Hi.
I have just upgraded an amd64 system from OpenBSD 6.3 to 6.5 (passing
from 6.4, to be sure).
It seems that since OpenBSD 6.4 the -noverify option in openssl doesn't
work any more.
Here is the OpenBSD 6.3 output (openssl-63 is the openssl binary from 6.3):
aragorn:/home/giannici# /openssl-63 smime -verify -noverify -inform DER
-in file.p7m -out file
Verification successful
Here is the OpenBSD 6.4 output:
aragorn:/home/giannici# /openssl-64 smime -verify -noverify -inform DER
-in file.p7m -out file
Verification failure
14270753673760:error:04FFF068:rsa routines:CRYPTO_internal:bad
signature:/usr/src/lib/libcrypto/rsa/rsa_sign.c:249:
14270753673760:error:21FFF069:PKCS7 routines:func(4095):signature
failure:/usr/src/lib/libcrypto/pkcs7/pk7_doit.c:1072:
14270753673760:error:21FFF069:PKCS7 routines:func(4095):signature
failure:/usr/src/lib/libcrypto/pkcs7/pk7_smime.c:407:
Here is the OpenBSD 6.5 output:
aragorn:/home/giannici# /usr/bin/openssl smime -verify -noverify -inform
DER -in file.p7m -out file
Verification failure
19006006410240:error:04FFF068:rsa routines:CRYPTO_internal:bad
signature:/usr/src/lib/libcrypto/rsa/rsa_sign.c:249:
19006006410240:error:21FFF069:PKCS7 routines:func(4095):signature
failure:/usr/src/lib/libcrypto/pkcs7/pk7_doit.c:1072:
19006006410240:error:21FFF069:PKCS7 routines:func(4095):signature
failure:/usr/src/lib/libcrypto/pkcs7/pk7_smime.c:407:
Am I doing something wrong, that worked with 6.3 but no longer then?
Or is it a bug?
Thanks.
--
___________________________________________________
__
|- giann...@neomedia.it
|ederico Giannici http://www.neomedia.it
___________________________________________________
