On 10/01/2017 01:27 AM, Sam Roberts wrote:
On Thu, Sep 28, 2017 at 2:28 AM, ch <c...@coderhacks.com> wrote:
Hi!
I thought the difference between PEM and DER is NOT ONLY a different
encoding of the string?
base64 vs. binary
So to understand that clear please let me ask:
If I convert a PEM-signature from base64 to binary then it is DER?
Yes. Well, technically it could be BER as well, but the main point is
PEM is just a wrapper to transport binary via email safe text, and you
can unwrap it if you want. PEM also includes a header, so you know if
the object is a cert, a key, an encrypted message, etc, meta-data
which is not known if you just have the binary chunk.
Indeed, PEM for S/MIME looks like
-----BEGIN PKCS7-----
<base64 of DER SMIME>
-----END PKCS7-----
so you must add the header ("-----BEGIN PKCS7-----") and the trailer
Thanks
Chris
On 2017-09-28 11:23, Wouter Verhelst wrote:
On 28-09-17 01:19, ch wrote> If the pkcs-signature is binary encoded it
is not working for verifiying
a SMIME-message in my experience with
smime or cms-smime on the console. I tried to convert the binary ones to
base64 but that does not everytime the trick.
What you call "base64" is commonly known as "PEM" :-)
You can get it to parse binary, but to do so you need to specify
"-inform der".
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
