diff --git a/enzevalos_iphone.xcodeproj/project.pbxproj b/enzevalos_iphone.xcodeproj/project.pbxproj
index 808e40a448d9c0ac79eb2d36d82bbd4683031526..6081eeabe9ecab38435285e7b11fa0a1cef0df81 100644
--- a/enzevalos_iphone.xcodeproj/project.pbxproj
+++ b/enzevalos_iphone.xcodeproj/project.pbxproj
@@ -27,6 +27,7 @@
 		0ECEA0FE240E7DB1007DC71E /* mykey.p12 in Resources */ = {isa = PBXBuildFile; fileRef = 0ECEA0F4240E7DB0007DC71E /* mykey.p12 */; };
 		0ECEA0FF240E7DB1007DC71E /* evilCA.pem in Resources */ = {isa = PBXBuildFile; fileRef = 0ECEA0F5240E7DB0007DC71E /* evilCA.pem */; };
 		0ECEA100240E7DB1007DC71E /* evilkey1.pem in Resources */ = {isa = PBXBuildFile; fileRef = 0ECEA0F6240E7DB1007DC71E /* evilkey1.pem */; };
+		0EFEF0952417C0B400BB2FF7 /* CHelpers.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0EFEF0942417C0B400BB2FF7 /* CHelpers.swift */; };
 		3E6B07DE2011246500E49609 /* invitationText.html in Resources */ = {isa = PBXBuildFile; fileRef = 3E6B07DD2011246500E49609 /* invitationText.html */; };
 		3EB4FA9F2012007C001D0625 /* DialogViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 3EB4FA9D2012007C001D0625 /* DialogViewController.swift */; };
 		3EB4FAA12012007C001D0625 /* Dialog.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 3EB4FA9E2012007C001D0625 /* Dialog.storyboard */; };
@@ -302,6 +303,7 @@
 		0ECEA0F4240E7DB0007DC71E /* mykey.p12 */ = {isa = PBXFileReference; lastKnownFileType = file; path = mykey.p12; sourceTree = "<group>"; };
 		0ECEA0F5240E7DB0007DC71E /* evilCA.pem */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = evilCA.pem; sourceTree = "<group>"; };
 		0ECEA0F6240E7DB1007DC71E /* evilkey1.pem */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = evilkey1.pem; sourceTree = "<group>"; };
+		0EFEF0942417C0B400BB2FF7 /* CHelpers.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CHelpers.swift; sourceTree = "<group>"; };
 		1D4A9E60565DECF52C011BC0 /* Pods-enzevalos_iphone-AdHoc.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-enzevalos_iphone-AdHoc.release.xcconfig"; path = "../enzevalos_iphone_workspace/Pods/Target Support Files/Pods-enzevalos_iphone-AdHoc/Pods-enzevalos_iphone-AdHoc.release.xcconfig"; sourceTree = "<group>"; };
 		3E6B07DD2011246500E49609 /* invitationText.html */ = {isa = PBXFileReference; lastKnownFileType = text.html; name = invitationText.html; path = Invitation/invitationText.html; sourceTree = "<group>"; };
 		3E9708AD1FAC925D005825C9 /* enzevalos_iphone.entitlements */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.entitlements; path = enzevalos_iphone.entitlements; sourceTree = "<group>"; };
@@ -615,6 +617,14 @@
 			name = SMIME;
 			sourceTree = "<group>";
 		};
+		0EFEF0932417C08B00BB2FF7 /* C Helpers */ = {
+			isa = PBXGroup;
+			children = (
+				0EFEF0942417C0B400BB2FF7 /* CHelpers.swift */,
+			);
+			name = "C Helpers";
+			sourceTree = "<group>";
+		};
 		24472862977D71D3F0AD0D58 /* Pods */ = {
 			isa = PBXGroup;
 			children = (
@@ -977,6 +987,7 @@
 		A13526771D955BDF00D3BFE1 /* enzevalos_iphone */ = {
 			isa = PBXGroup;
 			children = (
+				0EFEF0932417C08B00BB2FF7 /* C Helpers */,
 				476403FA2413F95300C7D426 /* OpenSSL */,
 				A1B9999D21DE7CD2002563F6 /* Travel */,
