Isode API Customer Documentation

examples
/*  Copyright (c) 2014-2025, Isode Limited, London, England.
 *  All rights reserved.
 *                                                                       
 *  Acquisition and use of this software and related materials for any      
 *  purpose requires a written licence agreement from Isode Limited,
 *  or a written licence from an organisation licenced by Isode Limited
 *  to grant such a licence.
 *
 */
 
/* 
 *
 * 15.0a0-0
 * Simple example program for submitting a message via a message store.
 * The security environment is set up so that messages are signed.
 */
 
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
 
#include <x400_msapi.h>
#include <seclabel_api.h> /* For security labels */
#include <errno.h>
 
#include "example.h"
 
static char *optstr = "u37m:d:p:w:M:D:P:W:r:o:O:r:g:G:c:l:R:y:C:iaqsAve:x:b:f:S:Y:Z4U:L:";
 
/* These are the data items used to construct the message for submission */
static char *default_recip = "/CN=lppt1/OU=lppt/O=attlee/PRMD=TestPRMD/ADMD=TestADMD/C=GB/";
char *recip;
static char *content_id = "030924.140212";
static const char text[] = "First line\r\nSecond line\r\n";
static char *binary_data;
 
const char* xml_filename = "seclabel.xml";
 
static int setup_msg_sec_env = 0;
 
int num_unsigned_rcvd;
int num_unverified_rcvd;
int num_verified_rcvd;
 
/* local functions */
 
static void usage(void) ;
static int send_msg(
    int contype, 
    char *orn, 
    char *def_dn, 
    char *pa, 
    char *password);
 
static int submit_msg(
    char *orn, 
    struct X400msSession *sp    /* session object */
);
 
static int get_msg(
    struct X400msSession *sp
);
 
static int setup_default_new_sec_env(
    struct X400msSession *sp, 
    char *identity_filename,
    char *pw
);
 
static int setup_default_old_sec_env(
    struct X400msSession *sp, 
    char *id,
    char *dn,
    char *pw
);
 
static int setup_msg_new_sec_env(
    struct X400msMessage *mp,   /* message object */
    char *identity_filename,
    char *pw
);
 
static int add_x411_label(
    struct X400msMessage *mp,   /* message object */
    const char* xml_filename
);
 
static int add_4066_label(
    struct X400msMessage *mp,   /* message object */
    const char* xml_filename
);
 
static int setup_msg_old_sec_env(
    struct X400msMessage *mp,   /* message object */
    char *id, 
    char *dn, 
    char *pw
);
 
static int report_moac_info(
    struct X400msMessage *mp 
);
 
static void show_4406_certificate (struct X400msMessage *mp);
static void show_certificate (struct X400msMessage *mp);
static int report_4406_info(
    struct X400msMessage *mp 
);
 
static void print_sec_label(
    char slab_buffer[],
    unsigned int length
);
 
/* start here */
int main (
    int         argc,
    char      **argv
) 
{
    char        pa[BUFSIZ];
    char        orn[BUFSIZ];
    char        *def_oraddr;
    char        *def_dn;
    char        *def_pa;
    int         contype;
    int         status;
    char        password[BUFSIZ];
 
    if (get_args(argc, argv, optstr)) {
        usage();
        exit(-1);
    }
 
    printf("Connection type (0 = P7, 1 = P3 submit only, 2 = P3 both directions) [%d]: ", x400_contype);
    contype = ic_fgetc(x400_contype, stdin); 
    if (contype != 10)
        ic_fgetc(x400_contype, stdin);
 
    if ( contype < '0' || '2' < contype )
      contype = x400_contype;
    else 
        contype -= '0';
 
    if (contype == 0) {
        def_oraddr = x400_ms_user_addr;
        def_dn = x400_ms_user_dn;
        def_pa = x400_ms_presentation_address;
    } else {
        def_oraddr = x400_mta_user_addr;
        def_dn = x400_mta_user_dn;
        def_pa = x400_mta_presentation_address;
    }
 
    printf("Your ORAddress [%s] > ", def_oraddr);
    ic_fgets (orn, sizeof orn, stdin);
 
    if ( orn[strlen(orn)-1] == '\n' )
        orn[strlen(orn)-1] = '\0';
        
    if (orn[0] == '\0') 
        strcpy(orn, def_oraddr);
 
    /* Prompt for password; note: reflected. */
    printf ("Password [%s]: ", 
            contype == 0 ? x400_p7_password : x400_p3_password);
    if ( ic_fgets (password, sizeof password, stdin) == NULL )
        exit (1);
 
    if (password[strlen(password)-1] == '\n' )
        password[strlen(password)-1] = '\0';
    if (password[0] == '\0') 
        strcpy(password, contype == 0 ? x400_p7_password : x400_p3_password);
 
    /* Presentation Address */
    printf("Presentation Address [%s] > ", def_pa);
    ic_fgets (pa, sizeof pa, stdin);
 
    if ( pa[strlen(pa)-1] == '\n' )
        pa[strlen(pa)-1] = '\0';
 
    if (pa[0] == '\0') 
        strcpy(pa, def_pa);
 
    printf("sending message using session 1\n");
    if ((status = send_msg(contype, orn, def_dn, pa, password)) 
            != X400_E_NOERROR ) {
        fprintf (stderr, "Error in sending message\n");
        exit (status);
    }
    printf("sending message using session 2\n");
    if ((status = send_msg(contype, orn, def_dn, pa, password)) 
            != X400_E_NOERROR ) {
        fprintf (stderr, "Error sending message\n");
        exit (status);
    }
    return (status);
}
 
static int send_msg(
    int contype, 
    char *orn, 
    char *def_dn, 
    char *pa, 
    char *password
)
{
    struct X400msSession *sp;   /* session object */
 
    int         status;
 
