<<< Date Index >>>     <<< Thread Index >>>

Re: S/MIME-verification



Hello Christoph, hello mutt-users,

* Christoph Ludwig <cludwig@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> [06/03/2004 13:10]:
> Did you run "smime_keys init"?

Yes, I did.

Decryption works, but not until re-opening the message :-(

> > one additional question: Is it possible to "debug" (-> display) the
> > openssl-calls?
> 
> Write a wrapper script around openssl that logs all parameters
> [...]

(1)
This is the command after pushing the return-key:
openssl smime -decrypt -passin stdin -inform DER -in 
/tmp/mutt-<hostname>-19816-7 -inkey -recip

stdout+stderr:
No recipient certificate and key specified
Usage smime [options] cert.pem ...
where options are
[...]

(2)
There are no commands after entering the password. My wrapper-script
gets the password via stdin.

(3)
These are the commands after re-opening the message:
openssl smime -decrypt -passin stdin -inform DER -in 
/tmp/mutt-<hostname>-19816-13 -inkey /home/<user>/.smime/keys/0b7df28a.0 -recip 
/home/<user>/.smime/certificates/0b7df28a.0
openssl smime -verify -inform DER -in /tmp/mutt-<hostname>-19816-15.sig -CAfile 
/home/<user>/.smime/ca-bundle.crt -content /tmp/mutt-<hostname>-19816-15
openssl smime -decrypt -passin stdin -inform DER -in 
/tmp/mutt-<hostname>-19816-22 -inkey /home/<user>/.smime/keys/0b7df28a.0 -recip 
/home/<user>/.smime/certificates/0b7df28a.0
openssl smime -verify -in /tmp/mutt-<hostname>-19816-17 -noverify -signer 
/tmp/mutt-<hostname>-19816-24 -out /dev/null
openssl x509 -in /tmp/mutt-<hostname>-19816-24 -noout -email

stdout+stderr:
Content-Type: multipart/signed;
[...decoded mail...]



My openssl-version (Debian Woody):
ii  openssl        0.9.6c-2.woody Secure Socket Layer (SSL) binary and related


Any hints?


Bye,
Heiko