> [claes.west...@tieto.com - Thu May 06 17:32:44 2010]: > > Hello! > > I am trying to create a S/MIME document that is sent as a base64 coded > data element to a web service. When the server side decodes the base64 > and then tries to verify the document they get an error message. > faultstring=invalid signature format in message: + content hash found > in signedattributes different > On the serverside the ues a Java package from Bouncy Castle. > > I am using openssl version 0.9.7a Feb 19 2003 on a RedHat server. This > is not the latest RedHat version. > > The command that I use is > > openssl smime -sign -in $TEMPIN -signer > /usr/mumps/apo/cert/sws_sign_v3.pem -ink > ey /usr/mumps/apo/cert/sws_sign_v3.key -certfile > /usr/mumps/apo/cert/SITHS_CA_v3 > .cer -outform SMIME -out $TEMPOUT1 > > TEMPIN is the actual document which includes the part1 header. I have > replaced all the LF linebreaks whith CRLF. > > Does anybody recognize this problem? And is there a solution to it? > > Is it worth while trying to get a later version of openssl? >
That is an ancient version of OpenSSL. It is worth upgrading anyway as there are many bugs and security issues fixed since that version. The actual error message indicates that the content received doesn't match what it expects from the hash. This could be a line translation issue. What happens with the -binary command line switch? This should go to openssl-users and not the request tracker.. marking ticket as resolved. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
