Aumont - Comite Reseaux des Universites wrote:
>
> Hi
>
> I'am using openssl 0.95 for a perl product that must verify S/MIME
> messages. Here are some question :
>
> First i check the signature, tahat's easy, but I need also to check that
> the message sender and message signer are the same. So I need to extract
> fromthe message signature the signer email. That's not so easy because :
> if the CA is not a root CA, the output of openssl pckcs7 contain a chain
> with both the signer certificate DN and the CA certificate DN. Is there
> a way to extract just the signer subject ?
>
> Here is an exemple of how i use openssl in this step and the its output.
>
You can use the -signer option to smime -verify to extract the signer's
certificate. Check the 'smime' docs for more info. Then
opensslx509 -subject -noout
will get the subject name.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
