Hello, I'm trying to verify an email signature using openssl.
I've saved the complete mail to a file named mail.eml, then I'm using openssl to verify: openssl smime -inform SMIME -CAfile all.pem -verify -in mail.eml which gives an error: 2674688:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319: 2674688:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=X509_SIG 2674688:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature failure:pk7_doit.c:1120: 2674688:error:21075069:PKCS7 routines:PKCS7_verify:signature failure:pk7_smime.c:410: Now I've also saved the base64 encoded signature only from the mime part into a separate file named mail_sig.txt to analyse further: openssl asn1parse -i -in mail_sig.txt which runs ok (at least there is no error shown) and prints out a nice tree, which at least to me does not show any errors (I'm a novice in this...). I'm using OpenSSL Version 1.0.1 14 Mar 2012 Any advice what may be wrong with the signature or how verify it in openssl? If needed, I can upload the e-mail or complete asn1parse output to pastebin or similar. Thanks for any help, Georg PS: I have to note that the complete story is longer: the email signature verifies fine in MS Outlook, but not in Thunderbird, so I tried to analyse this behavior and stumbled over the fact that openssl also has troubles verifying it. And Thunderbird most probably uses openssl libraries internally, so I've ended up here. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org