CMS_verify_receiptverify a CMS signed receipt

#include <openssl/cms.h>

CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags);

() verifies a CMS signed receipt. rcms is the signed receipt to verify. ocms is the original SignedData structure containing the receipt request. certs is a set of certificates in which to search for the signing certificate. store is a trusted certificate store (used for chain verification).

This functions behaves in a similar way to CMS_verify(3) except that the flags values CMS_DETACHED, CMS_BINARY, CMS_TEXT, and CMS_STREAM are not supported since they do not make sense in the context of signed receipts.

CMS_verify_receipt() returns 1 for a successful verification or 0 if an error occurred.

The error can be obtained from ERR_get_error(3).

CMS_ContentInfo_new(3), CMS_get1_ReceiptRequest(3), CMS_sign_receipt(3), CMS_verify(3)

RFC 2634: Enhanced Security Services for S/MIME, section 2.8: Receipt Syntax

CMS_verify_receipt() first appeared in OpenSSL 0.9.8h and has been available since OpenBSD 6.7.

November 2, 2019 OpenBSD 7.5