 
    /* we've got what we need - now open an API session */
    status = X400msOpen (contype, orn, def_dn, password, pa, NULL, &sp);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "Error in Open: %s\n", X400msError (status));
        fprintf (stderr, "%s %s %s\n", orn, def_dn, pa);
        return (status);
    }
 
    /* setup logging */
    X400msSetStrDefault(sp, X400_S_LOG_CONFIGURATION_FILE, "x400api.xml", 0);
 
    /* Set up the security environment.
     *
     * The security env can be specified the new way (recommended) using 
     * a PKCS12 filename and passphrase, or as a directory (deprecated and
     * obsolete).
     *
     * If the ID is specified as a directory, in which the subdirectory
     * "x509" is expected to contain one or more PKCS12 files.
     * The appropriate Digital Identity is determined from the
     * DN of the subject, and the passphrase is used to decrypt
     * the private key. 
     */
    if (use_new_sec_env) {
        status = setup_default_new_sec_env(sp, identity_filename, passphrase);
    } else {
        status = setup_default_old_sec_env(sp, security_id, identity_dn, 
            passphrase);
    }
 
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "Can't setup security environment\n");
        return (status);
    }
 
    printf("sending message 1\n");
    status = submit_msg(orn, sp);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "Can't submit\n");
        return (status);
    }
 
    printf("sending message 2\n");
    status = submit_msg(orn, sp);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "Can't submit\n");
        return (status);
    }
 
    printf("sending message 3\n");
    status = submit_msg(orn, sp);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "Can't submit\n");
        return (status);
    }
 
    /* now get a message */
    status = get_msg(sp);
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error in getting msg: %s\n",
                X400msError(status));
        exit(status);
    }
 
    status = X400msClose (sp);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msClose returned error: %s\n", X400msError (status));
        return (status);
    }
    return status;
}
 
static int submit_msg(
    char *orn, 
    struct X400msSession *sp    /* session object */
)
{
    struct X400msMessage *mp;   /* message object */
    struct X400Recipient *rp;   /* recipient object */
    char        tmp[BUFSIZ];
    FILE        *fp = NULL;
    int         fs=0;
    int         status;
 
    if (x400_default_recipient != NULL) 
        recip = x400_default_recipient;
    else 
        recip = default_recip;
 
    printf("Message recipient [%s]: ", recip);
    ic_fgets (tmp, sizeof tmp, stdin);
 
    if ( tmp[strlen(tmp)-1] == '\n' )
        tmp[strlen(tmp)-1] = '\0';
    if (strlen(tmp) != 0)
        recip = strdup(tmp);
 
    printf("Subject [%s]: ", subject);
    ic_fgets (tmp, sizeof tmp, stdin);
 
    if ( tmp[strlen(tmp)-1] == '\n' )
        tmp[strlen(tmp)-1] = '\0';
    if (strlen(tmp) != 0)
        subject = strdup(tmp);
 
    status = X400msMsgNew (sp, X400_MSG_MESSAGE, &mp);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgNew returned error: %s\n", X400msError (status));
        return (status);
    }
 
    /* Set up the security environment for this message overriding the
     * default security env.
     *
     * The security env can be specified the new way (recommended) using 
     * a PKCS12 filename and passphrase, or as a directory (deprecated and
     * obsolete).
     *
     * If the ID is specified as a pathname, in which the subdirectory
     * "x509" is expected to contain one or more PKCS12 files.
     * The appropriate Digital Identity is determined from the
     * DN of the subject, and the passphrase is used to decrypt
     * the private key. 
     */
    if (setup_msg_sec_env) {
        if (use_new_sec_env) {
            status = setup_msg_new_sec_env(mp, identity_filename, passphrase);
            if ( status != X400_E_NOERROR ) {
                fprintf (stderr, "Can't setup new security environment\n");
                return (status);
            }
        } else {
            status = setup_msg_old_sec_env(mp, security_id, identity_dn2, 
                passphrase);
            if ( status != X400_E_NOERROR ) {
                fprintf (stderr, "Can't setup old security environment\n");
                return (status);
            }
        }
    }
 
    /* Instruct the X400msMsgSend() function to generate a MOAC (signature) for
     * the message.
     *
     * The default attributes will be used unless the attributes are
     * also included in the message eg by calling setup_msg_sec_env() above 
     */
    if (gen_moac) {
        status = X400msMsgAddIntParam (mp, X400_B_SEC_GEN_MOAC, 1);
        if ( status != X400_E_NOERROR ) {
            fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
                X400msError (status));
            return (status);
        }
    }
 
    /* Instruct the X400msMsgSend() function to generate a STANAG 4406 
     * signature for the message 
     *
     * The default attributes will be used unless the attributes are 
     * also included in the message eg by calling setup_msg_sec_env() above 
     */
    if (gen_4406_sig) {
        printf("\nRequesting 4406 signature\n");
        status = X400msMsgAddIntParam (mp, X400_N_S4406, 1);
        if ( status != X400_E_NOERROR ) {
            fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
            return (status);
        }
 
