I'm trying to verify detached PKCS#7 signature. A file generated using WIN32 CryptoAPI function CryptSignMessage(). File is signed on client side, but it must be validate on server side FreeBSD. So I cannot use CryptoAPI.
Please help me to determinate how to use OpenSSL for this kind of task. Now I have two files FILENAME.xml and FILENAME.xml.sig which contains a signature information. According to specification this file include "a hash of the specified content, signs the hash, and then encodes both the original message content and the signed hash." As I figured out it also contains certificates. With openssl i can retrieve public key and certificate from this file but I have no idea how to retrieve signature information?
So I'm trying to retrieve information from this file such as public key and signature to use it with openssl command
openssl dgst -verify PUBLIC_KEY_FILE -signature SIGNATURE_FILE -md_gost94 FILENAME.xml Verification Failure
Also there is service which can read all information from this file. http://notary.cryptopro.ru/Detached.aspx
Information about EDS:
Algortim hashing:
Name:
GOST R 34.11-94
ID:
1.2.643.2.2.9
Algortim public key:
Name:
GOST R 34.10-2001
ID:
1.2.643.2.2.19
Value:
2DEA 8713 5AS2 69AA 34E0 B333 EF61 3773 5CF1
3BC4 BAD0 1745 0DDD 9577 FFAE BA4A A9EB A8CF
64B9 C338 1513 8BDB C478 BA3A 5409 6419 03A6
DD3A 04D2 D132 3319 8031
Serial Number: 1F11 EF05 0001 0000 1032
Maybe I dont understand something. Please help. Is it posible at all?
