On Tue, Dec 16, 2003, Dr. Stephen Henson wrote: > On Tue, Dec 16, 2003, [EMAIL PROTECTED] wrote: > > > > > Steve, > > > > thanks for the reply. I agree that I will need to be able to verify the > > signer's cert chain. If by signer you mean the CA and trusted root that > > signed the end entity cert. However, currently I am unable to parse the P7 > > object to be able to see any meaningful information and using the smime > > command suggested failed with the following error. > > > > C:\OpenSSL\bin>OPENSSL smime -verify -inform der -in > > "a:\p7-sig-object-ascii.txt" -CAfile "A:\cafile-PEM.CER" > > Error reading S/MIME message > > 303:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong > > tag:.\crypto\asn1\tasn_dec.c:939: > > 303:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 > > error:.\crypto\asn1\tasn_dec.c:304:Type=PKCS7 > > > > You'll need the binary form of the signature as input to that command. Its > filename suggests it's ASCII :-) >
It also depends on what form that ASCII file is in. If you could post it or send it to me I'll have a look at it. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
