Join Log in
Score:-1
Nav Boom avatar Server

How to verify signed file?

sv flag
Nav Boom

How to check a validity of a file using openssl and cms?

I've got a file (foo.bin) and a signature (foo.bin.cms) which is include x509 der format certificate.

is there any way to check validity of the file with it cert?

I can find SHA256 of foo.bin, within the foo.bin.cms.

Also can open foo.bin.cms with ASN1. But can not found any way to verify file using openssl command.

openssl cms verify command required pub.key which is I cannot find.

142
1 + 2
anx avatar
fr flag
anx
Verification is just a very broad description of the method. What is the goal? Often signatures serve to confirm a claim that a particular entity produced a file, but for that you already have to possess a copy of their public key.
0
Reply
cn flag
Greg Askew
Almost anything should be able to read in the file and generate a SHA256 hash to compare with the foo.bin.SHA256 file you stated that you have. Depends on your platform (Linux/Windows), which you did not specify.
0
Reply
Score:1
dave_thompson_085 avatar Server
jp flag
dave_thompson_085

CMS verification may require a cert, but never a pubkey as such. There are lots of variations in the CMS-SignedData format (not to mention the other kinds of CMS data) and you don't give any details, so here are a few basic cases:

$ openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:P-256 -out sf1132354.key
$ openssl req -new -key sf1132354.key -x509 -days 365 -subj '/CN=Vladimir Putin' -out sf1132354.crt
$ printf 'hello and goodbye\r\n' >sf1132354.in
$ openssl sha256 <sf1132354.in
(stdin)= dc86ba13ac17e82ea9f0e8239f809d0596449dc3b59626b6ebd6178f27178af4

This data is used for all the cases below. Note I used CRLF line-ending for the data; openssl cms by default applies the S/MIME canonicalization rule even when it is doing CMS and not S/MIME, so line-endings other than CRLF may cause problems.

