Hello. I use OpenSSL 1.0.0a 1 Jun 2010 version. 1)Command "openssl smime -sign ..." generates output with added headers and meta-data in body with '\n' as line terminator but http://www.faqs.org/rfcs/rfc2822.html demands using only '\r\n' as line terminators.
2)Command "openssl smime -verify -CAfile caCert.pem -certfile cert.pem -in %1 -out %1plain" treats all line terminators in the body of verified message as \r\n (as described in rfc2822). If creator and signer of this message use \n terminator in the message body there is no way to get successful verification except manual splitting message into headers and body and processing verification with "-content" key. Logically valid verification process must not change any content during verification. Thanks for great tool. -- WBR, Kirill Danilov mailto:[email protected] <[email protected]>
|
Hello. I use OpenSSL 1.0.0a 1 Jun 2010 version. 1)Command "openssl smime -sign ..." generates output with added headers and meta-data in body with '\n' as line terminator but http://www.faqs.org/rfcs/rfc2822.html demands using only '\r\n' as line terminators. 2)Command "openssl smime -verify -CAfile caCert.pem -certfile cert.pem -in %1 -out %1plain" treats all line terminators in the body of verified message as \r\n (as described in rfc2822). If creator and signer of this message use \n terminator in the message body there is no way to get successful verification except manual splitting message into headers and body and processing verification with "-content" key. Logically valid verification process must not change any content during verification. Thanks for great tool. |
