On Fri, Mar 04, 2005, Peter Cope wrote: > Firstly I've searched the FAQ's and Google'd and not found an answer. I'll > describe the scenario and hope someone can shed some light! > > Machine-1: Generates keys/certs (Self Cert CA). This is a UNIX (well AIX) > box, and runs openssl (latest release). Keys/Certs are distributed to a > number of PC's as P12's. (since they use outlook) and also to a external > client. > > Using this public key Machine-2 (Outlook) can sign+encrypt and send to > Machine-1 which can decrypt and verify. So OK. > Using this public key our client (using Chilkatsoft ... not familiar with > this) and send to Machine-2 which can decrypt and verify. So OK. and also > sends to Machine-1 which can't decrypt it. Complains about ASN.1 header > length being incorrect. So here is my problem. > > Examination of the ASN.1 (by hand as well as asn1parse) shows that pkcs7-data > part uses 128-bit rc2-cbc, and is followed by a binary chunk of some 60k in > size (this isn't itself structured .. unlike the des3-ede3-cbc produced by > default by openssl). I've tried detaching this data to see if anything can > make sense of it, but no. > > Anyone got any ideas, I'm assuming I'm missing a point somewhere! >
Hard to say without the file that OpenSSL doesn't like or the output of asn1parse. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
