS7_NOVERIFY</entry>
<entry>don't verify the signer's certificates</entry>
</row>
</tbody>
</tgroup>
</table>
</refsect2>
</refsect1>
<refsect1 id="ret_smime_verify"><title>Return Types</title>
<para>If the signer_certs is supplied, an array of PEM encoded certificates
of the signers is returned.</para>
</refsect1>
<!--refsect1 id="errors_smime_verify"><title>Errors</title>
<table><title>Errors signalled by <function>smime_verify</function></title>
<tgroup cols="4">
<thead>
<row>
<entry>SQLState</entry>
<entry>Error Code</entry>
<entry>Error Text</entry>
<entry>Description</entry>
</row>
</thead>
<tbody>
<row>
<entry><errorcode></errorcode></entry>
<entry><errorcode></errorcode></entry>
<entry><errorname></errorname></entry>
<entry></entry>
</row>
</tbody>
</tgroup>
</table>
</refsect1-->
<refsect1 id="examples_smime_verify"><title>Examples</title>
<example id="ex_smime_verify"><title>Verifying a Signed MIME Message</title>
<para>Example (where signed.eml contains the output from smime_sign.</para>
<programlisting>
select smime_verify (file_to_string ('signed.eml'),
vector (file_to_string ('thwate_ca.pem')), NULL, 1)
_______________________________________________________________________________
just a test
_______________________________________________________________________________
</programlisting>
</example>
</refsect1>
<refsect1 id="seealso_smime_verify"><title>See Also</title>
<para><link linkend="fn_smime_sign">smime_sign</link></para>
<para><link linkend="fn_smime_encrypt">smime_encrypt</link></para>
<para><link linkend="fn_smime_decrypt">smime_decrypt</link></para>
<para><link linkend="fn_pem_certificates_to_array">pem_certificates_to_array</link></para>
</refsect1>
</refentry>
|
