How to verify a pkcs7 detached signature?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

How to verify a pkcs7 detached signature?

Andreas Hasenack
1. http://www.iti.br/twiki/pub/Main/PressRelease2005Jun28A/Assinador.tar.gz
2. http://www.iti.br/twiki/pub/Main/PressRelease2005Jun28A/Assinador.tar.gz.pkcs7

[2] is supposed to be a detached signature for [1], how can this be
verified with an openssl command? I was able to extract the certificate
from the .pkcs7 file, but I hit a wall there.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: How to verify a pkcs7 detached signature?

Pablo J Royo
Try this

openssl smime -verify -in Assinador.tar.gz.pkcs7 -inform DER -content
Assinador.tar.gz -signer signer_certificate.pem -noverify


----- Original Message -----
From: "Andreas Hasenack" <[hidden email]>
To: <[hidden email]>
Sent: Thursday, July 14, 2005 10:49 PM
Subject: How to verify a pkcs7 detached signature?


> 1.
http://www.iti.br/twiki/pub/Main/PressRelease2005Jun28A/Assinador.tar.gz
> 2.
http://www.iti.br/twiki/pub/Main/PressRelease2005Jun28A/Assinador.tar.gz.pkc
s7

>
> [2] is supposed to be a detached signature for [1], how can this be
> verified with an openssl command? I was able to extract the certificate
> from the .pkcs7 file, but I hit a wall there.
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: How to verify a pkcs7 detached signature?

Andreas Hasenack
On Fri, Jul 15, 2005 at 08:22:10AM +0200, Pablo J Royo wrote:
> Try this
>
> openssl smime -verify -in Assinador.tar.gz.pkcs7 -inform DER -content
> Assinador.tar.gz -signer signer_certificate.pem -noverify

That works, thanks!

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]