[openssl-dev] Signing individual attachments?

Viktor Dukhovni openssl-users at dukhovni.org
Thu Feb 5 17:07:28 UTC 2015


On Thu, Feb 05, 2015 at 09:39:56AM -0700, Hilarie Orman wrote:

> Does openssl have support for S/MIME signatures on individual attachments?
> I would like to have attachment1 signed with identity1, attachment2 signed
> with identity2, and the whole message signed with identity3.  Email readers
> seem to get confused by this (but, I might have made a mistake in
> constructing the test message).
> 
> I think I can use openssl command line options to deconstruct such a
> message and verify the individual parts, but is there a single command
> that would handle it?

A multipart signed or unsigned message can contain another multipart
signed or unsigned.  The OpenSSL S/MIME command can decrypt and/or
verify the outer multipart (message).  If that message contains
parts that are in turn S/MIME messages, you'd have to extract those
parts and apply the process recursively.  The command-line tool
cannot AFAIK do this in one step.

-- 
	Viktor.


More information about the openssl-dev mailing list