Hi all, I'm trying to verify a PDF that was signed with S-Trust Sign-IT. Thats a software sold by a german bank and used for qualified digital signatures. >From a technical point of view its just an SMIME Signature.
I'm running this command: [EMAIL PROTECTED]:~/test/openssl/strust$ openssl smime -binary -verify -in rechnung.pdf.p7s -inform der -out /dev/null -content rechnung.pdf -CAfile strustx.pem Where rechnung.pdf.p7s contains the signature, and strustx.pem the root and subcertificates. I'm getting this error, also the Sign-IT Software confirms the signature as valid: Verification failure 19424:error:04077064:rsa routines:RSA_verify:algorithm mismatch:rsa_sign.c:228: 19424:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature failure:pk7_doit.c:961: 19424:error:21075069:PKCS7 routines:PKCS7_verify:signature failure:pk7_smime.c:299: I searched the web for quite a long time, but I can't find anything explaining the errormessage to me. Did I miss an argument that has to be passed to openssl or is it more likly that Sign-IT isn't compatible to OpenSSL? Thanks for any help! Regards Ben ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