$ openssl cms -sign -in sf1132354.in -inkey sf1132354.key -signer sf1132354.crt -md sha256 -outform der -out sf1132354.dety
$ openssl asn1parse -i -inform der <sf1132354.dety
    0:d=0  hl=4 l= 839 cons: SEQUENCE
    4:d=1  hl=2 l=   9 prim:  OBJECT            :pkcs7-signedData
   15:d=1  hl=4 l= 824 cons:  cont [ 0 ]
   19:d=2  hl=4 l= 820 cons:   SEQUENCE
   23:d=3  hl=2 l=   1 prim:    INTEGER           :01
   26:d=3  hl=2 l=  13 cons:    SET
   28:d=4  hl=2 l=  11 cons:     SEQUENCE
   30:d=5  hl=2 l=   9 prim:      OBJECT            :sha256
   41:d=3  hl=2 l=  11 cons:    SEQUENCE
   43:d=4  hl=2 l=   9 prim:     OBJECT            :pkcs7-data
   54:d=3  hl=4 l= 395 cons:    cont [ 0 ]
   58:d=4  hl=4 l= 391 cons:     SEQUENCE
   62:d=5  hl=4 l= 301 cons:      SEQUENCE
   66:d=6  hl=2 l=   3 cons:       cont [ 0 ]
   68:d=7  hl=2 l=   1 prim:        INTEGER           :02
   71:d=6  hl=2 l=  20 prim:       INTEGER           :09D45914492F88F6E9812C905D2A0405C5769CCD
   93:d=6  hl=2 l=  10 cons:       SEQUENCE
   95:d=7  hl=2 l=   8 prim:        OBJECT            :ecdsa-with-SHA256
  105:d=6  hl=2 l=  25 cons:       SEQUENCE
  107:d=7  hl=2 l=  23 cons:        SET
  109:d=8  hl=2 l=  21 cons:         SEQUENCE
  111:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  116:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  132:d=6  hl=2 l=  30 cons:       SEQUENCE
  134:d=7  hl=2 l=  13 prim:        UTCTIME           :230601075720Z
  149:d=7  hl=2 l=  13 prim:        UTCTIME           :240531075720Z
  164:d=6  hl=2 l=  25 cons:       SEQUENCE
  166:d=7  hl=2 l=  23 cons:        SET
  168:d=8  hl=2 l=  21 cons:         SEQUENCE
  170:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  175:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  191:d=6  hl=2 l=  89 cons:       SEQUENCE
  193:d=7  hl=2 l=  19 cons:        SEQUENCE
  195:d=8  hl=2 l=   7 prim:         OBJECT            :id-ecPublicKey
  204:d=8  hl=2 l=   8 prim:         OBJECT            :prime256v1
  214:d=7  hl=2 l=  66 prim:        BIT STRING
  282:d=6  hl=2 l=  83 cons:       cont [ 3 ]
  284:d=7  hl=2 l=  81 cons:        SEQUENCE
  286:d=8  hl=2 l=  29 cons:         SEQUENCE
  288:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Subject Key Identifier
  293:d=9  hl=2 l=  22 prim:          OCTET STRING      [HEX DUMP]:0414AFBF46DE3CED60E2A5BBEA461C187C4FBE4D4654
  317:d=8  hl=2 l=  31 cons:         SEQUENCE
  319:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Authority Key Identifier
  324:d=9  hl=2 l=  24 prim:          OCTET STRING      [HEX DUMP]:30168014AFBF46DE3CED60E2A5BBEA461C187C4FBE4D4654
  350:d=8  hl=2 l=  15 cons:         SEQUENCE
  352:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Basic Constraints
  357:d=9  hl=2 l=   1 prim:          BOOLEAN           :255
  360:d=9  hl=2 l=   5 prim:          OCTET STRING      [HEX DUMP]:30030101FF
  367:d=5  hl=2 l=  10 cons:      SEQUENCE
  369:d=6  hl=2 l=   8 prim:       OBJECT            :ecdsa-with-SHA256
  379:d=5  hl=2 l=  72 prim:      BIT STRING
  453:d=3  hl=4 l= 386 cons:    SET
  457:d=4  hl=4 l= 382 cons:     SEQUENCE
  461:d=5  hl=2 l=   1 prim:      INTEGER           :01
