Sign and Verify a Message
-
Create a sample text file with any content inside it.
|
›_ Console
|
echo "Sample message" > message.txt
|
-
Sign the message file.
|
›_ Console
|
openssl cms -sign -in message.txt -signer TestRSA.cert -inkey "pkcs11:token=<token_label>;object=<key_label>" -out signedRSAmessage.txt
|
The result will be a signed message with the following format.
|
›_ Signed Message
|
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="----4483E8F5EBA4258E73C09280E53170FE"
This is an S/MIME signed message
------4483E8F5EBA4258E73C09280E53170FE
Sample Message
------4483E8F5EBA4258E73C09280E53170FE
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
MIIGFgYJKoZIhvcNAQcCoIIGBzCCBgMCAQExDTALBglghkgBZQMEAgEwCwYJKoZI
...
EwOn9N1Fh/Y+f4B4zkan/JvlsuCUhma630BdmQm03SGGvyWFkdN/lpLCP2zGPwAZ
JI8M/QyBddmJJHvy/K5zRrxHmkpEDhvYwf0=
------4483E8F5EBA4258E73C09280E53170FE--
|
-
Verify the signature of the message.
|
›_ Console
|
openssl cms -verify -noverify -in signedRSAmessage.txt -CAfile TestRSA.cert -out originalmessage.txt TestRSA.cert
Warning: recipient certificate file parameters ignored for operation other than -encrypt
Sample Message
CMS Verification successful
|
