Sean Walker wrote:
>
> I'm working with some data generated by a program that I have no control
> over. I am trying to verify a pkcs7 signature generated by it. Could someone
> take a look at the data I have and tell me what utilities I should use to
> accomplish this? I've never had to deal with this type of data before. The
> best I could do was create myself a fake email message with this as the
> signature and get the following error using smime:
>
> Verification Failure
> 3456:error:21075076:PKCS7 routines:PKCS7_verify:content and data
> present:pk7_smime.c:175:
>
> If you would like the actual data returned by this, just ask. I'll send it
> to you. It is a bit large to send to the list.
>
Well the 0.9.6 beta release allows PKCS#7 verification using the smime
program in other formats such as PEM and DER.
What you are probably doing is attempting to create a multipart/signed
message and the "signature" already contains the content hence the
error.
If you want to do things that way try looking at a sample signed message
with the -nodetach option and duplicate that.
If that doesn't help send it to me, provided it isn't 10Mb long!
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
