smime command line issue

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

smime command line issue

Todd Wease
I'm reading the OpenSSL O'Reilly book and am going through the command
line examples in Chapter 2.  I've tried the smime examples that encrypt
and decrypt a message.  The message is successfully decrypted and looks
exactly like the initial message as expected.  However doing a straight
diff between the original message and decrypted message results in them
being seen as two completely different files whereas using the -b option
(ignores changes in the amount of whitespace) yields the expected result
in no differences.  I've thrown both files in vim and :set list and I
can not for the life of me see where there are any differences in
whitespace.

Here are the commands I used to encrypt and decrypt the message:

$ openssl smime -encrypt -in mail.txt -des3 -out \  
  mail.enc ../rootcert.pem

$ openssl smime -decrypt -in mail.enc -recip ../rootcert.pem \
  -inkey ../rootkey.pem -out plain.txt

$ diff mail.txt plain.txt  # entire contents of each file listed

$ diff -b mail.txt plain.txt  # no differences

I've used the same technique in diffing the original and decrypted files
using the symmetric and public key examples and the above didn't happen.
I guess I'm curious what it is that is causing diff to think there is
whitespace differences even though none can be seen and if this is
something to worry about.

Thanks,
Todd

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: smime command line issue

Dr. Stephen Henson
On Sun, Jul 03, 2005, Todd Wease wrote:

> I'm reading the OpenSSL O'Reilly book and am going through the command
> line examples in Chapter 2.  I've tried the smime examples that encrypt
> and decrypt a message.  The message is successfully decrypted and looks
> exactly like the initial message as expected.  However doing a straight
> diff between the original message and decrypted message results in them
> being seen as two completely different files whereas using the -b option
> (ignores changes in the amount of whitespace) yields the expected result
> in no differences.  I've thrown both files in vim and :set list and I
> can not for the life of me see where there are any differences in
> whitespace.
>

Probably one has CR+LF as EOL and the other just LF. Its part of the S/MIME
standard that data must be "canonicalised" before signing or verifying it, for
text types this means making the EOF CR+LF. The canonical version is what the
verify utility outputs.

Something like 'cat -vte' on the two files should make the differences obvious.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]