        /* add a security label */
        printf("\nAdding 4406 label\n");
        status = add_4066_label (mp, xml_filename);
        if ( status != X400_E_NOERROR ) {
            fprintf (stderr, "add_4406_label returned error: %s\n", 
                X400msError (status));
            return (status);
        }
 
    } else {
        printf("\nNot requesting 4406 signature\n");
    }
 
    if (need_x411_label) {
        status = add_x411_label (mp, xml_filename);
        if ( status != X400_E_NOERROR ) {
            fprintf (stderr, "add_x411_label returned error: %s\n", 
                X400msError (status));
            return (status);
        }
    } else {
        printf("\nNot requesting X.411 Label\n");
    }
 
    status = X400msRecipNew (mp, X400_RECIP_STANDARD, &rp);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msRecipNew returned error: %s\n", X400msError (status));
        return (status);
    }
 
    status = X400msRecipAddStrParam (rp, X400_S_OR_ADDRESS, recip, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
        return (status);
    }
 
    status = X400msRecipAddStrParam (rp, X400_S_DIRECTORY_NAME, "CN=recipient;c=gb", -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
        return (status);
    }
 
    status = X400msMsgAddStrParam (mp, X400_S_OR_ADDRESS, orn, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
        return (status);
    }
 
    status = X400msMsgAddStrParam (mp, X400_S_DIRECTORY_NAME, "CN=originator;c=gb", -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
        return (status);
    }
 
    /* Ask for +ve and -ve delivery reports */
    status = X400msRecipAddIntParam (rp, X400_N_REPORT_REQUEST, 2);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
        return (status);
    }
 
    /* Ask for +ve and -ve read receipts */
    status = X400msRecipAddIntParam (rp, X400_N_NOTIFICATION_REQUEST, 7);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
        return (status);
    }
 
    status = X400msMsgAddStrParam (mp, X400_S_CONTENT_IDENTIFIER, 
            content_id, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
        return (status);
    }
 
    status = X400msMsgAddStrParam (mp, X400_S_SUBJECT, subject, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
        return (status);
    }
 
    status = X400msMsgAddStrParam (mp, X400_T_ISO8859_1, text, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400ms returned error: %s\n", X400msError (status));
        return (status);
    }
 
    /* now an IA5 body part using the bodypart func  */
    status = X400msMsgAddAttachment (mp, X400_T_IA5TEXT, text, strlen(text));
    if ( status != X400_E_NOERROR ) {
        printf("failed to add X400_T_IA5TEXT BP\n");
        return (status);
    }
 
    /*  or a Binary body part using the bodypart func */
    if (filename_to_send != NULL) {
        binary_data = (char *) malloc(100000);
        if ( binary_data == NULL )
            return X400_E_NOMEMORY;
        fp = fopen(filename_to_send, "r");
        if (fp == (FILE *)NULL) {
            printf("Cannot open binary file\n");
            return (X400_E_SYSERROR);
        }
        if ((fs = fread (binary_data, sizeof(char), 100000/sizeof(char), fp) ) == -1) {
            printf("Cannot read from binary file\n");
            return (X400_E_SYSERROR);
        }
        fclose(fp);
 
        status = X400msMsgAddAttachment (mp, X400_T_BINARY, binary_data, fs);
        if ( status != X400_E_NOERROR ) {
            printf("failed to add X400_T_BINARY BP\n");
            return (status);
        }
    } else {
        printf("no binary file set - not sending X400_T_BINARY\n");
    }
 
    status = X400msMsgSend (mp);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgSend returned error: %s\n", X400msError (status));
        return (status);
    } else {
        printf("Message submitted successfully\n");
    }
 
    status = X400msMsgDelete (mp, 0);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgDelete returned error: %s\n", X400msError (status));
        return (status);
    }
 
    mp = NULL;
    rp = NULL;
 
    return (status);
}
 
 
static int setup_default_new_sec_env(
    struct X400msSession *sp, 
    char *identity,
    char *pw
)
{
    int status;
 
    /* Filename of the Digital Identity (PKCS12 file) */
    status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_FILE, 
            identity, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
            X400msError (status));
        return (status);
    }
 
    /* passphrase used to open the Identity */
    status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
            X400msError (status));
        return (status);
    }
 
    /* test the sec env */
    status = X400msTestSecurityEnv (sp);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msTestSecurityEnv returned error: %s\n",
            X400msError (status));
        return (status);
    }
 
    return status;
}
 
static int setup_default_old_sec_env(
    struct X400msSession *sp, 
    char *id,
    char *dn,
    char *pw
)
{
    int status;
 
    /* first set a default security identity. This passes in the name of a
     * directory, which contains an x509 subdirectory in which all Identities
     * are held */
    X400msSetStrDefault(sp, X400_S_SEC_IDENTITY, id, -1); 
 
    /* select by DN which Identity is to be used (if there are several) 
     * Currently these must be PKCS12 files */
    status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_DN, dn, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
            X400msError (status));
        return (status);
    }
 
    /* passphrase used to open the Identity */
    status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
            X400msError (status));
        return (status);
    }
 
    return status;
}
 
static int setup_msg_new_sec_env(
    struct X400msMessage *mp,   /* message object */
    char *identity,
    char *pw
)
{
    int status;
 
    /* Filename of the Digital Identity (PKCS12 file) */
    status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_FILE, 
            identity, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msMsgAddStrParam returned error: %s\n", 
            X400msError (status));
        return (status);
    }
 
