On 3/22/2013 10:09 PM, Walter H. wrote:
Hello,
I got two more replies of public time stamp servers,
- msrecv01ts-asn1.text
- msrecv02ts-asn1.text (used a different source, so the hash differs)
- msrecv03ts-asn1.text
the structure of these 3 replies look nearly the same as my two generated
- myreply01cms-asn1.text
This one lacks the data part, it seems to have been generated without
the "-nodetach" option.
- myreply02cms-asn1.text
This one has the data part, but lacks the "signingTime" attribute which
is the whole point of this exercise.
but with mine there is shown an error
"the connection has reached the time limit or the reply of the time
stamp service is invalid"
here is my command:
openssl cms -sign -in octet.bin -binary -out reply.der -outform DER (
-noattr ) -nosmimecap -nodetach -signer ts.crt -inkey ts.key -passin
file:ts.pass
( octet.bin is only the extracted hash of the request,
I presume you mean the data in the request, not the hash.
reply.der is the output,
ts.crt is the timestamp cert.
ts.key is the private key of the timestamp cert.
ts.pass is the pass phrase for the private key of the timestamp cert. )
both variants fail: with -noattr or without -noattr
what went wrong?
can someone please help me?
Thanks,
Walter
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
