[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
OpenSSL S/MIME validation against draft-ietf-smime-examples?
I tried to verify OpenSSL's S/MIME implementation using the sample messages in
First I ran into problems with their base64 encoding, which was rejected by
OpenSSL due to long lines. To make OpenSSL decode these files, I
reformatted the contents to fit into the 80 character/line restriction.
Then I tried the tests 5.1 and 5.9 (Basic DH-DSS signed contents, CMS and
No matter what I tried (different certificates, different options) I
couldn't make OpenSSL verify the document signature. The certificate chain
verification works, though. I tried something like the following (after
having converted the supplied certificates to pem):
$ openssl smime -verify -certfiles AliceDss.pem -CAfile CarlDssSelf.pem -in
This is some sample content.Verification Failure
386:error:0A071003::lib(10) :DSA_do_verify:BN lib:.\crypto\dsa\dsa_ossl.c:288:
A side comment, I tried the first basic validation test of the NIST X.509
Path Validation suite (http://csrc.nist.gov/pki/testing/x509paths.html),
which works. That one uses RSA.
Has anyone successfully verified the OpenSSL S/MIME implementation with
Are the samples incorrect? Am I using OpenSSL incorrectly?