  464:d=5  hl=2 l=  49 cons:      SEQUENCE
  466:d=6  hl=2 l=  25 cons:       SEQUENCE
  468:d=7  hl=2 l=  23 cons:        SET
  470:d=8  hl=2 l=  21 cons:         SEQUENCE
  472:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  477:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  493:d=6  hl=2 l=  20 prim:       INTEGER           :09D45914492F88F6E9812C905D2A0405C5769CCD
  515:d=5  hl=2 l=  11 cons:      SEQUENCE
  517:d=6  hl=2 l=   9 prim:       OBJECT            :sha256
  528:d=5  hl=3 l= 228 cons:      cont [ 0 ]
  531:d=6  hl=2 l=  24 cons:       SEQUENCE
  533:d=7  hl=2 l=   9 prim:        OBJECT            :contentType
  544:d=7  hl=2 l=  11 cons:        SET
  546:d=8  hl=2 l=   9 prim:         OBJECT            :pkcs7-data
  557:d=6  hl=2 l=  28 cons:       SEQUENCE
  559:d=7  hl=2 l=   9 prim:        OBJECT            :signingTime
  570:d=7  hl=2 l=  15 cons:        SET
  572:d=8  hl=2 l=  13 prim:         UTCTIME           :230601075746Z
  587:d=6  hl=2 l=  47 cons:       SEQUENCE
  589:d=7  hl=2 l=   9 prim:        OBJECT            :messageDigest
  600:d=7  hl=2 l=  34 cons:        SET
  602:d=8  hl=2 l=  32 prim:         OCTET STRING      [HEX DUMP]:DC86BA13AC17E82EA9F0E8239F809D0596449DC3B59626B6EBD6178F27178AF4
  636:d=6  hl=2 l= 121 cons:       SEQUENCE
  638:d=7  hl=2 l=   9 prim:        OBJECT            :S/MIME Capabilities
  649:d=7  hl=2 l= 108 cons:        SET
  651:d=8  hl=2 l= 106 cons:         SEQUENCE
  653:d=9  hl=2 l=  11 cons:          SEQUENCE
  655:d=10 hl=2 l=   9 prim:           OBJECT            :aes-256-cbc
  666:d=9  hl=2 l=  11 cons:          SEQUENCE
  668:d=10 hl=2 l=   9 prim:           OBJECT            :aes-192-cbc
  679:d=9  hl=2 l=  11 cons:          SEQUENCE
  681:d=10 hl=2 l=   9 prim:           OBJECT            :aes-128-cbc
  692:d=9  hl=2 l=  10 cons:          SEQUENCE
  694:d=10 hl=2 l=   8 prim:           OBJECT            :des-ede3-cbc
  704:d=9  hl=2 l=  14 cons:          SEQUENCE
  706:d=10 hl=2 l=   8 prim:           OBJECT            :rc2-cbc
  716:d=10 hl=2 l=   2 prim:           INTEGER           :80
  720:d=9  hl=2 l=  13 cons:          SEQUENCE
  722:d=10 hl=2 l=   8 prim:           OBJECT            :rc2-cbc
  732:d=10 hl=2 l=   1 prim:           INTEGER           :40
  735:d=9  hl=2 l=   7 cons:          SEQUENCE
  737:d=10 hl=2 l=   5 prim:           OBJECT            :des-cbc
  744:d=9  hl=2 l=  13 cons:          SEQUENCE
  746:d=10 hl=2 l=   8 prim:           OBJECT            :rc2-cbc
  756:d=10 hl=2 l=   1 prim:           INTEGER           :28
  759:d=5  hl=2 l=  10 cons:      SEQUENCE
  761:d=6  hl=2 l=   8 prim:       OBJECT            :ecdsa-with-SHA256
  771:d=5  hl=2 l=  70 prim:      OCTET STRING      [HEX DUMP]:30440220497700032BB7F3B6974C6653D926320E2DDC5616565119ED7E968C2B155635CF022030DDA85378C9002AA8E29949FC39A9FD333A9D62B52C8EBB0F73B5D21EE3720E
$ openssl cms -verify -in sf1132354.dety -inform der -content sf1132354.in -CAfile sf1132354.crt
hello and goodbye
Verification successful
$ openssl cms -verify -in sf1132354.dety -inform der -content sf1132354.in -noverify
hello and goodbye
Verification successful

