I apologize again for the spam. I am posting it here to help those who feel the same pain as I do when it comes to using microsoft's crypto api to do the right thing.
The MSFT sample did not work as well. It couldn't decrypt its own encryption. I will pay for MSFT support to get a resolution for this and post the answers here. Himanshu Soni -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Himanshu Soni Sent: Sunday, January 19, 2003 10:25 AM To: [EMAIL PROTECTED] Subject: RE: Problem decrypting a signed and then encrypted pkcs7 message on windows 98 using Crypto API > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Dr. Stephen Henson > Sent: Sunday, January 19, 2003 5:22 AM > To: [EMAIL PROTECTED] > Subject: Re: Problem decrypting a signed and then encrypted pkcs7 > message on windows 98 using Crypto API > > > On Fri, Jan 17, 2003, Himanshu Soni wrote: > > > 128 Bit rc2 also fails on windows 98. Openssl can successfully > > decrypt the message on windows 98. > > > > The email you sent me includes the following: > > > 0:d=0 hl=2 l= 118 cons: SEQUENCE > 2:d=1 hl=2 l= 9 prim: OBJECT :S/MIME Capabilities > 13:d=1 hl=2 l= 105 cons: SET > 15:d=2 hl=2 l= 103 cons: SEQUENCE > 17:d=3 hl=2 l= 10 cons: SEQUENCE > 19:d=4 hl=2 l= 8 prim: OBJECT :des-ede3-cbc > 29:d=3 hl=2 l= 14 cons: SEQUENCE > 31:d=4 hl=2 l= 8 prim: OBJECT :rc2-cbc > 41:d=4 hl=2 l= 2 prim: INTEGER :80 > 45:d=3 hl=2 l= 7 cons: SEQUENCE > 47:d=4 hl=2 l= 5 prim: OBJECT :des-cbc > 54:d=3 hl=2 l= 7 cons: SEQUENCE > 56:d=4 hl=2 l= 5 prim: OBJECT :des-cbc > 63:d=3 hl=2 l= 13 cons: SEQUENCE > 65:d=4 hl=2 l= 8 prim: OBJECT :rc2-cbc > 75:d=4 hl=2 l= 1 prim: INTEGER :28 > 78:d=3 hl=2 l= 7 cons: SEQUENCE > 80:d=4 hl=2 l= 5 prim: OBJECT :sha1 > 87:d=3 hl=2 l= 7 cons: SEQUENCE > 89:d=4 hl=2 l= 5 prim: OBJECT :sha1 > 96:d=3 hl=2 l= 10 cons: SEQUENCE > 98:d=4 hl=2 l= 8 prim: OBJECT :md5 > 108:d=3 hl=2 l= 10 cons: SEQUENCE > 110:d=4 hl=2 l= 8 prim: OBJECT :md5 > > which implies it supports 3DES 128-RC2, DES, 40-RC2. I don't know why > its including some ciphers twice though could be the configuration has > become confused somewhere. I know that I did try OpenSSL S/MIME > messages with MS Outlook express some time ago and it had no problems > under Win98. > > A few more questions. > > Can you use 128 bit SSL on that machine? Yes, I can connect to servers requiring 128 bit. > Have you tried decrypting messages using Outlook express? Outlook express can decrypt the message. > Will it decrypt encrypted mesages (not encrypted and signed)? No, the CAPI fails to decrypt messages that are encrypted only. It fails while decrypting. Windows 98 can perform the same decryption with no problems. > Can it handle encrypted and signed messages from other Windows > machines? Yes it can. > If it can handle them from other machines try extracting the signed > message and using OpenSSL to encrypt it and see if it can handle that. will try that and post the result. > Steve. > -- > Dr. Stephen Henson [EMAIL PROTECTED] > OpenSSL Project http://www.openssl.org/~steve/ > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
