On Sat, Feb 02, 2008, Sebastian Patschorke wrote:

> Hello!
> I don't know how to use openssl, that it verifies me a signature for a pdf 
> document. This is what I tried:
> openssl smime -verify -in RGF131361240.pdf -signer 799562928.crt -out 
> RGF131361240.pdf.pkcs7
> RGF131361240.pdf is the original document, RGF131361240.pdf.pkcs7 the 
> signature and 799562928.crt contains the certificate.
> I got only this:
> Error reading S/MIME message
> 28968:error:2107A087:PKCS7 routines:SMIME_read_PKCS7:no content 
> type:pk7_mime.c:296
> Can someone please help me?
> Thanks

If the *.pkcs7 file is in binary format this would be a starting point:

openssl smime -verify -in foo.pkcs7 -content foo.pdf -inform DER -binary

that will probably complain about being unable to find the issuer certificate.
For testing purposes you can include the -noverify option which will tell you
it has otherwise checked the signature.

If that works you need to trust the appropriate root CA(s) and pass them to it
using the -CAfile or -CApath options.

Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to