This is the default variant for openssl cms -sign: a detached signature (you can see there is no eContent in the encapContentInfo starting at offset 41) with signed attributes (you can see starting at offset 528) and a copy of the signer's cert (starting at offset 58). With signedattrs present the verify operation normally does three things:

  1. compute the hash of the data (which I had to supply with -content since it is not contained in the SignedData) and match to the messageDigest attribute in signedattrs
  2. check that the signature (at offset 759) verifies for the 'canonical' encoding of signedattrs (i.e. with the context-3 tag replaced by SET OF) under the publickey in the certificate in the message
  3. validate the certificate used in step 2 against the truststore (here using -CAfile; there are more complicated ways to specify/create the truststore, but here I'm showing only simple)

This combination proves that the data in the .in file at the receiver/verifier is the same data used/intended by the sender/signer and has not been tampered or otherwise modified. But with a self-signed cert as here, it does NOT prove who the signer is, or that you should trust data they signed and sent; in particular this cert claims I am Vladimir Putin, but I'm not. Really, honestly, I'm not -- call off those attack drones QUICK :-}

If the signer had used, and the verifier validated, a cert issued by a 'real' (and properly run) CA, the CA would have verified the identity of the 'owner' (subject) of the certificate before issuing it, and this process would verify not only that I received the data intended by the sender but that the sender is someone I can identify and decide whether (and how much) to trust.

The last (oxymoronic-looking) command skips step 3; it verifies only that the data matches signedattrs and the signature (using the key in the cert) verifies signedattrs, but does not validate the cert (and does not need a truststore). This proves that you got the data untampered from the same party that created the signature, but that party can have been an attacker and the data fake and malicious even though the signature verifies.

