Hi all I think I've encountered a bug in openssl smime.
I try to verify a mail signed with outlook using the option not to include the certificate in the signature. >From what I can figure out, this should be possible with openssl using the options: openssl smime -verify -signer tim.crt -in message.txt -nointern -CAfile cas.crt or openssl smime -verify -noverify -signer tim.crt -in message.txt -nointern However, I always get the error: 2278:error:2107C080:PKCS7 routines:PKCS7_get0_signers:signer certificate not found:pk7_smime.c:317: It seems openssl always tries to retrieve the signers certificate, althought I explicitely override this with -nointern. Is this a known bug and/or even already fixed in the openssl 0.9.7 betas? Attached is my test case. Bye Tin
From: "Tim Tassonis" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Eine sehr kurze Meldung Date: Fri, 27 Dec 2002 21:05:21 +0100 MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_000D_01C2ADEB.AAE04720" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Return-Path: [EMAIL PROTECTED] X-OriginalArrivalTime: 27 Dec 2002 20:04:18.0390 (UTC) FILETIME=[2375CF60:01C2ADE3] This is a multi-part message in MIME format. ------=_NextPart_000_000D_01C2ADEB.AAE04720 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Hallo Tim Nur zum Test. Tim ------=_NextPart_000_000D_01C2ADEB.AAE04720 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAMYICQjCCAj4C AQEwgd4wgckxCzAJBgNVBAYTAkNIMRQwEgYDVQQKEwtUcml2YWRpcyBBRzEfMB0GA1UECxMWVmVy aVNpZ24gVHJ1c3QgTmV0d29yazE7MDkGA1UECxMyVGVybXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3 LnZlcmlzaWduLmNvbS9ycGEgKGMpMDIxMDAuBgNVBAsTJ0NsYXNzIDIgT25TaXRlIEluZGl2aWR1 YWwgU3Vic2NyaWJlciBDQTEUMBIGA1UEAxMLVHJpdmFkaXMgQ0ECEGx4jqcK2t21YlVqOLEtUhQw CQYFKw4DAhoFAKCBujAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0w MjEyMjcyMDA1MjFaMCMGCSqGSIb3DQEJBDEWBBR61aEMmfHlZiWDvkTAVDZClZT2qjBbBgkqhkiG 9w0BCQ8xTjBMMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUr DgMCBzANBggqhkiG9w0DAgIBKDAHBgUrDgMCHTANBgkqhkiG9w0BAQEFAASBgJFbghLQ2SajBoSP zb8M727Ix7/16CaADa/URESJLU74ovnB0vk3Z+WnX9tWx/42EZjj0E/IPQbZ8GBdjuHb14i/bOW4 Rtv4T+ad/LpihiEbDw0Zv4QRKUAcO76QcEWDKN+YmWBHharkbsVoXK00rexwzCyT4DvZvm6PeUXb nzG0AAAAAAAA ------=_NextPart_000_000D_01C2ADEB.AAE04720--
cas.crt
Description: Binary data
tim.crt
Description: Binary data