Kaspar Brand wrote: > On 31.03.2010 07:49, Michael Ströder wrote: >> It seems it's a CMS structure and recipientInfos contains subject key ids >> instead of issuerAndSerialNumber. It seems Seamonkey 2.0.x does not support >> that. Is it supported by the underlying libs? > > I believe so, see > > http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/smime/cmsreclist.c&mark=89-91#85 > > That's the code which is used by nsCMSMessage > (http://mxr.mozilla.org/comm-central/ident?i=nsCMSMessage), and > therefore also by Seamonkey. > > Did you verify that the key id in the recipientInfo indeed matches the > one from your cert? Otherwise libsmime might simply fail to find the > correct private key.
Strange because my e-mail cert does not have subjectKeyIdentifier at all. Hmm, in theory a S/MIME MUA could calculate it on-the-fly even if the cert does not have one and build a lookup table. Maybe it's worth to look what RFC 5750 says about it... Ciao, Michael. -- Michael Ströder E-Mail: mich...@stroeder.com http://www.stroeder.com -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto