Hi, [Please honor Mail-Followup-To and Cc me on replies: I am not subscribed to this list.]
Summary: please tell me how to handle S/MIME decryption and verification with gpgsm. I am working on integrating PGP and S/MIME with the Mailman mailing list manager, see http://non-gnu.uvt.nl/pub/mailman/ . I am considering using GPGME for this, with the pyme python interface. I am having troubles getting S/MIME emails (or CMS blobs) processed by GPGME. (Since GPGME uses libksba, it _should_ be able to handle these, I guess). For instance, when creating a detached-signed S/MIME email message, splitting the body off, and de-base64-ing the signature with recode /Base64 < sig.base64 > sig.CMS , calling gpgsm gives: gpgsm --verify sig.CMS body.txt gpgsm: Signature made 2005-10-21 11:40:54 using certificate ID 090E2BFC gpgsm: invalid signature: message digest attribute does not match calculated one . Feeding the complete message to openssl leads to a fine verification: openssl smime -verify -CAfile CA/ca-cert.pem mail.msg Verification successful Decrypting a de-base64-ed S/MIME message fails too: gpgsm --decrypt < encrypt.CMS gpgsm: unsupported algorithm `1.2.840.113549.3.2' gpgsm: (this is the RC2 algorithm) gpgsm: message decryption failed: Unsupported algorithm <GpgSM> Unfortunately I can't check this operation with openssl, since I have no way to export the private key from the keystore to a .pem-file, suitable for import to openssl... My setup allows me to encrypt and decrypt .pem files, using pyme's op_encrypt() and op_decrypt() routines. Any pointers or clues are very welcome. If more information about my setup is needed, I gladly supply these. Thanks, Bye, Joost -- Joost van Baal http://abramowitz.uvt.nl/ Tilburg University [EMAIL PROTECTED] The Netherlands
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
