[openssl-users] Payload-checksum in PEM?
etc at coderhacks.com
etc at coderhacks.com
Thu Mar 8 16:52:56 UTC 2018
Thanks for your help!
But I am not sure I do fully understand that - not doing that every day.
Please one more hint - thanks.
I have a certificate (cer.txt; content is enclosed with ---BEGIN/END
CERTIFICATE---).
I can get the public-key out of that. (pubkey.txt; content is enclosed
---BEGIN/END PUBLIC KEY---).
I have the PEM (pem.txt; content is enclosed with ---BEGIN/END CMS---).
This is what I call the signature and I would expect to have a hash of
my original file somewhere inside of it.
If I do
openssl rsautl -pubin -raw -encrypt -inkey pubkey.txt -in pem.txt
I get an error (...rsa routines:RSA_padding_add_none:data too large for
key size...).
Am I doing something wrong or do I have the wrong ingredients?
I try to find the hashvalue that any other tool gives me when hashing
the original payload (myfile.txt).
Thanks
Chris
On 2018-03-08 17:31, Viktor Dukhovni wrote:
>
>> On Mar 8, 2018, at 11:25 AM, etc at coderhacks.com wrote:
>>
>> # openssl cms -sign -in myfile.txt -md md5 -signer cer.txt -inkey key.txt -outform PEM > pem.txt
>>
>> # md5sum myfile.txt
>>
>> Can I expect to find the md5sum checksum somewhere in the ASN1 of pem.txt???
>>
>> # openssl asn1parse -in pem.txt
>>
>> As far I see it is not there - but maybe it is just a quick step to it?
> When signing, the checksum is part of the signature, so you'd have to
> decrypt the signature block with the signer's public key via:
>
> openssl rsautl -pubin -raw -encrypt -inkey pubkey.pem
>
> and find the message digest there.
>
More information about the openssl-users
mailing list