Hi Cr. Stephen, Thank you for your quick reply. It really helped me to solve my problem. Also mac verifying problem is caused by my mistake. I forgot to initialize things using following functions.
SSLeay_add_all_algorithms(); ERR_load_crypto_strings(); Thanks in advance, Milinda Pathirage On Jan 29, 2008 7:33 PM, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: > On Tue, Jan 29, 2008, Milinda Pathirage wrote: > > > Hi all, > > Please apologize me if this is a dumb question. > > I am currently involved in project which I need to create key store > which > > has functions like Java Key Store in C. My requirements is to store > several > > X509 certificates with owner's certificate and private key in a pkcs12 > file. > > And my programming interface must be capable of retrieving any of the > > certificate store in that key store file. > > I tried following command[1] to store my certificate, my private key, > > another x509 certificate and CA certificate and command worked well. > > > > [1] openssl pkcs12 -export -in ksb_cert.pem -inkey ksb_priv_key.pem > -CAfile > > ca_cert.pem -certfile sup_cert.pem -name "test" -out final_3.p12 > > > > The -CAfile option supplies trusted CA certificates that *may* be needed > to > include the whole certificate chain. If you don't include the -chain > option > they wont be used and even then only those necessary to include the > complete > chain will be used. > > > > > > > But this PKCS12_verify_mac(store->pkcs12_in, pass,-1) function calls > return > > 0 always even though I give the correct password. I use my own structure > to > > store the PKCS12 structure. > > > > See what error you get. Could be an FAQ: > > http://www.openssl.org/support/faq.html#PROG8 > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > -- http://think2ed.blogspot.com "thinksquared" http://wsaxc.blogspot.com "Web Services With Axis2/C"
