* Message by -Dr. Stephen Henson- from Thu 2009-05-14: > It does sound like S/MIME does exactly what you want using a detached > signature. That would be preferable as opposed to inventing an incompatible > version with possible security issues.
Ok, so how do I generate such a detached signature? I tried the
following:
$ echo foo > doc
$ openssl smime -sign -signer cert.pem -inkey privkey.pem \
-binary -outform pem -in doc -out doc.pem
'cert.pem' contains a selfsigned certificate, which I created for
testing. Now, as far as I understood, the above command results
in a PEM formatted PKCS#7 structure being in 'doc.pem'. It can in
fact be verified okay using:
$ openssl smime -verify -inform pem -content doc -in doc.pem -noverify
(It does not work when I omit '-binary', which took me a long
time to discover, since my document is a text file. Obviously, it
is still needed.)
Now, my original goal was to omit the certificate, so I created
the PKCS#7 thing with the additional option '-nocerts'. Indeed,
the resulting 'doc.pem' is smaller. However, verification seems
to require '-certfile cert.pem' now, which in turn requires that
the recipient knows which certificate to use.
Does the PKCS#7 structure that is created with '-nocerts' contain
any hint concerning the certificate needed for verification? If
so, how can it be extracted? Earlier, you wrote: "In PKCS#7 the
only permissible identifier is the issuer name and serial
number." So, it appears that I can hope for that information
(issuer name and serial number) at best.
Am I following the right trail, or did you mean something
different by "detached signature"?
Thank you!
Lasse
pgpLCbC21rlGi.pgp
Description: PGP signature
