Hi
I'am using openssl 0.95 for a perl product that must verify S/MIME
messages. Here are some question :
First i check the signature, tahat's easy, but I need also to check that
the message sender and message signer are the same. So I need to extract
fromthe message signature the signer email. That's not so easy because :
if the CA is not a root CA, the output of openssl pckcs7 contain a chain
with both the signer certificate DN and the CA certificate DN. Is there
a way to extract just the signer subject ?
Here is an exemple of how i use openssl in this step and the its output.
$ /usr/local/ssl/bin/openssl smime -nochain -pk7out -in /tmp/msg | \
/usr/local/ssl/bin/openssl pkcs7 -print_certs -noout
subject=/CN=Thawte Freemail [EMAIL PROTECTED]
issuer= /C=ZA/ST=Western Cape/L=Durbanville/O=Thawte Consulting/OU=Thawte PF R....
subject=/C=ZA/ST=Western Cape/L=Durbanville/O=Thawte Consulting/OU=Thawte PF R....
issuer= /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification ....
Thanks for your help.
-----------------------------------------------------------------------
Serge Aumont CRU campus Beaulieu Tel : 02 99 84 71 47
35042 Rennes Cedex fax : 02 99 84 71 11
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
S/MIME find the signer email
Aumont - Comite Reseaux des Universites Fri, 12 May 2000 03:19:55 -0700
- Re: S/MIME find the signer email Aumont - Comite Reseaux des Universites
- Re: S/MIME find the signer em... Dr Stephen Henson