    /* security additions */
    status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
            X400msError (status));
        return (status);
    }
    return (status);
}
 
static int setup_msg_old_sec_env(
    struct X400msMessage *mp,   /* message object */
    char *id,
    char *dn,
    char *pw
)
{
    int status;
 
    /* overide the default security environment by specifying a new set of
     * attibutes, and put them into the message */
    /* security additions */
    status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY, id, -1); 
    /* status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY, "/var/isode/dsa-db", -1); */
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
            X400msError (status));
        return (status);
    }
 
    /* security additions */
    status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_DN, dn, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
            X400msError (status));
        return (status);
    }
 
    /* security additions */
    status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
            X400msError (status));
        return (status);
    }
    return (status);
}
 
 
static int add_4066_label(
    struct X400msMessage *mp,   /* message object */
    const char* filename
)
{
 
#define XML_BUFSIZE 1024
#define STRING_BUFSIZE 1024
 
    int status;
    char xml_content[XML_BUFSIZE];
    char str_content[STRING_BUFSIZE];
    int str_len = STRING_BUFSIZE;
    FILE *fd = NULL;
   
    printf("Adding 4406 Security Label, using file %s\n", filename);
    /* Read in the security label XML file */
    fd = fopen(filename,"r");
    if(fd == NULL) {
        fprintf(stderr,"Failed to open %s : %s\n",
                filename,strerror(errno));
    }
 
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wunused-result" 
    fread(&xml_content,XML_BUFSIZE,1,fd);
#pragma GCC diagnostic pop
 
    fclose(fd);
 
    status = SecLabelInit("Example program 2");
    if (status != SECLABEL_E_NOERROR) {
        fprintf(stderr, "SecLabelInit returned error %d\n", status);
        return X400_E_INVALID_ATTR;
    }
    
    /* Use SecLabelParse to turn the XML into an octet string */
    status = SecLabelParse(xml_content,
                           str_content,
                           STRING_BUFSIZE,
                           &str_len);
    
    if (status != SECLABEL_E_NOERROR) {
        fprintf(stderr, "SecLabelParse returned error %d\n", status);
        return X400_E_INVALID_ATTR;
    }
        
    /* Add the octet string to the message pointer */
    status = X400msMsgAddStrParam (mp, X400_S_S4406_SECURITY_LABEL,
                                   str_content,str_len);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
            X400msError (status));
        return (status);
    }
    return X400_E_NOERROR;
    
}
 
 
static int add_x411_label(
    struct X400msMessage *mp,   /* message object */
    const char* filename
)
{
 
#define XML_BUFSIZE 1024
#define STRING_BUFSIZE 1024
 
    int status;
    char xml_content[XML_BUFSIZE];
    char str_content[STRING_BUFSIZE];
    int str_len = STRING_BUFSIZE;
    FILE *fd = NULL;
   
    printf("Adding X.411 Security Label, using file %s\n", filename);
    /* Read in the security label XML file */
    fd = fopen(filename,"r");
    if(fd == NULL) {
        fprintf(stderr,"Failed to open %s : %s\n",
                filename,strerror(errno));
    }
 
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wunused-result" 
    fread(&xml_content,XML_BUFSIZE,1,fd);
#pragma GCC diagnostic pop
 
    fclose(fd);
 
    status = SecLabelInit("Example program");
    if (status != SECLABEL_E_NOERROR) {
        fprintf(stderr, "SecLabelInit returned error %d\n", status);
        return X400_E_INVALID_ATTR;
    }
    
    /* Use SecLabelParse to turn the XML into an octet string */
    status = SecLabelParse(xml_content,
                           str_content,
                           STRING_BUFSIZE,
                           &str_len);
    
    if (status != SECLABEL_E_NOERROR) {
        fprintf(stderr, "SecLabelParse returned error %d\n", status);
        return X400_E_INVALID_ATTR;
    }
        
    /* Add the octet string to the message pointer */
    status = X400msMsgAddStrParam (mp, X400_S_SECURITY_LABEL,
                                   str_content,str_len);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
            X400msError (status));
        return (status);
    }
    return X400_E_NOERROR;
    
}
 
 
static int get_msg(
    struct X400msSession *sp
)
{
    char buffer[BUFSIZ];
    int status;
    int nummsg;
    int type;
    int seqn;
    struct X400msMessage *mp;
    struct X400Recipient *rp;
    int n;
    size_t length;
    int intparam;
    char recipient_str[BUFSIZ];
 
    printf("Waiting for new messages for 10 seconds\n");
    status = X400msWait(sp, 10, &nummsg);
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error from Wait: %s\n", X400msError(status));
        /* tidily close the session */
        status = X400msClose(sp);
        exit(status);
    }
 
    /* Set up the security environment.
     *
     * In R15.0 this need only be the name of a trusted certificate directory.
     *
     * Prior to R15.0, the ID is specified as a pathname, in which the 
     * subdirectory "x509" is expected to contain one or more PKCS12
     * files. The appropriate Digital Identity is determined from the 
     * DN of the subject, and the passphrase is used to decrypt the
     * private key. NB even though we're not going to use our cert,
     * (as we're going to use the cert in the message to check the MOAC
     * we need to do this due to a limitation in the underlying X.509
     * layer. 
     */
    /*
    if (use_new_sec_env) {
        setup_default_new_sec_env(sp, trusted_ca_certs_dir);
    } else {
        setup_default_old_sec_env(sp, security_id, identity_dn, passphrase);
    }
    */
 
