Re: How to verify a SignedData (CMS, RFC3369) object?

From: Jean-Luc Cooke (jlcooke_at_engsoc.org)
Date: 07/11/05

• Next message: David W. Hodgins: "Re: Differences between Fingerprint, MessageDigest and Hash-Value of a document?"
• Previous message: Gregory G Rose: "Re: Do the possibility exist?(about hash function)"
• In reply to: greatx: "How to verify a SignedData (CMS, RFC3369) object?"
• Next in thread: greatx: "Re: How to verify a SignedData (CMS, RFC3369) object?"
• Reply: greatx: "Re: How to verify a SignedData (CMS, RFC3369) object?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 11 Jul 2005 18:09:32 GMT

openssl smime --help

JLC

greatx <x@greatx.net> wrote:
> Hi,

> I have a SignedData object (RFC3369 - Cryptographic Message Syntax,
> CMS) and want to verify that the digital signature is valid.

> This is the structure of the SidnedData:

> SignedData
> -version
> -digestAlgorithms
> --algorithms
> --parameters
> -encapContentInfo
> --eContentType
> --eContent <--- message used for the signing
> -certificates <--- certificate that has the public key
> -crls
> -signerInfos
> --signerInfo
> ---version
> ---sid
> ---digestAlgorithm
> ---signedAttrs
> ---signatureAlgorithm
> ---signature <--- signature to verify
> ---unsignedAttrs

> The PKI schema it would use is PKCS #1 V1.5 (RSA 1024 with SHA-1).

> Is there an application that will do the verification of a SignedData
> signature?
> How would I do this in Crypto++?
> Any other libraries that would do this? Samples?

> Thank you.
> Christian

-- 

---

• Next message: David W. Hodgins: "Re: Differences between Fingerprint, MessageDigest and Hash-Value of a document?"
• Previous message: Gregory G Rose: "Re: Do the possibility exist?(about hash function)"
• In reply to: greatx: "How to verify a SignedData (CMS, RFC3369) object?"
• Next in thread: greatx: "Re: How to verify a SignedData (CMS, RFC3369) object?"
• Reply: greatx: "Re: How to verify a SignedData (CMS, RFC3369) object?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Seems like selinux has broken gpg. ... sources-1.17.30-3.13') been unable to verify sender's digital signature ... on received mail. ... The system log has: ... (Fedora) Re: FFII.org and Paul Lutus getting stupid ... You need GnuPG to verify this message ... > Sure, but from the recent stats just gone out, looks like you are ... emails and the digital signature are legally ... (comp.os.linux.misc) Re: How to verify Exe or Dll files? ... I want to verify the digital signature of EXE or DLL file, ... I have searched internet, find the API WinVerifyTrust and some C++ ... (microsoft.public.dotnet.languages.vb) Re: How to verify a SignedData (CMS, RFC3369) object? ... > CMS) and want to verify that the digital signature is valid. ... > Any other libraries that would do this? ... (microsoft.public.platformsdk.security) Re: How to verify a SignedData (CMS, RFC3369) object? ... > CMS) and want to verify that the digital signature is valid. ... > Any other libraries that would do this? ... (microsoft.public.dotnet.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)