For some reason I didn't get any newsfeeds after re-subscribing, so I can't really post to my earlier inquiry.
I've figured this out. 1) Convert Key's CipherValue from base64-to-binary 2) rsautl against the Key's CipherValue.bin - gives binary version of the decoded key (uses the private key) 3) Convert the binary version of the decoded key to hex - this will be the -K for bulk operations (the shared secret) 4) Convert the Body's Cipher Value from base64-to-binary 5) Save off the first 16 bytes for the IV - converting to Hex (becomes the Initialization Vector) 6) Save off the remainder of the BodyCipherValue.bin (len-16 - this was where I messed up) 7) Decrypt with cipher -in BodyCipherValueRemainder.bin with -K and -iv values The -K is RSA encrypted with the public key, but the IV is in "cleartext", prepended to the AES/bulk encrypted part. _______________________ Carlo Milono Director of Engineering TIBCO Software Inc. Direct: +1(650) 846-5152 mailto: cmil...@tibco.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
