No keyphrase asked when using CMS compression + signing
|
View:
New views
5 Messages
—
Rating Filter:
Alert me
|
 |
No keyphrase asked when using CMS compression + signing
by Willem Bos
::
Rate this Message:
Hi all,
I'm trying to compress + sign + encrypt files using the following command line : openssl cms -compress -sign -in datafile.txt -nodetach -signer signer.crt -inkey private.key -outform DER |\ openssl cms -encrypt -binary -des3 -outform DER -out datafile.txt.encrypted addressee.crt When I leave the `-compress` option out openssl asks me for the private key passphrase. With the `-compress` option added no passphrase is asked. I tried openssl versions 0.9.8.k, 1.0.0beta1 and 1.0.0beta1 all with the same result. What am I missing? Regards, Willem. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@... Automated List Manager majordomo@... |
|
|
Re: No keyphrase asked when using CMS compression + signing
by Willem Bos
::
Rate this Message:
By the way, I compiled version 1.0.0beta1 and beta2 with './config
zlib-dynamic shared' and version 0.9.8k with './config zlib-dynamic shared enable-cms' Regards, Willem. On Tue, Jun 30, 2009 at 11:15 AM, Willem Bos<whbos@...> wrote: > Hi all, > > I'm trying to compress + sign + encrypt files using the following command line : > > openssl cms -compress -sign -in datafile.txt -nodetach -signer > signer.crt -inkey private.key -outform DER |\ > openssl cms -encrypt -binary -des3 -outform DER -out > datafile.txt.encrypted addressee.crt > > When I leave the `-compress` option out openssl asks me for the > private key passphrase. With the `-compress` option added no > passphrase is asked. > > I tried openssl versions 0.9.8.k, 1.0.0beta1 and 1.0.0beta1 all with > the same result. > > What am I missing? > > Regards, > Willem. > OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@... Automated List Manager majordomo@... |
|
|
Re: No keyphrase asked when using CMS compression + signing
by Willem Bos
::
Rate this Message:
Anybody?
On Tue, Jun 30, 2009 at 11:15 AM, Willem Bos<whbos@...> wrote: > Hi all, > > I'm trying to compress + sign + encrypt files using the following command line : > > openssl cms -compress -sign -in datafile.txt -nodetach -signer > signer.crt -inkey private.key -outform DER |\ > openssl cms -encrypt -binary -des3 -outform DER -out > datafile.txt.encrypted addressee.crt > > When I leave the `-compress` option out openssl asks me for the > private key passphrase. With the `-compress` option added no > passphrase is asked. > > I tried openssl versions 0.9.8.k, 1.0.0beta1 and 1.0.0beta1 all with > the same result. > > What am I missing? > > Regards, > Willem. > OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@... Automated List Manager majordomo@... |
|
|
Re: No keyphrase asked when using CMS compression + signing
by Dr. Stephen Henson
::
Rate this Message:
On Fri, Jul 03, 2009, Willem Bos wrote:
> Anybody? > > On Tue, Jun 30, 2009 at 11:15 AM, Willem Bos<whbos@...> wrote: > > Hi all, > > > > I'm trying to compress + sign + encrypt files using the following command line : > > > > openssl cms -compress -sign -in datafile.txt -nodetach -signer > > signer.crt -inkey private.key -outform DER |\ > > openssl cms -encrypt -binary -des3 -outform DER -out > > datafile.txt.encrypted addressee.crt > > > > When I leave the `-compress` option out openssl asks me for the > > private key passphrase. With the `-compress` option added no > > passphrase is asked. > > > > I tried openssl versions 0.9.8.k, 1.0.0beta1 and 1.0.0beta1 all with > > the same result. > > > > What am I missing? > > There is no option to combine operations with the cms command at present. You have to compress and sign separately but you can pipe from one to another. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@... Automated List Manager majordomo@... |
|
|
Re: No keyphrase asked when using CMS compression + signing
by Willem Bos
::
Rate this Message:
Hi Steve,
Thanks for your reply, your suggestion worked fine. I did some experimenting and found that, when using SMIME and PEM formatted messages, I could combine the '-compress' and '-binary' options, but when using DER formatted messages this combination resulted in 'corrupt' messages after verification *). The solution was to combine '-binary' with the '-sign' option instead. Is this conclusion correct or am I missing something (again :-)? Regards, Willem. *) Also, leaving out the '-binary' option in both te compression en signing steps had the same result. On Fri, Jul 3, 2009 at 12:19 PM, Dr. Stephen Henson<steve@...> wrote: > On Fri, Jul 03, 2009, Willem Bos wrote: > >> Anybody? >> >> On Tue, Jun 30, 2009 at 11:15 AM, Willem Bos<whbos@...> wrote: >> > Hi all, >> > >> > I'm trying to compress + sign + encrypt files using the following command line : >> > >> > openssl cms -compress -sign -in datafile.txt -nodetach -signer >> > signer.crt -inkey private.key -outform DER |\ >> > openssl cms -encrypt -binary -des3 -outform DER -out >> > datafile.txt.encrypted addressee.crt >> > >> > When I leave the `-compress` option out openssl asks me for the >> > private key passphrase. With the `-compress` option added no >> > passphrase is asked. >> > >> > I tried openssl versions 0.9.8.k, 1.0.0beta1 and 1.0.0beta1 all with >> > the same result. >> > >> > What am I missing? >> > > > There is no option to combine operations with the cms command at present. You > have to compress and sign separately but you can pipe from one to another. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@... > Automated List Manager majordomo@... > > OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@... Automated List Manager majordomo@... |
| Free embeddable forum powered by Nabble | Forum Help |