$ openssl cms -sign -in sf1132354.in -inkey sf1132354.key -signer sf1132354.crt -md sha256 -outform der -out sf1132354.detn -noattr
$ openssl asn1parse -i -inform der <sf1132354.detn
    0:d=0  hl=4 l= 607 cons: SEQUENCE
    4:d=1  hl=2 l=   9 prim:  OBJECT            :pkcs7-signedData
   15:d=1  hl=4 l= 592 cons:  cont [ 0 ]
   19:d=2  hl=4 l= 588 cons:   SEQUENCE
   23:d=3  hl=2 l=   1 prim:    INTEGER           :01
   26:d=3  hl=2 l=  13 cons:    SET
   28:d=4  hl=2 l=  11 cons:     SEQUENCE
   30:d=5  hl=2 l=   9 prim:      OBJECT            :sha256
   41:d=3  hl=2 l=  11 cons:    SEQUENCE
   43:d=4  hl=2 l=   9 prim:     OBJECT            :pkcs7-data
   54:d=3  hl=4 l= 395 cons:    cont [ 0 ]
   58:d=4  hl=4 l= 391 cons:     SEQUENCE
   62:d=5  hl=4 l= 301 cons:      SEQUENCE
   66:d=6  hl=2 l=   3 cons:       cont [ 0 ]
   68:d=7  hl=2 l=   1 prim:        INTEGER           :02
   71:d=6  hl=2 l=  20 prim:       INTEGER           :09D45914492F88F6E9812C905D2A0405C5769CCD
   93:d=6  hl=2 l=  10 cons:       SEQUENCE
   95:d=7  hl=2 l=   8 prim:        OBJECT            :ecdsa-with-SHA256
  105:d=6  hl=2 l=  25 cons:       SEQUENCE
  107:d=7  hl=2 l=  23 cons:        SET
  109:d=8  hl=2 l=  21 cons:         SEQUENCE
  111:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  116:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  132:d=6  hl=2 l=  30 cons:       SEQUENCE
  134:d=7  hl=2 l=  13 prim:        UTCTIME           :230601075720Z
  149:d=7  hl=2 l=  13 prim:        UTCTIME           :240531075720Z
  164:d=6  hl=2 l=  25 cons:       SEQUENCE
  166:d=7  hl=2 l=  23 cons:        SET
  168:d=8  hl=2 l=  21 cons:         SEQUENCE
  170:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  175:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  191:d=6  hl=2 l=  89 cons:       SEQUENCE
  193:d=7  hl=2 l=  19 cons:        SEQUENCE
  195:d=8  hl=2 l=   7 prim:         OBJECT            :id-ecPublicKey
  204:d=8  hl=2 l=   8 prim:         OBJECT            :prime256v1
  214:d=7  hl=2 l=  66 prim:        BIT STRING
  282:d=6  hl=2 l=  83 cons:       cont [ 3 ]
  284:d=7  hl=2 l=  81 cons:        SEQUENCE
  286:d=8  hl=2 l=  29 cons:         SEQUENCE
  288:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Subject Key Identifier
  293:d=9  hl=2 l=  22 prim:          OCTET STRING      [HEX DUMP]:0414AFBF46DE3CED60E2A5BBEA461C187C4FBE4D4654
  317:d=8  hl=2 l=  31 cons:         SEQUENCE
  319:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Authority Key Identifier
  324:d=9  hl=2 l=  24 prim:          OCTET STRING      [HEX DUMP]:30168014AFBF46DE3CED60E2A5BBEA461C187C4FBE4D4654
  350:d=8  hl=2 l=  15 cons:         SEQUENCE
  352:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Basic Constraints
  357:d=9  hl=2 l=   1 prim:          BOOLEAN           :255
  360:d=9  hl=2 l=   5 prim:          OCTET STRING      [HEX DUMP]:30030101FF
  367:d=5  hl=2 l=  10 cons:      SEQUENCE
  369:d=6  hl=2 l=   8 prim:       OBJECT            :ecdsa-with-SHA256
  379:d=5  hl=2 l=  72 prim:      BIT STRING
  453:d=3  hl=3 l= 155 cons:    SET
  456:d=4  hl=3 l= 152 cons:     SEQUENCE
  459:d=5  hl=2 l=   1 prim:      INTEGER           :01
  462:d=5  hl=2 l=  49 cons:      SEQUENCE
  464:d=6  hl=2 l=  25 cons:       SEQUENCE
  466:d=7  hl=2 l=  23 cons:        SET
  468:d=8  hl=2 l=  21 cons:         SEQUENCE
  470:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  475:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  491:d=6  hl=2 l=  20 prim:       INTEGER           :09D45914492F88F6E9812C905D2A0405C5769CCD
  513:d=5  hl=2 l=  11 cons:      SEQUENCE
  515:d=6  hl=2 l=   9 prim:       OBJECT            :sha256
  526:d=5  hl=2 l=  10 cons:      SEQUENCE
  528:d=6  hl=2 l=   8 prim:       OBJECT            :ecdsa-with-SHA256
  538:d=5  hl=2 l=  71 prim:      OCTET STRING      [HEX DUMP]:3045022100B5B167CC707D015025C9631EEA3D351E6B53ABB5AE1280A975ABE5D6EB92A4F90220525F75DF118479B6E41A9983104E6B55D215E5A5C4DBBD41B66511A25278479E
$ openssl cms -verify -in sf1132354.detn -inform der -content sf1132354.in -CAfile sf1132354.crt
hello and goodbye
Verification successful
$ openssl cms -verify -in sf1132354.detn -inform der -content sf1132354.in -noverify
hello and goodbye
Verification successful