 
    /* Turn off legacy bahaviour in which  MOAC verification failure 
     * returns X400_E_NOERROR.
     * We will now get X400_E_X509_VERIFY_FAILURE from MsgGet
     * if/when the verification fails 
     */
    X400msSetIntDefault(sp, X400_B_RETURN_VERIFICATION_ERRORS, 1); 
 
    if (x400_default_recipient != NULL) 
    printf("Getting message\n");
    status = X400msMsgGet(sp, 0, &mp, &type, &seqn);
    switch (status) {
    case X400_E_NOERROR:
        fprintf(stderr, "MsgGet successfully got message\n");
        break;
    default :
        fprintf(stderr, "Error from MsgGet: %s\n", X400msError(status));
        /* tidily close the session */
        status = X400msClose(sp);
        exit(status);
        break;
    }
 
    if (type != X400_MSG_MESSAGE) {
        fprintf(stderr, "Got a report (printing only some attributes)\n");
 
        /* The ORADDRESS in the message is the (envelope) originator */
        status = X400msMsgGetStrParam(mp, X400_S_SUBJECT_IDENTIFIER,
                                      buffer, sizeof buffer, &length);
        if (status != X400_E_NOERROR) {
            fprintf(stderr, "Error from MsgGetStrParam: %s\n",
                    X400msError(status));
            /* tidily close the session */
            status = X400msClose(sp);
            exit(status);
        }
        printf("Subject Identifier: %.*s\n", (int)length, buffer);
 
        /* Get the primary recipients */
        for (n = 1;; n++) {
            status = X400msRecipGet(mp, X400_RECIP_REPORT, n, &rp);
            if (status == X400_E_NO_RECIP)
                break;
            if (status != X400_E_NOERROR) {
                fprintf(stderr, "Error from RecipGet: %s\n",
                        X400msError(status));
                /* tidily close the session */
                status = X400msClose(sp);
                exit(status);
            }
 
            /* Note: recipient may not actually have an O/R address */
            status = X400msRecipGetStrParam(rp, X400_S_OR_ADDRESS,
                                            recipient_str,
                                            sizeof recipient_str, &length);
            if (status != X400_E_NOERROR) {
                fprintf(stderr, "Error from RecipGetStrParam: %s\n",
                        X400msError(status));
                /* tidily close the session */
                status = X400msClose(sp);
                exit(status);
            }
            /* print out the O/R Address of the report */
            printf("Positive Delivery Report for recipient %d: %.*s\n", n,
                   (int)length, recipient_str);
 
            /* The original message delivery time, if this attribute exists, 
             * then the report is a positive Delivery Report */
            status = X400msRecipGetStrParam(rp, X400_S_MESSAGE_DELIVERY_TIME,
                                            buffer, sizeof buffer, &length);
            if (status == X400_E_NOERROR) {
                /* Positive Delivery Report */
                printf("Delivery Time: %.*s\n", (int)length, buffer);
            }
            else {
                /* Negative Delivery Report */
                printf("Negative Delivery Report for recipient %d: %s\n", n,
                       recipient_str);
 
                /* Supplementary Info to the report */
                status = X400msRecipGetStrParam(rp, X400_S_SUPPLEMENTARY_INFO,
                                                buffer, sizeof buffer,
                                                &length);
                if (status != X400_E_NOERROR) {
                    fprintf(stderr, "Error from RecipGetStrParam: %s\n",
                            X400msError(status));
                    buffer[0] = '\0';
                }
                printf("Supplementary Info: %.*s\n", (int)length, buffer);
 
                /* The reason why the message was not delivered */
                status =
                    X400msRecipGetIntParam(rp, X400_N_NON_DELIVERY_REASON,
                                           &intparam);
                if (status != X400_E_NOERROR) {
                    fprintf(stderr, "Error from MsgGetIntParam: %s\n",
                            X400msError(status));
                }
                printf("Non-Delivery Reason: %d\n", intparam);
 
                /* The diagnostics of the report for this recipient */
                status =
                    X400msRecipGetIntParam(rp, X400_N_NON_DELIVERY_DIAGNOSTIC,
                                           &intparam);
                if (status != X400_E_NOERROR) {
                    fprintf(stderr, "Error from MsgGetIntParam: %s\n",
                            X400msError(status));
                }
                printf("Non-Delivery Diagnostic: %d\n", intparam);
            }
        }
 
        num_unsigned_rcvd++ ;
        status = X400msMsgDelete(mp, 0);
        if (status != X400_E_NOERROR) {
            fprintf(stderr, "Error from X400msMsgDelete: %s\n",
                    X400msError(status));
        }
        return (status);
    }
 
 
    /* x411 security label */
    status = X400msMsgGetStrParam(mp, X400_S_SECURITY_LABEL,
                                  buffer, sizeof buffer, &length);
    if (status == X400_E_NO_VALUE) {
        printf("No X.411 security label\n");
    } else if (status !=  X400_E_NOERROR) {
        fprintf(stderr,"Failed to fetch X.411 security label: %d (%s)",
            status, X400msError(status));
        return (status);
    } else {
        fprintf(stderr, "X.411 Security Label returned OK (%d chars)\n", 
                (int)length);
        print_sec_label(buffer, length);
    }
 
    /* report information about the MOAC in the message */
    report_moac_info(mp);
 
