openSSL tutorial not fully working - Can sign but cannot restore original file

Posted by djechelon on Super User See other posts from Super User or by djechelon
Published on 2012-10-23T21:29:09Z Indexed on 2012/10/23 23:04 UTC
Read the original article Hit count: 330

I'm writing, and testing, a little tutorial for my groupmates involved in an openSSL homework. We have a bunch of PDF files, I'm the CA and each one should send me a signed PDF for me to be verified.

I've told them to do the following (and tried to do it by myself)

  • Request and obtain a certificate (I'll skip this part)
  • Create a MIME message with the PDF file in it makemime -c "text/pdf" -a "Content-Disposition: attachment; filename=”Elaborato.pdf" Elaborato.pdf > Elaborato.pdf.msg
  • Sign with openSSL openssl smime -sign -in Elaborato.pdf.msg -out Elaborato.pdf.p7m -certfile ca.pem -certfile nomegruppo.crt -inkey nomegruppo.key -signer nomegruppo.crt

  • Verify with openssl smime -verify -in Elaborato.pdf.p7m -out Elaborato-verified.msg -CAfile ca.pem -signer nomegruppo.crt

  • Extract attachment with munpack Elaborato-verified.msg
  • View with Acrobat Reader

The problem is that even if I get a file that (from its binary content) resembles a PDF file my current Ubuntu PDF viewer doesn't read it. The XXXElaborato.pdf extracted by munpack is a little bit smaller than the original.

What's the problem with this procedure? In theory, they should send me the signed S/MIME message and I should be able to read the PDF within it. Why can't I restore the original content of the PDF file?

© Super User or respective owner

Related posts about linux

Related posts about homework