[openssl-users] PKCS7 and RSA_verify

Dr. Stephen Henson steve at openssl.org
Wed Sep 27 23:06:45 UTC 2017

On Thu, Sep 28, 2017, ch wrote:

> Hello!
> I am working on a tool for verifying SMIME-messages.
> Because cms and smime is only able to verify base64 pkcs7-signatures
> I try to do it "manually" and I now have a problem with the
> signing-timestamp.

I'm not sure what you mean by "only able to verify base64 pkcs7-signatures"
it can handle PEM and DER forms too.

> Lets do an example:
> openssl smime -sign -md sha1  -in plain.txt  -inkey mykey -signer
> mycert  -noattr  -outform der | openssl asn1parse -inform der
> If I put plain.txt and the 128 byte signature (from asn1parse out of
> the pkcs7) into RSA_verify it works perfectly.
> Every call would produce the same signature-hexdump.
> But if I remove the -noattr the signature-value will be different
> every second and then RSA_verify it not working anymore.
> How can I handle this?

When you don't use attributes the signature is over performed over the
content. If you use attributes then the signature is over the encoding of a
bunch of attributes including a signing time and the digest of the content.
Because the signing time changes the data being signed in the attributes
changes too.

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list