This variant does not use signedattrs, so you don't see the digest of the content in there anywhere, and the verification process is different:

  1. verify the signature over the content (not signedattrs) using the pubkey in the cert
  2. validate the cert

... and now the -noverify version skips step 2 and only does step 1.

$ openssl cms -sign -in sf1132354.in -inkey sf1132354.key -signer sf1132354.crt -md sha256 -outform der -out sf1132354.envy -nodetach
$ openssl asn1parse -i -inform der <sf1132354.envy                   0:d=0  hl=4 l= 862 cons: SEQUENCE
    4:d=1  hl=2 l=   9 prim:  OBJECT            :pkcs7-signedData
   15:d=1  hl=4 l= 847 cons:  cont [ 0 ]
   19:d=2  hl=4 l= 843 cons:   SEQUENCE
   23:d=3  hl=2 l=   1 prim:    INTEGER           :01
   26:d=3  hl=2 l=  13 cons:    SET
   28:d=4  hl=2 l=  11 cons:     SEQUENCE
   30:d=5  hl=2 l=   9 prim:      OBJECT            :sha256
   41:d=3  hl=2 l=  34 cons:    SEQUENCE
   43:d=4  hl=2 l=   9 prim:     OBJECT            :pkcs7-data
   54:d=4  hl=2 l=  21 cons:     cont [ 0 ]
   56:d=5  hl=2 l=  19 prim:      OCTET STRING      :hello and goodbye

