smime(1ssl)smime(1ssl)NAMEsmime - S/MIME utility
SYNOPSIS
openssl smime [-encrypt] [-decrypt] [-sign] [-verify] [-pk7out] [-des]
[-des3] [-rc2-40] [-rc2-64] [-rc2-128] [-certfile filename] [-signer
filename] [-recip filename] [-infile] [-informSMIME | PEM | DER]
[-passin arg] [-inkey filename] [-outfile] [-outform SMIME | PEM | DER]
[-content filename] [-to addr] [-fromad] [-subject s] [-text] [-rand
filename] [cert.pem ...]
OPTIONS
There are five options that set the type of operation to be performed.
The meaning of the other options varies according to the operation
type. Encrypts mail for the given recipient certificates. Input file
is the message to be encrypted. The output file is the encrypted mail
in MIME format. Decrypts mail using the supplied certificate and pri‐
vate key. Expects an encrypted mail message in MIME format for the
input file. The decrypted mail is written to the output file. Signs
mail using the supplied certificate and private key. Input file is the
message to be signed. The signed message in MIME format is written to
the output file. Verifies signed mail. Expects a signed mail message
on input, and outputs the signed data. Both clear text and opaque sign‐
ing is supported. Takes an input message and writes out a PEM encoded
PKCS#7 structure. The input message to be encrypted or signed, or the
MIME message to be decrypted or verified. Specifies the input format
for the PKCS#7 structure. The default is SMIME which reads an S/MIME
format message. The PEM and the DER format change this to expect PEM
and DER format PKCS#7 structures instead. This only affects the input
format of the PKCS#7 structure. If no PKCS#7 structure is input, such
as -encrypt or -sign, this option has no effect. The message text that
has been decrypted or verified or the output MIME format message that
has been signed or verified. Specifies the output format for the
PKCS#7 structure. The default is SMIME which writes an S/MIME format
message. The PEM and DER format change this to write PEM and DER format
PKCS#7 structures instead. This only affects the output format of the
PKCS#7 structure. If no PKCS#7 structure is output, such as -verify or
-decrypt, this option has no effect. Specifies a file containing the
detached content. This is only useful with the -verify option. This is
only usable if the PKCS#7 structure is using the detached signature
form where the content is not included. This option will override any
content if the input format is S/MIME and it uses the multipart/signed
MIME content type. Adds plain text (text/plain) MIME headers to the
supplied message if encrypting or signing. If decrypting or verifying
it strips off text headers. If the decrypted or verified message is not
of MIME type text/plain then an error occurs. A file containing
trusted CA certificates. It is only used with the -verify option. A
directory containing trusted CA certificates. It is only used with the
-verify option. This directory must be a standard certificate direc‐
tory, meaning a hash of each subject name (using x509 -hash) should be
linked to each certificate. The encryption algorithm to use. DES (56
bits), triple DES (168 bits) or 40, 64 or 128 bit RC2, respectively. If
not specified, 40-bit RC2 is used. These are used only with the
-encrypt option. When verifying a message, certificates (if any)
included in the message are searched for the signing certificate. With
this option only the certificates specified in the -certfile option are
used. The supplied certificates can still be used as untrusted CAs how‐
ever. Does not verify the signers certificate of a signed message.
Does not perform chain verification of signers certificates. That is,
it does not use the certificates in the signed message as untrusted
CAs. Does not try to verify the signatures on the message. When sign‐
ing a message, the signer's certificate is usually included. With this
option the signer's certificate is excluded. This will reduce the size
of the signed message, but the verifier must have a copy of the
signer's certificate available locally (passed using the -certfile
option, for example). When a message is signed, a set of attributes is
included, such as the signing time and supported symmetric algorithms.
With this option they are not included. Usually the input message is
converted to canonical format, which is effectively using CR and LF as
end-of-line, as required by the S/MIME specification. With this option
no translation occurs. This is useful when handling binary data which
may not be in MIME format. Uses opaque signing when signing a message.
This form is more resistant to translation by mail relays, but it can‐
not be read by mail agents that do not support S/MIME. Without this
option cleartext signing with the MIME type multipart/signed is used.