    /* report information about the 4406 in the message */
    report_4406_info(mp);
 
    /* The message identifier */
    status = X400msMsgGetStrParam(mp, X400_S_MESSAGE_IDENTIFIER,
                                  buffer, sizeof buffer, &length);
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error from MsgGetStrParam: %s\n",
                X400msError(status));
        /* tidily close the session */
        status = X400msClose(sp);
        exit(status);
    }
    printf("Message Identifier: %.*s\n", (int)length, buffer);
 
    /* The ORADDRESS in the message is the (envelope) originator */
    status = X400msMsgGetStrParam(mp, X400_S_OR_ADDRESS,
                                  buffer, sizeof buffer, &length);
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error from MsgGetStrParam: %s\n",
                X400msError(status));
        /* tidily close the session */
        status = X400msClose(sp);
        exit(status);
    }
    printf("Originator: %.*s\n", (int)length, buffer);
 
    /* Get the primary recipients */
    for (n = 1;; n++) {
        status = X400msRecipGet(mp, X400_RECIP_PRIMARY, n, &rp);
        if (status == X400_E_NO_RECIP)
            break;
        if (status != X400_E_NOERROR) {
            fprintf(stderr, "Error from RecipGet: %s\n", X400msError(status));
            /* tidily close the session */
            status = X400msClose(sp);
            exit(status);
        }
 
        /* Note: recipient may not actually have an O/R address */
        status = X400msRecipGetStrParam(rp, X400_S_OR_ADDRESS,
                                        buffer, sizeof buffer, &length);
        if (status == X400_E_NOERROR) {
            printf("Recipient %d: %.*s\n", n, (int)length, buffer);
        }
    }
 
    /* Subject is optional */
    status = X400msMsgGetStrParam(mp, X400_S_SUBJECT,
                                  buffer, sizeof buffer, &length);
    if (status == X400_E_NOERROR)
        printf("Subject: %.*s\n", (int)length, buffer);
 
    /* And message text (or it could be another type) */
    status = X400msMsgGetStrParam(mp, X400_T_IA5TEXT,
                                  buffer, sizeof buffer, &length);
    if (status == X400_E_NOERROR)
        printf("Text:\n%.*s\n", (int)length, buffer);
 
    /* Deletes message in message store as well as internal copy */
    status = X400msMsgDelete(mp, 0);
 
    return status;
}
 
#ifdef notdef
/*
 * Recommended function to setup security env for verification.
 * No digitial ID required - just a directory which contains 
 * trust anchors which are read as DER file (certificate.crt).
 *
 * The certificate (containing public key) is obtained from the message
 * which is referenced in the message.
 */
 
static void setup_default_new_sec_env(
    struct X400msSession *sp, 
    char *trusted_ca_certs_dir
)
{
    int status;
 
    /* Directory containing trusted CA Certificates */
    printf(" Adding %s as trusted CA cert dir\n", trusted_ca_certs_dir);
    status = X400msSetStrDefault (sp, X400_S_SEC_TRUSTED_CERTS_DIR, 
            trusted_ca_certs_dir, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
            X400msError (status));
        exit (status);
    }
 
    return;
}
 
/*
 * Obsolete function to use to set up the security environment. This provides a
 * directory in which PKCS12 files are checked to find one whose subject DN
 * matches that of this client.
 *
 * Any self signed certificates found in the directory are treated as 
 * trusted.
 */
 
static void setup_default_old_sec_env(
    struct X400msSession *sp, 
    char *id, 
    char *dn, 
    char *pw    /* passphrase for private key in pkcs12 file */
)
{
    int status;
 
    /* first set a default security identity. This passes in the name of a
     * directory, which contains an x509 subdirectory in which all Identities
     * are held */
    /* X400msSetStrDefault(sp, X400_S_SEC_IDENTITY, "/var/isode/dsa-db/", -1);
     * */
    X400msSetStrDefault(sp, X400_S_SEC_IDENTITY, id, -1); 
 
    /* select by DN which Identity is to be used (if there are several) 
     * Currently these must be PKCS12 files */
    status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_DN, dn, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
            X400msError (status));
        exit (status);
    }
 
    /* passphrase used to open the Identity */
    status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
            X400msError (status));
        exit (status);
    }
    return;
}
#endif
 
 
static int report_moac_info(
    struct X400msMessage *mp 
)
{
    int status;
    int intparam;
 
    /* Check the MOAC */
    status = X400msMsgGetIntParam(mp, X400_N_MOAC_STATUS, &intparam);
    switch ( status ) {
    case X400_E_NO_VALUE:
        num_unverified_rcvd++ ;
        fprintf (stderr, "No MOAC in message\n");
        break;
 
    default:
        num_unverified_rcvd++ ;
        fprintf (stderr, "Unexpected error getting MOAC status: %s\n",
                 X400msError (status));
        break;
 
