[Q] How to verify detached signature?
[try]
0. In addition to the detached signature itself, still need
- the source data that was used to compute the digest and signature.
- signer's certificate or public key
- the timestamp when it was signed?
[example]
openssl smime -verify -in detachedSig.dat -inform DER -content sourceData.dat -signer signer_certificate.pem -noverify
[ref]
http://www.mail-archive.com/openssl-users@openssl.org/msg40857.html
沒有留言:
張貼留言