On Fri, Nov 04, 2005, Pablo J Royo wrote: > In fact, I have used OpenSSL pkcs7 routines to create and read detached > envelopes, but I'm not sure if my envelopes are correct, because there is no > other application to check them. > All I know is that CryptoAPI correctly reads my PKCS7 headers, but gives an > ASN1 bad tag error when reading the (detached) ciphered data, or tries to > decipher more bytes than I put on my envelope, so I don't know what part is > failing, if encryption or decryption.
Neither the OpenSSL command line utility (smime) nor the simplified S/MIME API support detached data with the PKCS#7 enveloped data type. I've not come across them in practice. You should however be able to reattach/detach the envelope from the PKCS7 structure. Then if a reattached envelope can be decrypted OK by the smime utility it should be OK. Not sure why CryptoAPI would give a bad tag error on the detached data, it shouldn't be using an ASN1 parser on it. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
