Skip to content

Interaction openssl cms

Jump to bottom Edit New page
George Zhao edited this page Jul 30, 2023 · 2 revisions

Generate signed data with openssl cms 

 cat tosign | openssl cms -sign -inkey test/certs/agent1-key.pem \
 -signer test/certs/agent1-cert.pem -certfile test/certs/agent1-cert.pem \
 -md sha1 -nosmimecap -nodetach -nocerts –noattr > signed.pem

Verify with lua-openssl 

openssl = require('openssl')

local function load(file)
  local f = assert(io.open(file))
  local ctx = f:read('*a')
  f:close()
  return ctx
end

local signed = load('signed.pem')
print('signed', #signed)

signed = assert(openssl.cms.read(signed, 'smime'))
print('signed', signed)
if signed then
  local cert = load('test/certs/agent1-cert.pem')
  cert = openssl.x509.read(cert)
  local ca = load('test/certs/ca1-cert.pem')
  ca = openssl.x509.read(ca)
  local store = openssl.x509.store.new({ca})
  local msg = assert(openssl.cms.verify(signed, {cert}, store))
  if not msg then
    print("ERROR:", openssl.error())
    assert(nil)
  end
else
  print("ERROR:", openssl.error())
  assert(nil)
end
Add a custom footer
Add a custom sidebar
Clone this wiki locally