   77:d=3  hl=4 l= 395 cons:    cont [ 0 ]
   81:d=4  hl=4 l= 391 cons:     SEQUENCE
   85:d=5  hl=4 l= 301 cons:      SEQUENCE
   89:d=6  hl=2 l=   3 cons:       cont [ 0 ]
   91:d=7  hl=2 l=   1 prim:        INTEGER           :02
   94:d=6  hl=2 l=  20 prim:       INTEGER           :09D45914492F88F6E9812C905D2A0405C5769CCD
  116:d=6  hl=2 l=  10 cons:       SEQUENCE
  118:d=7  hl=2 l=   8 prim:        OBJECT            :ecdsa-with-SHA256
  128:d=6  hl=2 l=  25 cons:       SEQUENCE
  130:d=7  hl=2 l=  23 cons:        SET
  132:d=8  hl=2 l=  21 cons:         SEQUENCE
  134:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  139:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  155:d=6  hl=2 l=  30 cons:       SEQUENCE
  157:d=7  hl=2 l=  13 prim:        UTCTIME           :230601075720Z
  172:d=7  hl=2 l=  13 prim:        UTCTIME           :240531075720Z
  187:d=6  hl=2 l=  25 cons:       SEQUENCE
  189:d=7  hl=2 l=  23 cons:        SET
  191:d=8  hl=2 l=  21 cons:         SEQUENCE
  193:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  198:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  214:d=6  hl=2 l=  89 cons:       SEQUENCE
  216:d=7  hl=2 l=  19 cons:        SEQUENCE
  218:d=8  hl=2 l=   7 prim:         OBJECT            :id-ecPublicKey
  227:d=8  hl=2 l=   8 prim:         OBJECT            :prime256v1
  237:d=7  hl=2 l=  66 prim:        BIT STRING
  305:d=6  hl=2 l=  83 cons:       cont [ 3 ]
  307:d=7  hl=2 l=  81 cons:        SEQUENCE
  309:d=8  hl=2 l=  29 cons:         SEQUENCE
  311:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Subject Key Identifier
  316:d=9  hl=2 l=  22 prim:          OCTET STRING      [HEX DUMP]:0414AFBF46DE3CED60E2A5BBEA461C187C4FBE4D4654
  340:d=8  hl=2 l=  31 cons:         SEQUENCE
  342:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Authority Key Identifier
  347:d=9  hl=2 l=  24 prim:          OCTET STRING      [HEX DUMP]:30168014AFBF46DE3CED60E2A5BBEA461C187C4FBE4D4654
  373:d=8  hl=2 l=  15 cons:         SEQUENCE
  375:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Basic Constraints
  380:d=9  hl=2 l=   1 prim:          BOOLEAN           :255
  383:d=9  hl=2 l=   5 prim:          OCTET STRING      [HEX DUMP]:30030101FF
  390:d=5  hl=2 l=  10 cons:      SEQUENCE
  392:d=6  hl=2 l=   8 prim:       OBJECT            :ecdsa-with-SHA256
  402:d=5  hl=2 l=  72 prim:      BIT STRING
  476:d=3  hl=4 l= 386 cons:    SET
  480:d=4  hl=4 l= 382 cons:     SEQUENCE
  484:d=5  hl=2 l=   1 prim:      INTEGER           :01
  487:d=5  hl=2 l=  49 cons:      SEQUENCE
  489:d=6  hl=2 l=  25 cons:       SEQUENCE
  491:d=7  hl=2 l=  23 cons:        SET
  493:d=8  hl=2 l=  21 cons:         SEQUENCE
  495:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  500:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  516:d=6  hl=2 l=  20 prim:       INTEGER           :09D45914492F88F6E9812C905D2A0405C5769CCD
  538:d=5  hl=2 l=  11 cons:      SEQUENCE
  540:d=6  hl=2 l=   9 prim:       OBJECT            :sha256
  551:d=5  hl=3 l= 228 cons:      cont [ 0 ]
  554:d=6  hl=2 l=  24 cons:       SEQUENCE
  556:d=7  hl=2 l=   9 prim:        OBJECT            :contentType
  567:d=7  hl=2 l=  11 cons:        SET
  569:d=8  hl=2 l=   9 prim:         OBJECT            :pkcs7-data
  580:d=6  hl=2 l=  28 cons:       SEQUENCE
  582:d=7  hl=2 l=   9 prim:        OBJECT            :signingTime
  593:d=7  hl=2 l=  15 cons:        SET
  595:d=8  hl=2 l=  13 prim:         UTCTIME           :230601083230Z
  610:d=6  hl=2 l=  47 cons:       SEQUENCE
  612:d=7  hl=2 l=   9 prim:        OBJECT            :messageDigest
  623:d=7  hl=2 l=  34 cons:        SET
  625:d=8  hl=2 l=  32 prim:         OCTET STRING      [HEX DUMP]:DC86BA13AC17E82EA9F0E8239F809D0596449DC3B59626B6EBD6178F27178AF4
  659:d=6  hl=2 l= 121 cons:       SEQUENCE
  661:d=7  hl=2 l=   9 prim:        OBJECT            :S/MIME Capabilities
  672:d=7  hl=2 l= 108 cons:        SET
  674:d=8  hl=2 l= 106 cons:         SEQUENCE
  676:d=9  hl=2 l=  11 cons:          SEQUENCE
  678:d=10 hl=2 l=   9 prim:           OBJECT            :aes-256-cbc
  689:d=9  hl=2 l=  11 cons:          SEQUENCE
  691:d=10 hl=2 l=   9 prim:           OBJECT            :aes-192-cbc
  702:d=9  hl=2 l=  11 cons:          SEQUENCE
  704:d=10 hl=2 l=   9 prim:           OBJECT            :aes-128-cbc
  715:d=9  hl=2 l=  10 cons:          SEQUENCE
  717:d=10 hl=2 l=   8 prim:           OBJECT            :des-ede3-cbc
  727:d=9  hl=2 l=  14 cons:          SEQUENCE
  729:d=10 hl=2 l=   8 prim:           OBJECT            :rc2-cbc
  739:d=10 hl=2 l=   2 prim:           INTEGER           :80
  743:d=9  hl=2 l=  13 cons:          SEQUENCE
  745:d=10 hl=2 l=   8 prim:           OBJECT            :rc2-cbc
  755:d=10 hl=2 l=   1 prim:           INTEGER           :40
  758:d=9  hl=2 l=   7 cons:          SEQUENCE
  760:d=10 hl=2 l=   5 prim:           OBJECT            :des-cbc
  767:d=9  hl=2 l=  13 cons:          SEQUENCE
  769:d=10 hl=2 l=   8 prim:           OBJECT            :rc2-cbc
  779:d=10 hl=2 l=   1 prim:           INTEGER           :28
  782:d=5  hl=2 l=  10 cons:      SEQUENCE
  784:d=6  hl=2 l=   8 prim:       OBJECT            :ecdsa-with-SHA256
  794:d=5  hl=2 l=  70 prim:      OCTET STRING      [HEX DUMP]:3044022004297664781BFF7FF183FBA4F8536C83A3EA796690B810970DDC3C49E5F28FCC0220048A0A573AD584282DF8C2079AAC5E036B33E414F9B55762A16A49B60D176E68
$ openssl cms -verify -in sf1132354.envy -inform der -CAfile sf1132354.crt
hello and goodbye
Verification successful
$ openssl cms -verify -in sf1132354.envy -inform der -noverify
hello and goodbye
Verification successful

