There is a hidden sixth argument: string pointing to a file where the contents of the signed message should be saved.
It is very important for verifying signed and encrypted messages from MS Outlook which uses opaque signing. After decrypting of message you will get another MIME envelope like this:
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m"
Even if you use base64_decode() you will not get decrypted message but PKCS #7 object.
BTW: How to create opaque signed message like from MS Outlook? Switch off PKCS7_DETACHED flag (the last 0 does it):
(PHP 4 >= 4.0.6, PHP 5)
openssl_pkcs7_verify — Verifies the signature of an S/MIME signed message
openssl_pkcs7_verify() reads the S/MIME message contained in the given file and examines the digital signature.
Elenco dei parametri
Path to the message.
flagscan be used to affect how the signature is verified - see PKCS7 constants for more information.
outfilenameis specified, it should be a string holding the name of a file into which the certificates of the persons that signed the messages will be stored in PEM format.
cainfois specified, it should hold information about the trusted CA certificates to use in the verification process - see certificate verification for more information about this parameter.
extracertsis specified, it is the filename of a file containing a bunch of certificates to use as untrusted CAs.
You can specify a filename with
contentthat will be filled with the verified data, but with the signature information stripped.
TRUE if the signature is verified,
FALSE if it is not correct
(the message has been tampered with, or the signing certificate is invalid),
or -1 on error.
Log delle modifiche
Nota: As specified in RFC 2045, lines may not be longer than 76 characters in the