<div dir="ltr"><div dir="ltr"><div>Hello Matt,</div><div><br></div><div>Thank you for your reply!<br></div></div><div><br></div><div>I am not quite sure if I should do something more but specifying "<span style="font-family:monospace,monospace">-binary</span>" alone does not seem to help:<br></div><div><br></div><div><span style="font-family:monospace,monospace"># 1.0.2r<br></span></div><div><span style="font-family:monospace,monospace">$ /usr/local/opt/openssl/bin/openssl cms -verify -inform der -in test.der -content test-data.bin -noverify -binary > /dev/null<br>Verification successful</span></div><div><span style="font-family:monospace,monospace"><br></span></div><div><span style="font-family:monospace,monospace"># 1.1.1b<br></span></div><div><span style="font-family:monospace,monospace">$ /usr/local/opt/openssl\@1.1/bin/openssl cms -verify -inform der -in test.der -content test-data.bin -noverify -binary > /dev/null<br>Verification failure<br>4465374656:error:04091068:rsa routines:int_rsa_verify:bad signature:crypto/rsa/rsa_sign.c:220:<br>4465374656:error:2E09809E:CMS routines:CMS_SignerInfo_verify:verification failure:crypto/cms/cms_sd.c:741:</span><br></div><div><br></div><div>Other ideas are much appreciated!</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Apr 1, 2019 at 3:58 PM Matt Caswell <<a href="mailto:matt@openssl.org">matt@openssl.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
<br>
On 01/04/2019 14:46, Steffen wrote:<br>
> Hello,<br>
> <br>
> I am struggling with using OpenSSL 1.1.1 to verify a PKCS #7/CMS structure.<br>
> Verification succeeds when I use OpenSSL 1.0.2, but 1.1.0 and 1.1.1 fails with<br>
> "bad signature". I initially had this problem when using the OpenSSL library but<br>
> I see that the problem also applies to the OpenSSL CLI.<br>
<br>
Could be this (from CHANGES):<br>
<br>
*) Fixed a text canonicalisation bug in CMS<br>
<br>
Where a CMS detached signature is used with text content the text goes<br>
through a canonicalisation process first prior to signing or verifying a<br>
signature. This process strips trailing space at the end of lines, converts<br>
line terminators to CRLF and removes additional trailing line terminators<br>
at the end of a file. A bug in the canonicalisation process meant that<br>
some characters, such as form-feed, were incorrectly treated as whitespace<br>
and removed. This is contrary to the specification (RFC5485). This fix<br>
could mean that detached text data signed with an earlier version of<br>
OpenSSL 1.1.0 may fail to verify using the fixed version, or text data<br>
signed with a fixed OpenSSL may fail to verify with an earlier version of<br>
OpenSSL 1.1.0. A workaround is to only verify the canonicalised text data<br>
and use the "-binary" flag (for the "cms" command line application) or set<br>
the SMIME_BINARY/PKCS7_BINARY/CMS_BINARY flags (if using CMS_verify()).<br>
[Matt Caswell]<br>
<br>
Matt<br>
<br>
> <br>
> I am at loss and need some help with this issue. Please see the commands I used<br>
> below. Thank you for any assistance you can provide!<br>
> <br>
> Notes:<br>
> <br>
> * "-noverify" was used because the certificates expired.<br>
> * Verification succeeds when specifying "-nosigs".<br>
> * "openssl cms -verify [...]" behaves the same way.<br>
> * Since the files I am working with (test.der and test-data.bin) are part of a<br>
> private project, I am not ready to share these in public.<br>
> * I do not know exactly how the message structure was created but I guess<br>
> either with some OpenSSL 1.0.2, Java with or without BouncyCastle.<br>
> <br>
> Commands used:<br>
> <br>
> # Environment: macOS 10.14.3 / Homebrew<br>
> <br>
> $ /usr/local/opt/openssl/bin/openssl version<br>
> OpenSSL 1.0.2r 26 Feb 2019<br>
> <br>
> $ /usr/local/opt/openssl/bin/openssl smime -verify -inform der -in test.der<br>
> -content test-data.bin -noverify<br>
> Verification successful<br>
> <br>
> $ /usr/local/opt/openssl\@1.1/bin/openssl version<br>
> OpenSSL 1.1.1b 26 Feb 2019<br>
> <br>
> $ /usr/local/opt/openssl\@1.1/bin/openssl smime -verify -inform der -in test.der<br>
> -content test-data.bin -noverify<br>
> Verification failure<br>
> 4563408320:error:04091068:rsa routines:int_rsa_verify:bad<br>
> signature:crypto/rsa/rsa_sign.c:220:<br>
> 4563408320:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature<br>
> failure:crypto/pkcs7/pk7_doit.c:1037:<br>
> 4563408320:error:21075069:PKCS7 routines:PKCS7_verify:signature<br>
> failure:crypto/pkcs7/pk7_smime.c:353:<br>
</blockquote></div>