[openssl-users] SMIME: 1.0.0e vs. 1.0.1e
c.holper at ades.at
c.holper at ades.at
Thu Feb 18 13:05:35 UTC 2016
Hello!
I have a little problem with an update from an old 1.0.0e (vanilla
compiled) vs.
debians (7.9, stable) 1.0.1e.
I try to verify an smime-signature
Tried with the same smime-file and with the same certificates on the
same machine.
The certificates are fine and are ok if I verify them.
openssl smime -verify -purpose any -in "myfile.txt" -out "myfile.out"
-CApath /etc/ssl/certs -CAfile "cert.cer"
It works fine with 1.0.0e.
Text: Verification successful
Return: 0
But I get the following with 1.0.1e.
Text: Verification failure
139728980395688:error:21071065:PKCS7
routines:PKCS7_signatureVerify:digest failure:pk7_doit.c:1169:
139728980395688:error:21075069:PKCS7 routines:PKCS7_verify:signature
failure:pk7_smime.c:410:
Return: 4
The myfile.txt (shortened):
------------------------------
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
micalg="sha1"; boundary="----EEFE59145E95831000EE06DE4309E3A9"
This is an S/MIME signed message
------EEFE59145E95831000EE06DE4309E3A9
Content-Transfer-Encoding: binary
Content-Type: application/edi-consent
Content-Disposition: attachment; name="abc.xml"; filename="abc.xml"
<?xml version='1.0' encoding='utf-8'?>
......
......
------EEFE59145E95831000EE06DE4309E3A9
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
MIIIawYJKoZIhvcN7nTRPWZsxevEqzakh6vKxTTE8sn5mzeU4QoEqAP1EOuATPan0VpAXtfJfBQfq/I=
...
EEFE59145E95831000EE06DE4309E3A9
---------------------------------
Can anyone please help, thanks!
Best regards,
christoph
More information about the openssl-users
mailing list