Hmm, Interesting problem. I do remember most of the epf format. The keys are der(or is it ber?) encoded asn.1 as are the certificates. The real problem is going to be decrypting the data in the epf. Everything is encrypted with cast-5, using the password plus the salt. There are 1000 hashs to be done (HashCount) before you come up with the key itself, then you can decrypt the token and you should get a zero result (if memory serves). then you can decrypt the data fields in the epf with that key (after base64-decoding first). Older version of the code would yield a base64 encoded asn1 string but I believe it now just yields the binary asn1 data.
note that there are two certificates. an encrypting cert and a signing cert. the key history for the encrypting cert is kept (so you can decrypt docs encrypted with any older certs) but only the current private key is kept for the signing cert. -lee -----Original Message----- From: Dave Tapuska [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 05, 2002 10:47 PM To: [EMAIL PROTECTED] Subject: Entrust EPF File There was talk on this list about 2 years ago about Entrust's EPF (Entrust Profile File). It was presumed that the file was some PKCS 5. Does anyone know how to integrate EPF files into Openssl ? Here is the original thread: http://www.mail-archive.com/[email protected]/msg06121.html thanks, dave ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
