> From: owner-openssl-us...@openssl.org On Behalf Of Josÿffffe9
Fernÿffffe1ndez
> Sent: Friday, 24 September, 2010 05:04
(It appears your mailer, or perhaps a relay, mangled your name. Sorry.)
> We are signing files with openssl. We use this command (UNIX
machine):
> openssl smime -sign -binary -outform PEM -in myfile.dat
> -out myfile.dat.sig -signer cert.pem -inkey keyfile.pem
> To verify the signed file, we use this other command (PC with
Windows):
> openssl smime -verify -noverify -inform PEM -in
myfile.fil.sig
> -signer cert.pem -content fichero.fil > NUL 2>myfile.log
I assume fichero.fil should be a copy of the original myfile.dat .
> The file to sing (myfile.dat) is a binary file.
> This has always worked right, but some days ago, we are getting
> an error message when we try to verify a signed file.
> Verification failure
> 1072:error:21071065:PKSC7 routines:PKCS7_signatureVerify:digest
failure:.\crypto
> \pkcs7\pk7_doit.c:1051:
> 1072:error:21075069:PKSC7 routines:PKCS7_verify:signature
failure:.\crypto\pkcs7
> \pk7_smime.c:410:
Something is wrong with your file transfer or file.
Manually take hashes at both ends and compare them.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