$ openssl cms -sign -in sf1132354.in -inkey sf1132354.key -signer sf1132354.crt -md sha256 -outform der -out sf1132354.envn -nodetach -noattr
$ openssl asn1parse -i -inform der <sf1132354.envn
    0:d=0  hl=4 l= 629 cons: SEQUENCE
    4:d=1  hl=2 l=   9 prim:  OBJECT            :pkcs7-signedData
   15:d=1  hl=4 l= 614 cons:  cont [ 0 ]
   19:d=2  hl=4 l= 610 cons:   SEQUENCE
   23:d=3  hl=2 l=   1 prim:    INTEGER           :01
   26:d=3  hl=2 l=  13 cons:    SET
   28:d=4  hl=2 l=  11 cons:     SEQUENCE
   30:d=5  hl=2 l=   9 prim:      OBJECT            :sha256
   41:d=3  hl=2 l=  34 cons:    SEQUENCE
   43:d=4  hl=2 l=   9 prim:     OBJECT            :pkcs7-data
   54:d=4  hl=2 l=  21 cons:     cont [ 0 ]
   56:d=5  hl=2 l=  19 prim:      OCTET STRING      :hello and goodbye

   77:d=3  hl=4 l= 395 cons:    cont [ 0 ]
   81:d=4  hl=4 l= 391 cons:     SEQUENCE
   85:d=5  hl=4 l= 301 cons:      SEQUENCE
   89:d=6  hl=2 l=   3 cons:       cont [ 0 ]
   91:d=7  hl=2 l=   1 prim:        INTEGER           :02
   94:d=6  hl=2 l=  20 prim:       INTEGER           :09D45914492F88F6E9812C905D2A0405C5769CCD
  116:d=6  hl=2 l=  10 cons:       SEQUENCE
  118:d=7  hl=2 l=   8 prim:        OBJECT            :ecdsa-with-SHA256
  128:d=6  hl=2 l=  25 cons:       SEQUENCE
  130:d=7  hl=2 l=  23 cons:        SET
  132:d=8  hl=2 l=  21 cons:         SEQUENCE
  134:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  139:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  155:d=6  hl=2 l=  30 cons:       SEQUENCE
  157:d=7  hl=2 l=  13 prim:        UTCTIME           :230601075720Z
  172:d=7  hl=2 l=  13 prim:        UTCTIME           :240531075720Z
  187:d=6  hl=2 l=  25 cons:       SEQUENCE
  189:d=7  hl=2 l=  23 cons:        SET
  191:d=8  hl=2 l=  21 cons:         SEQUENCE
  193:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  198:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  214:d=6  hl=2 l=  89 cons:       SEQUENCE
  216:d=7  hl=2 l=  19 cons:        SEQUENCE
  218:d=8  hl=2 l=   7 prim:         OBJECT            :id-ecPublicKey
  227:d=8  hl=2 l=   8 prim:         OBJECT            :prime256v1
  237:d=7  hl=2 l=  66 prim:        BIT STRING
  305:d=6  hl=2 l=  83 cons:       cont [ 3 ]
  307:d=7  hl=2 l=  81 cons:        SEQUENCE
  309:d=8  hl=2 l=  29 cons:         SEQUENCE
  311:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Subject Key Identifier
  316:d=9  hl=2 l=  22 prim:          OCTET STRING      [HEX DUMP]:0414AFBF46DE3CED60E2A5BBEA461C187C4FBE4D4654
  340:d=8  hl=2 l=  31 cons:         SEQUENCE
  342:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Authority Key Identifier
  347:d=9  hl=2 l=  24 prim:          OCTET STRING      [HEX DUMP]:30168014AFBF46DE3CED60E2A5BBEA461C187C4FBE4D4654
  373:d=8  hl=2 l=  15 cons:         SEQUENCE
  375:d=9  hl=2 l=   3 prim:          OBJECT            :X509v3 Basic Constraints
  380:d=9  hl=2 l=   1 prim:          BOOLEAN           :255
  383:d=9  hl=2 l=   5 prim:          OCTET STRING      [HEX DUMP]:30030101FF
  390:d=5  hl=2 l=  10 cons:      SEQUENCE
  392:d=6  hl=2 l=   8 prim:       OBJECT            :ecdsa-with-SHA256
  402:d=5  hl=2 l=  72 prim:      BIT STRING
  476:d=3  hl=3 l= 154 cons:    SET
  479:d=4  hl=3 l= 151 cons:     SEQUENCE
  482:d=5  hl=2 l=   1 prim:      INTEGER           :01
  485:d=5  hl=2 l=  49 cons:      SEQUENCE
  487:d=6  hl=2 l=  25 cons:       SEQUENCE
  489:d=7  hl=2 l=  23 cons:        SET
  491:d=8  hl=2 l=  21 cons:         SEQUENCE
  493:d=9  hl=2 l=   3 prim:          OBJECT            :commonName
  498:d=9  hl=2 l=  14 prim:          UTF8STRING        :Vladimir Putin
  514:d=6  hl=2 l=  20 prim:       INTEGER           :09D45914492F88F6E9812C905D2A0405C5769CCD
  536:d=5  hl=2 l=  11 cons:      SEQUENCE
  538:d=6  hl=2 l=   9 prim:       OBJECT            :sha256
  549:d=5  hl=2 l=  10 cons:      SEQUENCE
  551:d=6  hl=2 l=   8 prim:       OBJECT            :ecdsa-with-SHA256
  561:d=5  hl=2 l=  70 prim:      OCTET STRING      [HEX DUMP]:304402207D12A9C0281FF39ED3DA7C0966E1B153D70150B25976B7FEBF8C35B92986861902202C8FA05D23E2988C06FC3A973104E88195596D94340A43802202A266D6DEFB43
$ openssl cms -verify -in sf1132354.envn -inform der -CAfile sf1132354.crt
hello and goodbye
Verification successful
$ openssl cms -verify -in sf1132354.envn -inform der -noverify
hello and goodbye
Verification successful

These are 'enveloping' (non-detached) signatures which do include the content (at offset 56), and do or do not use signedattrs respectively. Verification is the same as the two cases above, except now I don't need to specify -content because the content is in the SignedData.

There are more cases, but I've already spent more time on this A than is fair to others so I'll stop here. If your case is different, specify clearly how, and I'll try to get back to it in a few days.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.