 				477548DC21F5DA46000B22A8 /* mail */,
@@ -1732,6 +1743,7 @@
 				475B00341F7B9565006CDD41 /* Cryptography.swift in Sources */,
 				A1EB057C1D956838008659C1 /* MailHandler.swift in Sources */,
 				A182182E21E50D8D00918A29 /* IntroButtonViewController.swift in Sources */,
+				0EFEF0952417C0B400BB2FF7 /* CHelpers.swift in Sources */,
 				478AF715222FD5C600AEF69E /* IncomingMail.swift in Sources */,
 				47C036FF2347C0F5006295E8 /* ImportKeyOverviewController.swift in Sources */,
 				A1EB05881D956879008659C1 /* AddressHandler.swift in Sources */,
diff --git a/enzevalos_iphone/CHelpers.swift b/enzevalos_iphone/CHelpers.swift
new file mode 100644
index 0000000000000000000000000000000000000000..d79686e1421dcaa6a722afdf935ed3e26f2935dd
--- /dev/null
+++ b/enzevalos_iphone/CHelpers.swift
@@ -0,0 +1,31 @@
+//
+//  CHelpers.swift
+//  enzevalos_iphone
+//
+//  Created by lazarog98 on 10.03.20.
+//  Copyright © 2020 fu-berlin. All rights reserved.
+//
+
+import Foundation
+
+/**
+ Creates an arraz of C Strings from an array of swift strings
+ Always call deallocateCStrArr after using this!
+ */
+func createCStrArr(sarr: [String]) -> UnsafeMutablePointer<UnsafeMutablePointer<Int8>?>?{
+    let len = sarr.count
+    var carr = init_str_arr(Int32(len))
+    for i in 0..<len
+    {
+        let str = sarr[i]
+        add_str_to_arr(str,carr,Int32(i))
+    }
+    return carr
+}
+
+/**
+ Deallocates an array of c strings
+ */
+func deallocateCStrArr(arr: UnsafeMutablePointer<UnsafeMutablePointer<Int8>?>?, len: Int){
+    return deallocate_str_arr(arr, Int32(len))
+}
diff --git a/enzevalos_iphone/SMIME.swift b/enzevalos_iphone/SMIME.swift
index d223ce1a3617309aa9f4f5e376f7a95ca68e8cbf..ece422e0a131c11a6665334f8835de618272cf55 100644
--- a/enzevalos_iphone/SMIME.swift
+++ b/enzevalos_iphone/SMIME.swift
@@ -118,6 +118,27 @@ jRqChUmvLzwDtP8bFJ5COad91Cfx9DmHSnoPkhdg0f+2x+0eajjEx8fRCppHOSPK
 5O2AvjjS4akSRqVwlqFUqgDvO1PRhLw31i14EbkO3q1OC/4t00HJnszqzbwGWTrf
 n1O3czuVl7rPXrJn0A/MVI2ReKOQeIAYMg==
 -----END CERTIFICATE-----
+"""
+    
+    var testEvilCA = """
+-----BEGIN CERTIFICATE-----
+MIIC4TCCAckCCDWaS3dso6D3MA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNVBAYTAkRF
+MRMwEQYDVQQKDApBIE1BSUxURVNUMQ8wDQYDVQQDDAZldmlsQ0EwHhcNMTkwNzI5
+MTUzODA1WhcNMTkwODA1MTUzODA1WjAzMQswCQYDVQQGEwJERTETMBEGA1UECgwK
+QSBNQUlMVEVTVDEPMA0GA1UEAwwGZXZpbENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAv0W8s3Dav5brYO+MZQ+DiNPSf0Mgd6g6zR1vdk+sPTuJbAZ2
+owxR376WKEayBp3jF3omitej4ltuAoepQ7xgsFLVJDijAxeLeoAzPc+J8qDcY1NF
+4up9+DpN7L0L3rgfU0/I8Az4jpR8pHJTHmu0L074Er5+Vk2cBvxSY3srp2NnEga1
+Fudun9YUYfOp432Ac7xv/6KYz99ocbI+F/egnHQm49GnyFs1zxCuh9qfTeCFO644
+dUlkMXfQF7sdZmxdxwKIF4D8AroAecFXWei4PtNIJpPvr/UdCBIyEmZroL2fMnPg
+zMtChlEG5Ryw7UuwKrQGs903n3nxvopr4mOumwIDAQABMA0GCSqGSIb3DQEBCwUA
+A4IBAQCFnuNL7hhJjhvPpeMPFahMdadA1OWRLIe0XdAJI8Pvlx3f8XR5udcGS2Mi
+r5znDhWHT5fFyYTj0JZQUf5GaYrucZDh2M2lXzuazhh5J+PSgvMez1fqfC0pp3Iy
+IIqIxZCzGaZp9A7CkAO1qyDqM3fAtkJ0f6JoIrUN9Q4PphDpi6vlRDIoHROmK/Xr
+QVzf2Y0lnKGQisw048XPLWqGagu8ZO0n6GMmyldnwVDEsQomndWDrW0EHEV2s/fq
+bgvyhVRenp1O5IH3nOyXm8vR2FWOEHwR686l8Mxy24APzzn5K7nPeyBx0+ZpyqYh
+aqQKdT1pty4gKWz3zSNTupVsyA/t
+-----END CERTIFICATE-----
 """
 
