I have a CMS signed data that is successfully verified through Java BouncyCastle library.
When trying to verify through OpenSSL, I am getting the following error:
>openssl smime -verify -inform der -in cmssigneddata -CAfile cert.pem
6111 9999
#2015-05-05T10:08:41Verification failure
5744:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:.\crypto\rsa\rsa_pk1.c:100:
5744:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:.\crypto\rsa\rsa_eay.c:721:
5744:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature failure:.\crypto\pkcs7\pk7_doit.c:1132:
5744:error:21075069:PKCS7 routines:PKCS7_verify:signature failure:.\crypto\pkcs7\pk7_smime.c:410:
I have OpenSSL version 1.0.1e 11 Feb 2013.
CMS signed data are constructed using SHA-512 as hash function and RSASSA-PSS signature scheme.
How it should be verified through OpenSSL correctly?
