gpgsm --verify

Werner Koch wk at
Wed May 2 07:35:59 CEST 2018

On Tue,  1 May 2018 10:55, stefan.claas at said:

> openssl cms -verify -in original.eml > message.txt && \
> openssl cms -cmsout -in original.eml | \
> sed "1,4d" | base64 -d > file.sig && \
> gpgsm --verify file.sig message.txt

Adding --verbose to the gpgsm invocation may give you additional hints.
IIRC, "--debug x509" may be helpful to.  Is file.sig a valid CMS file;
that is can you parse it with dumpasn1 or the openssl sub-command?

BTW, gpgsm has an option --assume-base64 so that you don't need the base64



#  Please read:  Daniel Ellsberg - The Doomsday Machine  #
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list