Openssl 验证清除签名SMIME消息时出错

Openssl 验证清除签名SMIME消息时出错,openssl,pkcs#7,smime,Openssl,Pkcs#7,Smime,在testSmimeMsg.txt文件中有这样一条消息: ABC is our biggest acquisition ever and as you can imagine, customers and partners alike are eager to hear how we plan to integrate it into XYZ. Specifically, how are we going to bring the two traditionally separate silo

在testSmimeMsg.txt文件中有这样一条消息:

ABC is our biggest acquisition ever and as you can imagine, customers
and partners alike are eager to hear how we plan to integrate it into
XYZ.  Specifically, how are we going to bring the two traditionally
separate silos of desktop and mobile together?
To help explain our vision for uniting we released a
video describing our architecture and
technology integration plans.  Definitely watch the video to learn more,
and the rest of this blog will give you a summary of our plans and a bit
more color on certain areas.
我使用以下命令生成一条清晰的签名消息:

$ openssl smime -sign -in testSmimeMsg.txt -out testSmimeClearTextMessage.txt -signer sender.pem
sender.pem是从.p12文件生成的,它包含证书和RSA私钥内容。 然后我使用下面的命令来验证我刚刚创建的签名消息

$ openssl smime -verify -in testSmimeClearTextMessage.txt -noverify -out testSmimeVerifiedClearTextMessage.txt
结果验证成功,testSmimeVerifiedClearTextMessage.txt中的内容与testSmimeMsg.txt中的内容相同。完美的 现在让我们假设我想通过PKCS7_verify()方法验证相同的内容。 C代码

运行时,我得到一个错误:

 verify_Signature_And_Get_Message: Error verifying signer certificate. Returning
 error:2107507A:PKCS7 routines:PKCS7_verify:no content
有人能告诉我怎么了吗? 请注意,如果我传递一个签名数据消息,代码保持不变,它就可以工作。我成功地获得了验证和明文数据,但当我发送一个清晰签名的数据时,它失败了。
请帮忙。

我解决了这个问题。问题是我没有使用PKCS7_read_SMIME()API的内容参数。如果消息是经过明确签名的,则在该参数中返回消息内容,然后需要将该内容连同NODETACHED标志一起传递给PKCS7_verify()方法。有关更多详细信息,请参见两个API的Opeensl文档

 verify_Signature_And_Get_Message: Error verifying signer certificate. Returning
 error:2107507A:PKCS7 routines:PKCS7_verify:no content