summaryrefslogtreecommitdiff
path: root/CryptoPkg/Library/OpensslLib/openssl/demos/smime
diff options
context:
space:
mode:
Diffstat (limited to 'CryptoPkg/Library/OpensslLib/openssl/demos/smime')
-rw-r--r--CryptoPkg/Library/OpensslLib/openssl/demos/smime/encr.txt3
-rw-r--r--CryptoPkg/Library/OpensslLib/openssl/demos/smime/sign.txt3
-rw-r--r--CryptoPkg/Library/OpensslLib/openssl/demos/smime/smdec.c78
-rw-r--r--CryptoPkg/Library/OpensslLib/openssl/demos/smime/smenc.c91
-rw-r--r--CryptoPkg/Library/OpensslLib/openssl/demos/smime/smsign.c88
-rw-r--r--CryptoPkg/Library/OpensslLib/openssl/demos/smime/smsign2.c96
-rw-r--r--CryptoPkg/Library/OpensslLib/openssl/demos/smime/smver.c83
7 files changed, 442 insertions, 0 deletions
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/smime/encr.txt b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/encr.txt
new file mode 100644
index 00000000..f163a326
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/encr.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Sample OpenSSL Data for PKCS#7 encryption
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/smime/sign.txt b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/sign.txt
new file mode 100644
index 00000000..af1341d0
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/sign.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Test OpenSSL Signed Content
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smdec.c b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smdec.c
new file mode 100644
index 00000000..c4d1b090
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smdec.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME signing example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+ BIO *in = NULL, *out = NULL, *tbio = NULL;
+ X509 *rcert = NULL;
+ EVP_PKEY *rkey = NULL;
+ PKCS7 *p7 = NULL;
+ int ret = 1;
+
+ OpenSSL_add_all_algorithms();
+ ERR_load_crypto_strings();
+
+ /* Read in recipient certificate and private key */
+ tbio = BIO_new_file("signer.pem", "r");
+
+ if (!tbio)
+ goto err;
+
+ rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+ BIO_reset(tbio);
+
+ rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+ if (!rcert || !rkey)
+ goto err;
+
+ /* Open content being signed */
+
+ in = BIO_new_file("smencr.txt", "r");
+
+ if (!in)
+ goto err;
+
+ /* Sign content */
+ p7 = SMIME_read_PKCS7(in, NULL);
+
+ if (!p7)
+ goto err;
+
+ out = BIO_new_file("encrout.txt", "w");
+ if (!out)
+ goto err;
+
+ /* Decrypt S/MIME message */
+ if (!PKCS7_decrypt(p7, rkey, rcert, out, 0))
+ goto err;
+
+ ret = 0;
+
+ err:
+ if (ret) {
+ fprintf(stderr, "Error Signing Data\n");
+ ERR_print_errors_fp(stderr);
+ }
+ PKCS7_free(p7);
+ X509_free(rcert);
+ EVP_PKEY_free(rkey);
+ BIO_free(in);
+ BIO_free(out);
+ BIO_free(tbio);
+
+ return ret;
+
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smenc.c b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smenc.c
new file mode 100644
index 00000000..5d36e9a4
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smenc.c
@@ -0,0 +1,91 @@
+/*
+ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME encrypt example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+ BIO *in = NULL, *out = NULL, *tbio = NULL;
+ X509 *rcert = NULL;
+ STACK_OF(X509) *recips = NULL;
+ PKCS7 *p7 = NULL;
+ int ret = 1;
+
+ /*
+ * On OpenSSL 0.9.9 only:
+ * for streaming set PKCS7_STREAM
+ */
+ int flags = PKCS7_STREAM;
+
+ OpenSSL_add_all_algorithms();
+ ERR_load_crypto_strings();
+
+ /* Read in recipient certificate */
+ tbio = BIO_new_file("signer.pem", "r");
+
+ if (!tbio)
+ goto err;
+
+ rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+ if (!rcert)
+ goto err;
+
+ /* Create recipient STACK and add recipient cert to it */
+ recips = sk_X509_new_null();
+
+ if (!recips || !sk_X509_push(recips, rcert))
+ goto err;
+
+ /*
+ * sk_X509_pop_free will free up recipient STACK and its contents so set
+ * rcert to NULL so it isn't freed up twice.