     var test_key_other = """
@@ -189,14 +210,14 @@ iwxRK85BnWBVkQIMvxrbb2Ro04buiizELRoKsDdkSdYXFSmSOvw1pvT8IpNJjNRU
 AYIHvW6qRLTsSR6BZZS3pqGXYue7fE0vj4HJ2IEpj05qQ5RXrD57Wg==
 -----END RSA PRIVATE KEY-----
 """
-    
+     
     var test_string = "Hello world whatever the fuck";
 
     let cryptoScheme = CryptoScheme.SMIME
     
     func testSMIMEencrypt(){
         // OpenSSL_print_ver()
-        let (enc, enc_errs) = encrypt_with_pem(message: test_string, keyAsPem: "")
+        let (enc, enc_errs) = encrypt_with_pem(message: test_string, keyAsPem: test_key)
         if enc != nil {
             // the pointers point to memory allocatedi in c that needs to be manually dealocated
             print("SWIFT ENC DONE: ", enc ?? "")
@@ -234,11 +255,17 @@ AYIHvW6qRLTsSR6BZZS3pqGXYue7fE0vj4HJ2IEpj05qQ5RXrD57Wg==
             print("\n SWIFT SIGN2 failed")
         }
  
-        let (vertest, certs,verErrs) = verify_with_CApem(message: sig!, pemCA: testCA)
+        let (vertest, certs,verErrs) = verify_with_CApem(message: sig!, pemCAArr: [testCA, testEvilCA])
         if vertest != nil
         {
             print("In Verification", vertest!)
             print(certs ?? "No certs")
+            for x in verErrs ?? [] {
+                 print("errorstring: ",getErrorString(errCode: x))
+             }
+        }
+        else{
+            print("Vertest was nil")
         }
     }
         
@@ -280,8 +307,11 @@ AYIHvW6qRLTsSR6BZZS3pqGXYue7fE0vj4HJ2IEpj05qQ5RXrD57Wg==
         return (sigStr, errArr)
     }
     
-    func verify_with_CApem (message:String,pemCA: String) -> (String?, [String]?, [UInt]?) {
-        let ver = OpenSSL_verify(message, pemCA)
+    func verify_with_CApem (message:String, pemCAArr: [String]) -> (String?, [String]?, [UInt]?) {
+        let pemCAArrC = createCStrArr(sarr: pemCAArr)
+        let ver = OpenSSL_verify(message, pemCAArrC, Int32(pemCAArr.count))
+        deallocateCStrArr(arr: pemCAArrC, len:pemCAArr.count)
+        
         let result = ver?.pointee;
         
         let verStr = result?._extractOutput()
@@ -292,9 +322,6 @@ AYIHvW6qRLTsSR6BZZS3pqGXYue7fE0vj4HJ2IEpj05qQ5RXrD57Wg==
         return (verStr, certArr, errArr)
     }
     
-    /**
-     Returns an error message from an OpenSSL error code
-     */
     func getErrorString(errCode: UInt) -> String {
         let cStr = get_err_string(errCode);
         if (cStr != nil) {
@@ -384,4 +411,8 @@ extension result {
          
          return swiftStr
     }
+    
+
+
 }
+
diff --git a/enzevalos_iphone/c/openssl-helpers.c b/enzevalos_iphone/c/openssl-helpers.c
index f51de1d67246e3c21fcaea18539ee5f0d0a80047..e71e96edd6c26ff488471f1c66bc0581b6ffd03f 100644
--- a/enzevalos_iphone/c/openssl-helpers.c
+++ b/enzevalos_iphone/c/openssl-helpers.c
@@ -70,7 +70,6 @@ array_with_length *create_list_of_errors() {
     unsigned long * arr = NULL;
     
     while ((err = ERR_get_error()) != 0) {
-        printf("%s", "Added ERROR\n");
         linked_list * newerr = malloc(sizeof(linked_list));
         newerr->content = malloc(sizeof(unsigned long));
         memcpy(newerr->content, &err, sizeof(unsigned long));
@@ -355,7 +354,8 @@ deinit:
     return res;
 }
 
-result * OpenSSL_verify(const char *text, const char *pem_cert) {
+
+result * OpenSSL_verify(const char *text, char **pem_cert, const int num_certs) {
     // https://github.com/openssl/openssl/blob/master/demos/cms/cms_dec.c
     result *ver = malloc(sizeof(result));
     ver->certs = NULL;
@@ -365,9 +365,10 @@ result * OpenSSL_verify(const char *text, const char *pem_cert) {
     OpenSSL_initialize();
     char *realtext = NULL, *tmp=NULL;
     
