[openssl-users] gpgsm/openssl cms detached signatures verification fails
Jakob Bohm
jb-openssl at wisemo.com
Mon May 15 21:25:05 UTC 2017
On 15/05/2017 17:54, Andreas Fenkart wrote:
> Hi list,
> I'm experimenting with openssl/gnupg interoperability. It seems the
> least common multiple is cms. I didn't find a way to produce output
> with opengpg to work with 'openssl dgst' directly. Am I wrong, is
> there a simpler way?
> ...
> The :messageDigest hash codes are the same for detached/non-detached
> but the :rsaEncryption differ (salt, timestamp?) The messageDigest
> does not match the output from sha256sum
>
> Repeating the some for the gpgsm genarated signatures, I can see that
> the messageDigest matches directly the output of sha256sum.
>
> So openssl cms/gpgsm compute the sha256sum differently in the detached case.
> Is there a hidden flag to make either tool behave like the other?
Look at the documentation of the openssl cms "-inform SMIME",
"-outform SMIME" and "-binary" options.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users
mailing list