+ */
+ rcert = NULL;
+
+ /* Open content being encrypted */
+
+ in = BIO_new_file("encr.txt", "r");
+
+ if (!in)
+ goto err;
+
+ /* encrypt content */
+ p7 = PKCS7_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+ if (!p7)
+ goto err;
+
+ out = BIO_new_file("smencr.txt", "w");
+ if (!out)
+ goto err;
+
+ /* Write out S/MIME message */
+ if (!SMIME_write_PKCS7(out, p7, in, flags))
+ goto err;
+
+ ret = 0;
+
+ err:
+ if (ret) {
+ fprintf(stderr, "Error Encrypting Data\n");
+ ERR_print_errors_fp(stderr);
+ }
+ PKCS7_free(p7);
+ X509_free(rcert);
+ sk_X509_pop_free(recips, X509_free);
+ BIO_free(in);
+ BIO_free(out);
+ BIO_free(tbio);
+ return ret;
+
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smsign.c b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smsign.c
new file mode 100644
index 00000000..ba0adb39
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smsign.c
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME signing example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+ BIO *in = NULL, *out = NULL, *tbio = NULL;
+ X509 *scert = NULL;
+ EVP_PKEY *skey = NULL;
+ PKCS7 *p7 = NULL;
+ int ret = 1;
+
+ /*
+ * For simple S/MIME signing use PKCS7_DETACHED. On OpenSSL 0.9.9 only:
+ * for streaming detached set PKCS7_DETACHED|PKCS7_STREAM for streaming
+ * non-detached set PKCS7_STREAM
+ */
+ int flags = PKCS7_DETACHED | PKCS7_STREAM;
+
+ OpenSSL_add_all_algorithms();
+ ERR_load_crypto_strings();
+
+ /* Read in signer certificate and private key */
+ tbio = BIO_new_file("signer.pem", "r");
+
+ if (!tbio)
+ goto err;
+
+ scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+ BIO_reset(tbio);
+
+ skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+ if (!scert || !skey)
+ goto err;
+
+ /* Open content being signed */
+
+ in = BIO_new_file("sign.txt", "r");
+
+ if (!in)
+ goto err;
+
+ /* Sign content */
+ p7 = PKCS7_sign(scert, skey, NULL, in, flags);
+
+ if (!p7)
+ goto err;
+
+ out = BIO_new_file("smout.txt", "w");
+ if (!out)
+ goto err;
+
+ if (!(flags & PKCS7_STREAM))
+ BIO_reset(in);
+
+ /* Write out S/MIME message */
+ if (!SMIME_write_PKCS7(out, p7, in, flags))
+ goto err;
+
+ ret = 0;
+
+ err:
+ if (ret) {
+ fprintf(stderr, "Error Signing Data\n");
+ ERR_print_errors_fp(stderr);
+ }
+ PKCS7_free(p7);
+ X509_free(scert);
+ EVP_PKEY_free(skey);
+ BIO_free(in);
+ BIO_free(out);
+ BIO_free(tbio);
+
+ return ret;
+
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smsign2.c b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smsign2.c
new file mode 100644
index 00000000..2b7f45b2
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smsign2.c
@@ -0,0 +1,96 @@
+/*
+ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* S/MIME signing example: 2 signers. OpenSSL 0.9.9 only */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+ BIO *in = NULL, *out = NULL, *tbio = NULL;
+ X509 *scert = NULL, *scert2 = NULL;
+ EVP_PKEY *skey = NULL, *skey2 = NULL;
+ PKCS7 *p7 = NULL;
+ int ret = 1;
+
+ OpenSSL_add_all_algorithms();
+ ERR_load_crypto_strings();
+
+ tbio = BIO_new_file("signer.pem", "r");
+
+ if (!tbio)
+ goto err;
+
+ scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+ BIO_reset(tbio);
+
+ skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+ BIO_free(tbio);
+
+ tbio = BIO_new_file("signer2.pem", "r");
+
+ if (!tbio)
+ goto err;
+
+ scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+ BIO_reset(tbio);
+
+ skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+ if (!scert2 || !skey2)
+ goto err;
+
+ in = BIO_new_file("sign.txt", "r");
+
+ if (!in)
+ goto err;
+
+ p7 = PKCS7_sign(NULL, NULL, NULL, in, PKCS7_STREAM | PKCS7_PARTIAL);
+
+ if (!p7)
+ goto err;
+
+ /* Add each signer in turn */
+
+ if (!PKCS7_sign_add_signer(p7, scert, skey, NULL, 0))
+ goto err;
+
+ if (!PKCS7_sign_add_signer(p7, scert2, skey2, NULL, 0))
+ goto err;
+
+ out = BIO_new_file("smout.txt", "w");
+ if (!out)
+ goto err;
+
+ /* NB: content included and finalized by SMIME_write_PKCS7 */
+
+ if (!SMIME_write_PKCS7(out, p7, in, PKCS7_STREAM))
+ goto err;
+
+ ret = 0;
+
+ err:
+ if (ret) {
+ fprintf(stderr, "Error Signing Data\n");
+ ERR_print_errors_fp(stderr);
+ }
+ PKCS7_free(p7);
+ X509_free(scert);
+ EVP_PKEY_free(skey);
+ X509_free(scert2);
+ EVP_PKEY_free(skey2);
+ BIO_free(in);
+ BIO_free(out);
+ BIO_free(tbio);
+ return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smver.c b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smver.c
new file mode 100644
index 00000000..75411c40
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/smime/smver.c
@@ -0,0 +1,83 @@
+/*
+ * Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME verification example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+ BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL;
+ X509_STORE *st = NULL;
+ X509 *cacert = NULL;
+ PKCS7 *p7 = NULL;
+
+ int ret = 1;
+
+ OpenSSL_add_all_algorithms();
+ ERR_load_crypto_strings();
+
+ /* Set up trusted CA certificate store */
+
+ st = X509_STORE_new();
+
+ /* Read in signer certificate and private key */
+ tbio = BIO_new_file("cacert.pem", "r");
+
+ if (!tbio)
+ goto err;
+
+ cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+ if (!cacert)
+ goto err;
+
+ if (!X509_STORE_add_cert(st, cacert))
+ goto err;
+
+ /* Open content being signed */
+
+ in = BIO_new_file("smout.txt", "r");
+
+ if (!in)
+ goto err;
+
+ /* Sign content */
+ p7 = SMIME_read_PKCS7(in, &cont);
+
+ if (!p7)
+ goto err;
+
+ /* File to output verified content to */
+ out = BIO_new_file("smver.txt", "w");
+ if (!out)
+ goto err;
+
+ if (!PKCS7_verify(p7, NULL, st, cont, out, 0)) {
+ fprintf(stderr, "Verification Failure\n");
+ goto err;
+ }
+
+ fprintf(stderr, "Verification Successful\n");
+
+ ret = 0;
+
+ err:
+ if (ret) {
+ fprintf(stderr, "Error Verifying Data\n");
+ ERR_print_errors_fp(stderr);
+ }
+ PKCS7_free(p7);
+ X509_free(cacert);
+ BIO_free(in);
+ BIO_free(out);
+ BIO_free(tbio);
+ return ret;
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-25 21:57:05 +0000