Sample code for 30+ languages & platforms
Unicode C

openssl smime -encrypt -des3 -in <file> <pem file>

See more OpenSSL Examples

OpenSSL SMIME encrypt file using PEM containing a certificate.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkPemW.h>
#include <C_CkCertW.h>
#include <C_CkCrypt2W.h>
#include <C_CkBinDataW.h>
#include <C_CkStringBuilderW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkPemW pem;
    HCkCertW cert;
    HCkCrypt2W crypt;
    HCkBinDataW bd;
    HCkStringBuilderW sbEncryptedMime;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Load the cert from a PEM file.

    pem = CkPemW_Create();
    // Our particular PEM was not encrypted, so we pass an empty password.
    // Also, a private key is not needed for encryption.  The PEM used to test this example
    // happens to have a private key, but it's not actually used.
    success = CkPemW_LoadPemFile(pem,L"qa_data/openssl/rsaCertAndKey.pem",L"");
    if (success == FALSE) {
        wprintf(L"%s\n",CkPemW_lastErrorText(pem));
        CkPemW_Dispose(pem);
        return;
    }

    if (CkPemW_getNumCerts(pem) == 0) {
        wprintf(L"PEM does not contain any certificates.\n");
        CkPemW_Dispose(pem);
        return;
    }

    cert = CkPemW_GetCert(pem,0);
    if (CkPemW_getLastMethodSuccess(pem) == FALSE) {
        wprintf(L"%s\n",CkPemW_lastErrorText(pem));
        CkPemW_Dispose(pem);
        return;
    }

    // -------------------------------------------------------------------------------------
    // Duplicate this OpenSSL command:   openssl smime -encrypt -des3 -in <file> <pem file>
    // -------------------------------------------------------------------------------------
    crypt = CkCrypt2W_Create();
    success = CkCrypt2W_SetEncryptCert(crypt,cert);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCrypt2W_lastErrorText(crypt));
        CkCertW_Dispose(cert);
        CkPemW_Dispose(pem);
        CkCrypt2W_Dispose(crypt);
        return;
    }

    CkCertW_Dispose(cert);

    CkCrypt2W_putCryptAlgorithm(crypt,L"PKI");
    CkCrypt2W_putPkcs7CryptAlg(crypt,L"3des");
    CkCrypt2W_putKeyLength(crypt,168);

    // Load the file to be encrypted.
    bd = CkBinDataW_Create();
    success = CkBinDataW_LoadFile(bd,L"qa_data/openssl/hello.txt");
    if (success == FALSE) {
        wprintf(L"Failed to load the input file.\n");
        CkPemW_Dispose(pem);
        CkCrypt2W_Dispose(crypt);
        CkBinDataW_Dispose(bd);
        return;
    }

    // Encrypt.
    success = CkCrypt2W_EncryptBd(crypt,bd);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCrypt2W_lastErrorText(crypt));
        CkPemW_Dispose(pem);
        CkCrypt2W_Dispose(crypt);
        CkBinDataW_Dispose(bd);
        return;
    }

    // The openssl smime -encrypt command produces encrypte MIME such as this:

    // MIME-Version: 1.0
    // Content-Disposition: attachment; filename="smime.p7m"
    // Content-Type: application/x-pkcs7-mime; smime-type=enveloped-data; name="smime.p7m"
    // Content-Transfer-Encoding: base64
    // 
    // MIICzwYJKoZIhvcNAQcDoIICwDCCArwCAQAxggF8MIIBeAIBADBgMEoxCzAJBgNVBAYTAlVTMRYw
    // FAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQDExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBY
    // MwISA9Nqgb1dH/XTDNeKzN1nR85iMA0GCSqGSIb3DQEBAQUABIIBAIQqPexjxWovgxwKV/r3HL/U
    // EP9Yozvz5hBeX5VvRZjKSi4FRw5wapElPK+4FB82hiAR9Mi3c16PvPSVkJv3l78Mv5uaaOs/OmUz
    // mIHFB6Z+l2E52BDmUVWJZTQ09vdWy6+NIRlg2R9Z1NkmZ4BZCJk6mHB/Yx03IaOxK8LnwieDMthM
    // SvxbhJnIOISN7k7ofs+/0vTXUpdQ+tlmwyVySMGQ6VMk+z4sqZJ2stacqCPtt/aiSwJ9p0OKmihf
    // 3KDJceXJtavIQeA97yz1LqPvle35mmd5sBhV9qQYdTV/KJ+YM5uEZ9BHYbvMJbADFHwKzhcEY3qA
    // 7T9acmEsb7NycOIwggE1BgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECERX/ZoHweSkgIIBEMmCMx49
    // zjVAnGqRaBbvzQT1hg0uQSxIJjxMxC+HSuM+eY9oSOsbrw4uIijHKH9NdOpeDsdRzg2z5EBM7AlP
    // Ht9DyPW5C2deV6RPX4F8gyExz+JUXrd+3Yb3AKTdpDkTWDmNCeO0r/YSqp518+mfU5hG8e336u51
    // HAM44FeknA8oThWsD/wUB1e8vzsatK4UXW/KSu/166V7z+VT86kd+IHa7t60U9Yp0ZXgcM5Pb5Ni
    // 69Qc5MKPzom2801H5UR/WjCgsxOIjOj49sKisjRy79skrJzxY5ZG05T0dKn6KC3TjRpIEEeOyhCd
    // Nm2Y7dcW8GLMepdhWay5vePmQxmvmhbAtBprIem14NcrYeG6D5wP

    // We have the body in bd
    // Construct the header and base64 body...
    sbEncryptedMime = CkStringBuilderW_Create();

    CkStringBuilderW_AppendLine(sbEncryptedMime,L"MIME-Version: 1.0",TRUE);
    CkStringBuilderW_AppendLine(sbEncryptedMime,L"Content-Disposition: attachment; filename=\"smime.p7m\"",TRUE);
    CkStringBuilderW_AppendLine(sbEncryptedMime,L"Content-Type: application/x-pkcs7-mime; smime-type=enveloped-data; name=\"smime.p7m\"",TRUE);
    CkStringBuilderW_AppendLine(sbEncryptedMime,L"Content-Transfer-Encoding: base64",TRUE);
    CkStringBuilderW_AppendLine(sbEncryptedMime,L"",TRUE);
    CkStringBuilderW_AppendLine(sbEncryptedMime,CkBinDataW_getEncoded(bd,L"base64_mime"),TRUE);

    // Show the result.
    wprintf(L"%s\n",CkStringBuilderW_getAsString(sbEncryptedMime));

    // or save to a file..
    success = CkStringBuilderW_WriteFile(sbEncryptedMime,L"qa_output/encryptedMime.txt",L"utf-8",FALSE);


    CkPemW_Dispose(pem);
    CkCrypt2W_Dispose(crypt);
    CkBinDataW_Dispose(bd);
    CkStringBuilderW_Dispose(sbEncryptedMime);

    }