Thanks for your help!
But I am not sure I do fully understand that - not doing that every day.
Please one more hint - thanks.
I have a certificate (cer.txt; content is enclosed with ---BEGIN/END
CERTIFICATE---).
I can get the public-key out of that. (pubkey.txt; content is enclosed
---BEGIN/END PUBLIC KEY---).
I have the PEM (pem.txt; content is enclosed with ---BEGIN/END CMS---).
This is what I call the signature and I would expect to have a hash of
my original file somewhere inside of it.
If I do
openssl rsautl -pubin -raw -encrypt -inkey pubkey.txt -in pem.txt
I get an error (...rsa routines:RSA_padding_add_none:data too large for
key size...).
Am I doing something wrong or do I have the wrong ingredients?
I try to find the hashvalue that any other tool gives me when hashing
the original payload (myfile.txt).
Thanks
Chris
On 2018-03-08 17:31, Viktor Dukhovni wrote:
On Mar 8, 2018, at 11:25 AM, etc@xxxxxxxxxxxxxx wrote:
# openssl cms -sign -in myfile.txt -md md5 -signer cer.txt -inkey key.txt -outform PEM > pem.txt
# md5sum myfile.txt
Can I expect to find the md5sum checksum somewhere in the ASN1 of pem.txt???
# openssl asn1parse -in pem.txt
As far I see it is not there - but maybe it is just a quick step to it?
When signing, the checksum is part of the signature, so you'd have to
decrypt the signature block with the signer's public key via:
openssl rsautl -pubin -raw -encrypt -inkey pubkey.pem
and find the message digest there.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