-    BIO *in = NULL, *out = NULL, *sig_cert_bio = NULL;
+    BIO *in = NULL, *out = NULL;
     // recipient certificate
-    X509 *sig_cert = NULL;
+    X509 **sig_certs = malloc(num_certs*sizeof(X509));
+    
     STACK_OF(X509) *cert_stack= NULL;
     X509_STORE *cert_store = NULL;
     CMS_ContentInfo *cms = NULL;
@@ -378,36 +379,43 @@ result * OpenSSL_verify(const char *text, const char *pem_cert) {
     cert_store = X509_STORE_new();
 
     // this trick allows to hardcode a certificate as a string
-    sig_cert_bio = BIO_new_mem_buf(pem_cert, (int) strlen(pem_cert));
+    for (int i = 0; i<num_certs; i++) {
+        BIO *sig_cert_bio = BIO_new_mem_buf(pem_cert[i], (int) strlen(pem_cert[i]));
+        
+        if (!sig_cert_bio) {
+            printf("VERT Failed reading mykey.pem!\n");
+            goto loopend;
+        }
+        
+        sig_certs[i] = PEM_read_bio_X509(sig_cert_bio, NULL, 0, NULL);
+        if (!sig_certs[i] ) {
+            printf("VERT Failed reading pem cert %d\n |", i);
+            
+            goto loopend;
+        }
+
+        if (!X509_STORE_add_cert(cert_store, sig_certs[i])) {
+            printf("VERT Failed at adding cert to store\n");
+            goto loopend;
+        }
+        
+        loopend:
+        BIO_free(sig_cert_bio);
+    }
     
     in = BIO_new_mem_buf(text,(int) strlen(text)); // simpletest
     
-    if (!sig_cert_bio) {
-        printf("Failed reading mykey.pem!\n");
-        goto deinit;
-    }
     
-    sig_cert = PEM_read_bio_X509(sig_cert_bio, NULL, 0, NULL);
-    if (!sig_cert ) {
-        printf("Failed reading pem cert\n");
-        goto deinit;
-    }
-
-    if (!X509_STORE_add_cert(cert_store, sig_cert)) {
-        printf("Failed at adding cert to store\n");
-        goto deinit;
-    }
-
     cms = SMIME_read_CMS(in, &detached);
     if (!cms) {
-        printf("\nVER Failed at SMIME_READ");
+        printf("\nVERT VER Failed at SMIME_READ");
         goto deinit;
     }
      
     out = BIO_new(BIO_s_mem());
     ERR_clear_error(); 
     if (!CMS_verify(cms, NULL, cert_store, detached, out, 0)) {
-        printf("Verification failed");
+        printf("VERT Verification failed");
         goto deinit;
     }
     
@@ -431,10 +439,33 @@ deinit:
     CMS_ContentInfo_free(cms);
     BIO_free(in);
     BIO_free(out); // also frees tmp
-    BIO_free(sig_cert_bio);
-    X509_free(sig_cert);
+    X509_STORE_free(cert_store);
+    for (int i =0;i>num_certs;i++) X509_free(sig_certs[i]); //We need to free all certs
     OpenSSL_deinitialize();
     // OpenSSL ver 1.0.2.f has a bug (seemingly) that causes a crash when freeing cms content info pointers
     return ver;
 }
 
+char ** init_str_arr(int num)
+{
+    char ** arr = malloc(num*sizeof(char*));
+    return arr;
+}
+char ** add_str_to_arr(const char *str, char **arr, int i)
+{
+    int len = strlen(str);
+    char *newstr = malloc(len+1);
+    memcpy(newstr, str, len);
+    newstr[len]=0;
+    arr[i]=newstr;
+    return arr;
+}
+
+void deallocate_str_arr(char **arr, int len)
+{
+    for (int i=0; i < len; i++){
+        free(arr[i]);
+    }
+    free(arr);
+}
+
diff --git a/enzevalos_iphone/c/openssl-helpers.h b/enzevalos_iphone/c/openssl-helpers.h
index 8f30d73cde0517a7c71332330977fd3801fe5772..92bb5f65ef434f1104465471d7afcf066e55b1bd 100644
--- a/enzevalos_iphone/c/openssl-helpers.h
+++ b/enzevalos_iphone/c/openssl-helpers.h
@@ -49,7 +49,11 @@ char *get_err_string(unsigned long err);
 result * OpenSSL_encrypt(const char *text, const char *pem);
 result * OpenSSL_decrypt(const char *str, const char *pem);
 result * OpenSSL_sign(const char *text, const char *pem, const int detached);
-result * OpenSSL_verify(const char *text, const char *pem_cert);
+result * OpenSSL_verify(const char *text, char **pem_cert, const int num_certs);
+char ** init_str_arr(int num);
+char ** add_str_to_arr(const char *str, char **arr, int i);
+void deallocate_str_arr(char **arr, int len);
+
 
 int print_test(int);