On Mon, Oct 14, 2002 at 04:14:17PM +0900, Maya wrote: > Hello! > > I am using smime-tool for creating SMIME messages. I found and option which I can >use to extract signer's certificate when verifying the message. > How I can extract encryption Certificates used to encrypt the message?
"PKCS7 Enveloped" data type (used to send encrypted data) was designed without recipient certificate; "PKCS7 Signed" data type do have "certificates" and it is recommended to send signer' certificate there as well as the whole certificates chain. > I found how to extract issuer_and_serial from PKCS7 structure, but I still cannot >extract Certificates used to encrypt the message. To decrypt, private key is required anyway. Well, recipient certificate might serve as index for pickup; issuer_and_serial would also do that. > (PKCS7_RECIP_INFO *ri;) I tried to get the value of ri->cert, but unfortunately it >didn't work. ASN.1 parser (0.9.7) would not set ri->cert > Are encryption Certificates included in SMIME message, or just information about >them is included - like issuer name and serial number)? Recipient certificate (public key used to encrypt) is definitely not included. hope this helps, Vadim -- Naina library: http://www.unity.net/~vf/naina_r1.tgz ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
