smime_verify — Verifies signature of signed MIME message


varchar smime_verify ( in msg_text varchar ,
in certs any ,
out signer_certs any ,
in flags integer );


This function takes the RFC822 text of an e-mail containing an S/MIME signed message and verifies it's signature using the CA certificates in certs, which is an array of strings containing single or multiple PEM-encoded certificates.



The text of the message


array of strings containing CA certificates


for receipt of PEM encoded certificates


A bitmask. See table below for valid mask values. Default is 0.

Table24.80.Bit values for flags

Mask Name Description
0x1 PKCS7_TEXT strip the text/plain content type header (if present). If no such header generate an error.
0x4 PKCS7_NOSIGS don't verify the signatures
0x8 PKCS7_NOCHAIN don't descend into the signer's certificate chain when verifying
0x10 PKCS7_NOINTERN return only non-internal certificates in signer_certs
0x20 PKCS7_NOVERIFY don't verify the signer's certificates

Return Types

If the signer_certs is supplied, an array of PEM encoded certificates of the signers is returned.


Example24.374.Verifying a Signed MIME Message

Example (where signed.eml contains the output from smime_sign.

select smime_verify (file_to_string ('signed.eml'),
  vector (file_to_string ('thwate_ca.pem')), NULL, 1)

just a test