Allows additional certificates to be specified. When signing these will
be included with the message. When verifying, these will be searched
for the signer's certificates. The certificates should be in PEM for‐
mat. The signer's certificate when signing a message. If a message is
being verified then the signer's certificates will be written to this
file if the verification was successful. The recipient's certificate
when decrypting a message. This certificate must match one of the
recipient's of the message or an error occurs. The private key to use
when signing or decrypting. This must match the corresponding certifi‐
cate. If this option is not specified then the private key must be
included in the certificate file specified with the -recip or the
-signer option. The private key password source. For more information
about the format of arg, see the Pass Phrase Arguments section in
openssl(1ssl). A file or files containing random data used to seed the
random number generator, or an EGD socket. (See RAND_egd(3).) Multiple
files can be separated by an OS-dependent character. The separator is a
semicolon (;) for MS-Windows, a comma (,) for OpenVMS, and a colon (:)
for all others. One or more certificates of message recipients, used
when encrypting a message. The relevant mail headers. These are
included outside the signed portion of a message so they may be
included manually. If signing, then many S/MIME mail clients check that
the signer's certificate email address matches that specified in the
From: address.
DESCRIPTION
The smime command handles S/MIME mail. It can encrypt, decrypt, sign
and verify S/MIME messages.
NOTES
The MIME message must be sent without any blank lines between the head‐
ers and the output. Some mail programs will automatically add a blank
line. Piping the mail directly to sendmail is one way to achieve the
correct format.
The supplied message to be signed or encrypted must include the neces‐
sary MIME headers or many S/MIME clients will not display it properly
(if at all). You can use the -text option to automatically add plain
text headers.
A signed and encrypted message is one where a signed message is then
encrypted. This can be produced by encrypting an already signed mes‐
sage.
This version of the program only allows one signer per message, but it
will verify multiple signers on received messages. Some S/MIME clients
fail if a message contains multiple signers. It is possible to sign
messages in parallel by signing an already signed message.
The options -encrypt and -decrypt reflect common usage in S/MIME
clients. These process PKCS#7 enveloped data. The PKCS#7 encrypted data
is used for other purposes.
RESTRICTIONS
The MIME parser is not very clever. It seems to handle most messages,
but it may fail on others.
The code will only write out the signer's certificate to a file. If the
signer has a separate encryption certificate this must be manually
extracted. There should be some heuristic that determines the correct
encryption certificate.
Ideally a certificate database should be maintained for each email
address.
The code does not take note of the permitted symmetric encryption algo‐
rithms as supplied in the SMIMECapabilities signed attribute. This
means the user has to manually include the correct encryption algo‐
rithm. It should store the list of permitted ciphers in a database and
only use those.
No revocation checking is done on the signer's certificate.
The code can only handle S/MIME v2 messages. The more complex S/MIME v3
structures may cause parsing errors.
EXIT STATUS
The operation was completely successfully. An error occurred parsing
the command options. One of the input files could not be read. An
error occurred creating the PKCS#7 file or when reading the MIME mes‐
sage. An error occurred decrypting or verifying the message. The mes‐
sage was verified correctly but an error occurred writing out the sign‐
ers certificates.
EXAMPLES
Create a cleartext signed message: openssl smime-sign -in message.txt
-text -out mail.msg \ -signer mycert.pem
Create an opaque signed message: openssl smime-sign -in message.txt
-text -out mail.msg -nodetach \ -signer mycert.pem
Create a signed message, include some additional certificates and read
the private key from another file: openssl smime-sign -in in.txt -text
-out mail.msg \ -signer mycert.pem -inkey mykey.pem -certfile myc‐
erts.pem
Send a signed message under UNIX directly to sendmail, including head‐
ers: openssl smime-sign-in in.txt -text -signer mycert.pem \
-from steve@openssl.org -to someone@somewhere \ -subject
"Signed message" | sendmail someone@somewhere
Verify a message and extract the signer's certificate if successful:
openssl smime-verify -in mail.msg -signer user.pem -out signedtext.txt
Send encrypted mail using triple DES: openssl smime-encrypt -in in.txt
-from steve@openssl.org \ -to someone@somewhere -subject
"Encrypted message" \ -des3 user.pem -out mail.msg
Sign and encrypt mail: openssl smime-sign -in ml.txt -signer my.pem
-text \ | openssl smime-encrypt-out mail.msg \ -from
steve@openssl.org -to someone@somewhere \ -subject "Signed and
Encrypted message" -des3 user.pem
Notice that the encryption command does not include the -text option
because the message being encrypted already has MIME headers.
Decrypt mail: openssl smime-decrypt -in mail.msg -recip mycert.pem
-inkey key.pem
The output from Netscape form signing is a PKCS#7 structure with the
detached signature format. You can use this program to verify the sig‐
nature by line wrapping the base64 encoded structure and surrounding it
with the following lines:
-----BEGIN PKCS7----
-----END PKCS7----
You should then use the following command: openssl smime-verify
-inform PEM -in signature.pem -content content.txt
Alternatively, you can base64 decode the signature and use the follow‐
ing command: openssl smime-verify -inform DER -in signature.der -con‐
tent content.txt
smime(1ssl)