RE: Verify signature without decryption

Thu, 04 May 2006 06:42:13 -0700 

> openssl smime -encrypt -des3 -sign -nodetach -signer filename.pem
> filename.crt <infile >outfile
>
> Where filename.pem is the pem file of the signer (containing both
> private and public key) and filename.crt is the public key of the
> recipient.
>
> I am trying to verify the signature with:
>
> openssl smime -verify -CAfile filename.pem <infile >outfile
>
> Where filename.pem contains the complete public certificate chain
> of the signer.
>
> Now the last command looks good, and it claims verification is
> succesfull, but it outputs the decrypted message too. How is this
> possible? I didn't have ANY private key available to the last command...

        Think about what you're asking OpenSSL to do. The command you give is
ambiguous. Unfortunately, OpenSSL does not reject it with an error but
instead does something other than what you wanted it to do.

        From a commonsense standpoint, what you are doing does not make much 
sense.
What's the point of being able to verify the authenticity of a message you
cannot understand? "Yep, this is authentic, but meaningless" is rarely
useful.

        A perfectly reasonable interpretation of your command is to sign the
plaintext and then encrypt it. This allows the signature to remain even
after the message is decrypted and it can travel along with the plaintext.
However, this makes signature validation impossible without decryption.

        You should encrypt the message and then sign it, if you're sure that's 
what
you want. In that case, the signature can be verified without decrypting the
message, however, nobody but the intended recipient can verify the signature
in any meaningful way.

        Think about it a bit and make sure that what you really want is for 
people
other than the intended recipient to be able to verify the signature on a
message they can make no sense of whatsoever. It's hard to imagine many
cases where that's useful, and in most cases where it seems useful, there
are better ways to get at least the usefulness you get this way.

        DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to