Another S/MIME Problem

Mon, 06 Jan 2003 09:03:40 -0800 

Hi all (or Steve....)

I just received another mail that I'm not able to verify using openssl
smime (version 0.9.6 or 0.9.7).

When I issue the command:

openssl smime -verify -certfile markus.crt -in mail.txt  -CAfile canew.pem

or

openssl smime -verify -nointern -certfile markus.crt -in mail.txt  -CAfile
canew.pem

I get the following errors (with openssl 0.9.7) :

Verification failure
5268:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type
is not 01:rsa_pk1.c:100:
5268:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check
failed:rsa_eay.c:462:
5268:error:0D089006:asn1 encoding routines:ASN1_verify:EVP
lib:a_verify.c:162:
5268:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify
error:pk7_smime.c:222:Verify error:certificate signature failure

The mail was signed using Outlook Express Version 6.00.2800.1123, with the
option to not include the digital signature in the mail.


Has anybody got an idea what's wrong here?

Attached are the mail, the signers certificate and the ca file.

Bye
Tim

Attachment: canew.pem
Description: Binary data

Envelope-to: [EMAIL PROTECTED]
Received: from [212.243.8.143] (helo=hblnok01)
        by ebanking.hbl.ch with smtp (Exim 3.35 #1)
        id 18V9hF-0007sH-00
        for [EMAIL PROTECTED]; Sun, 05 Jan 2003 13:16:06 +0100
Received: from mail.gmx.net ([213.165.65.60]) by hblnok01; Sun, 05 Jan 2003 13:20:54 
+0100 (CET)
Received: (qmail 17749 invoked by uid 0); 5 Jan 2003 12:18:51 -0000
Received: from pop-ls-09-1-dialup-226.freesurf.ch (HELO mandax) (194.230.235.226)
  by mail.gmx.net (mp005-rz3) with SMTP; 5 Jan 2003 12:18:51 -0000
Message-ID: <002c01c2b4b5$349a4180$e2ebe6c2@mandax>
From: =?iso-8859-1?Q?Markus_S=E4uberli?= <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: =?iso-8859-1?Q?Testsignatur_f=FCr_KGY?=
Date: Sun, 5 Jan 2003 13:22:39 +0100
MIME-Version: 1.0
Content-Type: multipart/signed;
        protocol="application/x-pkcs7-signature";
        micalg=SHA1;
        boundary="----=_NextPart_000_001D_01C2B4BD.84DA1AA0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1123
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1123
X-MSOESRec: 797374-2003 10 512223950-00840101011501160115

This is a multi-part message in MIME format.

------=_NextPart_000_001D_01C2B4BD.84DA1AA0
Content-Type: multipart/alternative;
        boundary="----=_NextPart_001_001E_01C2B4BD.84DA1AA0"


------=_NextPart_001_001E_01C2B4BD.84DA1AA0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

hallo Markus

ich hoffe dass Du Dich erholen konntest und wieder gesund bist.

Ich hab eine Bitte an Dich: gerade vorhin habe ich eine neue Version des =
Exim-Mailservers installiert, welche Trivadis aktualisiert hat.
Damit sollten nun auch die Zertifikate richtig verifiziert werden =
k=F6nnen, welche nicht das ganze Zertifikat im Mail mitliefern.
K=F6nntest Du es versuchen, indem Du das omin=F6se H=E4ckchen wieder =
herausnimmst und Du damit ein signiertes Mail an [EMAIL PROTECTED] =
sendest?

vielen Dank, sch=F6nes Wochenende und bis am Montag

Gruss
Kurt

------=_NextPart_001_001E_01C2B4BD.84DA1AA0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1106" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2><FONT face=3D"Times New Roman" =
size=3D3>hallo=20
Markus<BR><BR>ich hoffe dass Du Dich erholen konntest und wieder gesund=20
bist.<BR><BR>Ich hab eine Bitte an Dich: gerade vorhin habe ich eine =
neue=20
Version des Exim-Mailservers installiert, welche Trivadis aktualisiert=20
hat.<BR>Damit sollten nun auch die Zertifikate richtig verifiziert =
werden=20
k=F6nnen, welche nicht das ganze Zertifikat im Mail =
mitliefern.<BR>K=F6nntest Du es=20
versuchen, indem Du das omin=F6se H=E4ckchen wieder herausnimmst und Du =
damit ein=20
signiertes Mail an </FONT><A href=3D"mailto:[EMAIL PROTECTED]";><FONT=20
face=3D"Times New Roman" size=3D3>[EMAIL PROTECTED]</FONT></A><FONT=20
face=3D"Times New Roman" size=3D3> sendest?<BR><BR>vielen Dank, =
sch=F6nes Wochenende=20
und bis am =
Montag<BR><BR>Gruss<BR>Kurt</FONT><BR></FONT></DIV></BODY></HTML>

------=_NextPart_001_001E_01C2B4BD.84DA1AA0--

------=_NextPart_000_001D_01C2B4BD.84DA1AA0
Content-Type: application/x-pkcs7-signature;
        name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
        filename="smime.p7s"

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAMYICMzCCAi8C
AQEwbTBfMQswCQYDVQQGEwJDSDEgMB4GA1UEChMXSHlwb3RoZWthcmJhbmsgTGVuemJ1cmcxFDAS
BgNVBAsTC0NBIFNlcnZpY2VzMRgwFgYDVQQDEw9IQkwgZUJhbmtpbmcgQ0ECChV3eaAAAAAAAD0w
CQYFKw4DAhoFAKCCARwwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcN
MDMwMTA1MTIyMjM5WjAjBgkqhkiG9w0BCQQxFgQUCa0lpsXWX9RuI4DnSxCyZPXUuEYwWwYJKoZI
hvcNAQkPMU4wTDAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYF
Kw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4DAh0wYAYLKoZIhvcNAQkQAgExUTBPBC03OTczNzQt
MjAwMyAxMCA1MTIyMjM5NTAtMDA4NDAxMDEwMTE1MDExNjAxMTWAAQAwGzAZgRdtYXJrdXMuc2Fl
dWJlcmxpQGdteC5jaDANBgkqhkiG9w0BAQEFAASBgD3C5Tmmn1jVkLNhTAU18aNKK3MTZUkFpb88
mQY5FYYuHBqF4iBgh4wOvkhoTEYwhiexK7k6LL8DdD2cqdDYi/OrsMICSvKfvAlTLx8oww6QBJIE
jxP/LM2zGOm23uSA+5VIMtWVGU+nRHt/bFSRjtLIojpIRUcEoZxR/plhnYyuAAAAAAAA

------=_NextPart_000_001D_01C2B4BD.84DA1AA0--

Attachment: markus.crt
Description: Binary data

Reply via email to