    case X400_E_NOERROR:
        fprintf (stderr, "Have MOAC in message (%d)\n", intparam);
        switch (intparam) {
        case X400_E_NOERROR:
            fprintf(stderr, 
                    "MsgGet successfully verified signature in message\n");
            show_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_verified_rcvd++ ;
            break;
        case X400_E_SIGN_NO_IDENTITY:
            fprintf(stderr, 
                "MOAC validation cannot take place because the security environment is invalid (%d):\n", 
                intparam);
            /* other values will not be available */
            break;
        case X400_E_X509_INIT:
        case X400_E_X509_ENV:
            fprintf(stderr, 
                "MOAC validation cannot take place because the security environment is invalid (%d):\n", 
                intparam);
            /* other values will not be available */
            break;
        case X400_E_X509_VERIFY_FAIL:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_VERIFY_FAIL_NO_CERT:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_VERIFY_FAIL_NO_PUBKEY:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_VERIFY_FAIL_INCOMPAT_ALG:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_VERIFY_FAIL_UNSUPPORTED_ALG:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_CERT_INVALID:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_ITEM_INVALID:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        default :
            fprintf(stderr, "Unexpected verification error from MsgGet: %s\n", 
                X400msError(intparam));
            show_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        }
    }
    return X400_E_NOERROR;
}
 
 
static int report_4406_info(
    struct X400msMessage *mp 
)
{
    int         status;
    int         intparam;
    size_t      length;
    char        buffer[BUFSIZ];
 
    /* Check the 4406 signatures */
    status = X400msMsgGetIntParam(mp, X400_N_S4406_STATUS, &intparam);
    switch ( status ) {
    case X400_E_NO_VALUE:
        num_unverified_rcvd++ ;
        fprintf (stderr, "No 4406 signature in message\n");
        return X400_E_NOERROR;
 
    default:
        num_unverified_rcvd++ ;
        fprintf (stderr, "Unexpected error getting 4406 signature status: %s\n",
                 X400msError (status));
        break;
 
    case X400_E_NOERROR:
        fprintf (stderr, "Have 4406 signature in message (%d)\n", intparam);
        switch (intparam) {
        case X400_E_NOERROR:
            fprintf(stderr, 
                    "MsgGet successfully verified signature in message\n");
            show_4406_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_verified_rcvd++ ;
            break;
        case X400_E_SIGN_NO_IDENTITY:
            fprintf(stderr, 
                "4406 signature validation cannot take place because the security environment is invalid (%d):\n", 
                intparam);
            /* other values will not be available */
            break;
        case X400_E_X509_INIT:
        case X400_E_X509_ENV:
            fprintf(stderr, 
                "4406 signature validation cannot take place because the security environment is invalid (%d):\n", 
                intparam);
            /* other values will not be available */
            break;
        case X400_E_X509_VERIFY_FAIL:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_4406_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_VERIFY_FAIL_NO_CERT:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_VERIFY_FAIL_NO_PUBKEY:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_4406_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_VERIFY_FAIL_INCOMPAT_ALG:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_4406_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_VERIFY_FAIL_UNSUPPORTED_ALG:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_4406_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_CERT_INVALID:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_4406_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        case X400_E_X509_ITEM_INVALID:
            fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                X400msError(intparam));
            show_4406_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        default :
            fprintf(stderr, "Unexpected verification error from MsgGet: %s\n", 
                X400msError(intparam));
            show_4406_certificate (mp);
            fprintf(stderr, "continuing ...\n");
            num_unverified_rcvd++ ;
            break;
        }
    }
 
    /* 4406 security label */
    status = X400msMsgGetStrParam(mp, X400_S_S4406_SECURITY_LABEL,
                                  buffer, sizeof buffer, &length);
    if (status == X400_E_NO_VALUE) {
        printf("No 4406 security label\n");
    } else if (status !=  X400_E_NOERROR) {
        fprintf(stderr,"Failed to fetch 4406 security label: %d (%s)",
            status, X400msError(status));
        return (status);
    } else {
        fprintf(stderr, "4406 Security Label returned OK (%d chars)\n", 
                (int)length);
        print_sec_label(buffer, length);
    }
 
    /* 4406 signing time */
    status = X400msMsgGetStrParam(mp, X400_S_S4406_SIGNING_TIME,
                                  buffer, sizeof buffer, &length);
    if (status == X400_E_NOERROR)
        printf("4406 signing time returned OK\n%.*s\n", (int)length, buffer);
    else 
        printf("4406 signing time not returned (%d) (%s)\n", status,
            X400msError(status));
 
    return X400_E_NOERROR;
}
 
static void print_sec_label(
    char slab_buffer[],
    unsigned int length
)
{
 
    char  xml_buffer[XML_BUFSIZE];
    int status;
    
    status = SecLabelInit("Example program");
    if (status != SECLABEL_E_NOERROR) {
        fprintf(stderr, "SecLabelInit returned error %d\n", status);
        return ;
    }
 
    status =  SecLabelPrint((const unsigned char *) slab_buffer,
                            length,
                            xml_buffer,
                            XML_BUFSIZE);
    
    if (status != SECLABEL_E_NOERROR) {
        fprintf(stderr, "SecLabelParse returned error %d\n", status);
        return ;
    }
    
