> On Apr 6, 2017, at 1:25 PM, Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu>
> wrote:
>
> I’m trying to debug the case of a (bad) email client sending encrypted S/MIME
> email that the recipient cannot decrypt (we suspect the problem is that the
> sender chooses a wrong public key/certificate to encrypt to).
>
> Unfortunately, recipient email clients do not help figuring this out. All
> they say is “you do not have the right key…”.
>
> My goal is to “unwrap” the CMS/SMIME message, and print out some identity of
> the recipient key/cert (anything that would allow me to tie this email to any
> of the keys I have, or to ascertain that it’s none of those) would help
> greatly. Printing out other details, such as “algorithms used” would also be
> helpful.
>
> I’m sure it’s possible to write an application to do that. But I strongly
> suspect that the “openssl” command line tool would be able to address this
> problem.
>
> Would somebody on this list please show me how I can print the “metadata”
> (yes, that big word ☺) of the S/MIME email using openssl?
For S/MIME input:
$ openssl cms -in cms.eml -cmsout -print
For DER input:
$ openssl cms -inform DER -in cms.der -cmsout -print
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
