openSSL tutorial not fully working - Can sign but cannot restore original file
Posted
by
djechelon
on Super User
See other posts from Super User
or by djechelon
Published on 2012-10-23T21:29:09Z
Indexed on
2012/10/23
23:04 UTC
Read the original article
Hit count: 330
I'm writing, and testing, a little tutorial for my groupmates involved in an openSSL homework. We have a bunch of PDF files, I'm the CA and each one should send me a signed PDF for me to be verified.
I've told them to do the following (and tried to do it by myself)
- Request and obtain a certificate (I'll skip this part)
- Create a MIME message with the PDF file in it
makemime -c "text/pdf" -a "Content-Disposition: attachment; filename=”Elaborato.pdf" Elaborato.pdf > Elaborato.pdf.msg
Sign with openSSL
openssl smime -sign -in Elaborato.pdf.msg -out Elaborato.pdf.p7m -certfile ca.pem -certfile nomegruppo.crt -inkey nomegruppo.key -signer nomegruppo.crt
Verify with
openssl smime -verify -in Elaborato.pdf.p7m -out Elaborato-verified.msg -CAfile ca.pem -signer nomegruppo.crt
- Extract attachment with
munpack Elaborato-verified.msg
- View with Acrobat Reader
The problem is that even if I get a file that (from its binary content) resembles a PDF file my current Ubuntu PDF viewer doesn't read it. The XXXElaborato.pdf
extracted by munpack is a little bit smaller than the original.
What's the problem with this procedure? In theory, they should send me the signed S/MIME message and I should be able to read the PDF within it. Why can't I restore the original content of the PDF file?
© Super User or respective owner