    /* You could now write out the XML file, or parse it in memory..*/
    printf("Got security label:%s\n", xml_buffer);
    return;
}
 
static void show_certificate (struct X400msMessage *mp)
{
    int status;
    struct X400Certificate *cert;
    char buffer[BUFSIZ];
    size_t length;
    int paramval;
 
    status = X400msMsgGetCert (mp, X400_N_CERT_MOAC, &cert);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "Error getting MOAC certificate: %s\n",
                 X400msError (status));
        return;
    }
 
    status = X400CertGetStrParam(cert, X400_S_CERT_SUBJECT_DN,
                                 buffer, sizeof buffer, &length);
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error from CertGetStrParam: %s\n",
                X400msError(status));
        return;
    }
    fprintf(stderr, 
            "subject DN of originator certificate '%.*s'\n", (int)length, buffer);
    status = X400CertGetStrParam(cert, X400_S_CERT_ISSUER_DN,
                                 buffer, sizeof buffer, &length);
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error from CertGetStrParam: %s\n",
                X400msError(status));
        return;
    }
    fprintf(stderr, 
            "issuer DN of originator certificate '%.*s'\n", (int)length, buffer);
 
    status = X400CertGetStrParam(cert, X400_S_OR_ADDRESS,
                                 buffer, sizeof buffer, &length);
    if (status != X400_E_NOERROR) {
        if ( status == X400_E_NO_VALUE ) {
            fprintf(stderr, "No ORaddress subject alt. name\n");
        } else {
            fprintf(stderr, "Error from CertGetStrParam: %s\n",
                    X400msError(status));
            return;
        }
    } else {
        fprintf(stderr, "ORaddress subject alt name: '%.*s'\n", (int)length, buffer);
    }
 
    status = X400CertGetIntParam(cert, X400_N_CERT_ORADDRESS_STATUS, &paramval);
    
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error from CertGetStrParam: %s\n",
                    X400msError(status));
        return;
    }
 
    fprintf(stderr, "ORaddress subject alt name status: %s\n",
            X400msError (paramval));
}
 
 
static void show_4406_certificate (struct X400msMessage *mp)
{
    int status;
    struct X400Certificate *cert;
    char buffer[BUFSIZ];
    size_t length;
    int paramval;
 
    status = X400msMsgGetCert (mp, X400_N_S4406_CERTIFICATE, &cert);
    if ( status != X400_E_NOERROR ) {
        fprintf (stderr, "Error getting 4406 certificate: %s\n",
                 X400msError (status));
        return;
    }
 
    status = X400CertGetStrParam(cert, X400_S_CERT_SUBJECT_DN,
                                 buffer, sizeof buffer, &length);
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error from CertGetStrParam: %s\n",
                X400msError(status));
        return;
    }
    fprintf(stderr, "subject DN of originator certificate '%.*s'\n", 
        (int)length, buffer);
    status = X400CertGetStrParam(cert, X400_S_CERT_ISSUER_DN,
                                 buffer, sizeof buffer, &length);
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error from CertGetStrParam: %s\n",
                X400msError(status));
        return;
    }
    fprintf(stderr, "issuer DN of originator certificate '%.*s'\n", 
        (int)length, buffer);
 
    status = X400CertGetStrParam(cert, X400_S_OR_ADDRESS,
                                 buffer, sizeof buffer, &length);
    if (status != X400_E_NOERROR) {
        if ( status == X400_E_NO_VALUE ) {
            fprintf(stderr, "No ORaddress subject alt. name\n");
        } else {
            fprintf(stderr, "Error from CertGetStrParam: %s\n",
                    X400msError(status));
            return;
        }
    } else {
        fprintf(stderr, "ORaddress subject alt name: '%.*s'\n", 
            (int)length, buffer);
    }
 
    status = X400CertGetIntParam(cert, X400_N_CERT_ORADDRESS_STATUS, &paramval);
    
    if (status != X400_E_NOERROR) {
        fprintf(stderr, "Error from CertGetStrParam: %s\n",
                    X400msError(status));
        return;
    }
 
    fprintf(stderr, "ORaddress subject alt name status: %s\n",
            X400msError (paramval));
    return;
}
 
static void usage(void) {
    printf("usage: %s\n", optstr);
    printf("\t where:\n");
    printf("\t -u : Don't prompt to override defaults \n");
    printf("\t -3 : Use P3 connection \n");
    printf("\t -7 : Use P7 connection \n");
    printf("\t -m : OR Address in P7 bind arg \n");
    printf("\t -d : DN in P7 bind arg \n");
    printf("\t -p : Presentation Address of P7 Store \n");
    printf("\t -w : P7 password of P7 user \n");
    printf("\t -M : OR Address in P3 bind arg \n");
    printf("\t -D : DN in P3 bind arg \n");
    printf("\t -P : Presentation Address of P3 server\n");
    printf("\t -W : P3 password of P3 user \n");
    printf("\t -o : Originator \n");
    printf("\t -O : Originator Return Address \n");
    printf("\t -r : Recipient\n");
    printf("\t -l : Logline\n");
    printf("\t -y : Priority (0 - normal, 1 - non-urgent, 2 - urgent \n");
    printf("\t -C : Content Type (2/22/772/OID) \n");
    printf("\t -i : Implicit conversion prohibited = TRUE \n");
    printf("\t -a : Alternate Recipient Prohibited = TRUE \n");
    printf("\t -q : Content Return Request = TRUE \n");
    printf("\t -s : Disclosure of Recipient = FALSE \n");
    printf("\t -A : Recipient Reassignment Prohibited = FALSE \n");
    printf("\t -v : Conversion with Loss Prohibited = FALSE \n");
    printf("\t -e : Security Environment (dir with x509 subdir): obsolete, use -Y <p12file>\n");
    printf("\t -x : DN of X.509 Digital Identity\n");
    printf("\t -b : Passphrase for private key in PKCS12 file\n");
    printf("\t -f : Filename to transfer as binary bp\n");
    printf("\t -Y : Filename of PKCS12 file containing Digital Identity\n");
    printf("\t -4 : Generate STANAG 4406 PCT Signatures\n");
    return;
}
 
 