Re: Using OpenSSL to verify a FireFox signed form

2005-05-26 Thread Chris Covell
Hello there, thanks for taking the time to help ! Have you tried the -binary option too? Yes I have tried using binary... to no avail ! I have now gone back to basics and writen a short web page that just asks for a signature and then writes the signature (with -BEGIN PKCS7- header and

Re: Using OpenSSL to verify a FireFox signed form

2005-05-26 Thread Chris Covell
OK, I have sorted this out ! Thanks for those who have taken the time to look at my problem. The issue in the end was that vi was putting a \n at the end of my content file. [EMAIL PROTECTED] sbs]$ cat test_content.txt sign test [EMAIL PROTECTED] sbs]$ hexdump -c test_content.txt 000 s i

Re: Using OpenSSL to verify a FireFox signed form

2005-05-25 Thread Victor B. Wagner
On 2005.05.24 at 14:33:29 +0100, Chris Covell wrote: I am now using this command: $ openssl smime -verify -inform PEM -in signature.pk7 -CAfile development_cm.pem -content content.txt And I get this output: content Verification failure 2788:error:21071065:PKCS7

Re: Using OpenSSL to verify a FireFox signed form

2005-05-25 Thread Chris Covell
Victor, $ openssl smime -verify -inform PEM -in signature.pk7 -CAfile development_cm.pem -content content.txt Yes, CR/LF can be a problem. Many MTA feel free to convert eol from CR/LF to LF and vice versa. Yeah, but I am not using an MTA, I am signing the data in FireFox browser and

Re: Using OpenSSL to verify a FireFox signed form

2005-05-25 Thread Dr. Stephen Henson
On Wed, May 25, 2005, Chris Covell wrote: Victor, $ openssl smime -verify -inform PEM -in signature.pk7 -CAfile development_cm.pem -content content.txt Yes, CR/LF can be a problem. Many MTA feel free to convert eol from CR/LF to LF and vice versa. Yeah, but I am not using an

Re: Using OpenSSL to verify a FireFox signed form

2005-05-25 Thread M.E. Post
. cheers Meint - Original Message - From: Chris Covell [EMAIL PROTECTED] To: openssl-users@openssl.org Sent: Wednesday, May 25, 2005 3:14 PM Subject: Re: Using OpenSSL to verify a FireFox signed form Victor, $ openssl smime -verify -inform PEM -in signature.pk7 -CAfile

Using OpenSSL to verify a FireFox signed form

2005-05-24 Thread Chris Covell
Hello there, I have a signature signed using FireFox browser and want to verify the signature using OpenSSL. The signature seems to be in PEM format (i.e. base 64 encoded). I can see the certificates that were used in the signature using: openssl pkcs7 -print_certs -noout -in signature.pk7

Re: Using OpenSSL to verify a FireFox signed form

2005-05-24 Thread Victor B. Wagner
On 2005.05.24 at 11:14:08 +0100, Chris Covell wrote: But if I try and verify the signature using (as described in the OpenSSL command line manual): openssl smime -verify -inform PEM -in signature.pk7 -signer signer_pub.key -certfile certs.pem -content content I get the message:

Re: Using OpenSSL to verify a FireFox signed form

2005-05-24 Thread Chris Covell
Victor, many thanks, I have got a bit further ! I am sure I am nearly there, can anyone help me please ? It asks for local (i.e. trusted) certificate of security authority, who've issued (i.e. signed) signer's certificate. Either provide path to the place where your trusted certificates