Verify signed message with M2Crypto for a self signed certificate

Question

I am trying to replicate this openssl command with M2Crypto

openssl smime -verify -in local_files/auth_data.pem.pk7 -inform PEM -certfile certificate.crt -noverify

My code looks like this:

smime = M2Crypto.SMIME.SMIME()

x509_store = M2Crypto.X509.X509_Store()
x509_store.load_info(ca_file)
smime.set_x509_store(x509_store)

x509_stack = M2Crypto.X509.X509_Stack()
x509_cert = M2Crypto.X509.load_cert(cert_file)
x509_stack.push(x509_cert)
smime.set_x509_stack(x509_stack)

p7 = M2Crypto.SMIME.load_pkcs7_bio(M2Crypto.BIO.MemoryBuffer(cipher_text))

decrypted_data = smime.verify(p7)

But I get this error in the last line:

PKCS7_Error: certificate verify error

I can't make M2Crypto to behave like openssl with '-noverify' flag.

I tried loading the same certificate in the X509_Store but it was the same result.

Answer 1

I took me a while but I found the answer in this source code https://pythonhosted.org/pysmime/pysmime.core-pysrc.html#verify

This is the code to allow a self signed certificate:

decrypted_data = smime.verify(p7, flags=M2Crypto.SMIME.PKCS7_NOVERIFY)