![](/img/trans.png)
[英]M2Crypto: extract message from opaque signed S/MIME (pkcs7-mime)
[英]Verify signed message with M2Crypto for a self signed certificate
我正在尝试使用M2Crypto复制这个openssl命令
openssl smime -verify -in local_files/auth_data.pem.pk7 -inform PEM -certfile certificate.crt -noverify
我的代码如下所示:
smime = M2Crypto.SMIME.SMIME()
x509_store = M2Crypto.X509.X509_Store()
x509_store.load_info(ca_file)
smime.set_x509_store(x509_store)
x509_stack = M2Crypto.X509.X509_Stack()
x509_cert = M2Crypto.X509.load_cert(cert_file)
x509_stack.push(x509_cert)
smime.set_x509_stack(x509_stack)
p7 = M2Crypto.SMIME.load_pkcs7_bio(M2Crypto.BIO.MemoryBuffer(cipher_text))
decrypted_data = smime.verify(p7)
但我在最后一行收到此错误:
PKCS7_Error: certificate verify error
我无法使M2Crypto的行为类似于带有'-noverify'标志的openssl。
我尝试在X509_Store中加载相同的证书,但结果相同。
我花了一段时间,但在此源代码中找到了答案https://pythonhosted.org/pysmime/pysmime.core-pysrc.html#verify
这是允许自签名证书的代码:
decrypted_data = smime.verify(p7, flags=M2Crypto.SMIME.PKCS7_NOVERIFY)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.