[openssl-users] PKCS7 and RSA_verify
ch at coderhacks.com
Wed Sep 27 22:02:17 UTC 2017
I am working on a tool for verifying SMIME-messages.
Because cms and smime is only able to verify base64 pkcs7-signatures I
try to do it "manually" and I now have a problem with the signing-timestamp.
Lets do an example:
openssl smime -sign -md sha1 -in plain.txt -inkey mykey -signer
mycert -noattr -outform der | openssl asn1parse -inform der
If I put plain.txt and the 128 byte signature (from asn1parse out of the
pkcs7) into RSA_verify it works perfectly.
Every call would produce the same signature-hexdump.
But if I remove the -noattr the signature-value will be different every
second and then RSA_verify it not working anymore.
How can I handle this?
More information about the openssl-users