On 10/01/2017 01:27 AM, Sam Roberts wrote:
On Thu, Sep 28, 2017 at 2:28 AM, ch <ch@xxxxxxxxxxxxxx> wrote:Hi! I thought the difference between PEM and DER is NOT ONLY a different encoding of the string? base64 vs. binary So to understand that clear please let me ask: If I convert a PEM-signature from base64 to binary then it is DER?Yes. Well, technically it could be BER as well, but the main point is PEM is just a wrapper to transport binary via email safe text, and you can unwrap it if you want. PEM also includes a header, so you know if the object is a cert, a key, an encrypted message, etc, meta-data which is not known if you just have the binary chunk.
Indeed, PEM for S/MIME looks like
-----BEGIN PKCS7-----
<base64 of DER SMIME>
-----END PKCS7-----
so you must add the header ("-----BEGIN PKCS7-----") and the trailer
Thanks Chris On 2017-09-28 11:23, Wouter Verhelst wrote:On 28-09-17 01:19, ch wrote> If the pkcs-signature is binary encoded it is not working for verifiyinga SMIME-message in my experience with smime or cms-smime on the console. I tried to convert the binary ones to base64 but that does not everytime the trick.What you call "base64" is commonly known as "PEM" :-) You can get it to parse binary, but to do so you need to specify "-inform der".-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
