On Tue, Mar 30, 2010, Michael Strder wrote: > Dr. Stephen Henson wrote: > > On Tue, Mar 30, 2010, Michael Strder wrote: > >> Someone sent me an encrypted S/MIME message which I could not decrypt in > >> Mozilla's Seamonkey. Trying to determine the cause for that I wanted to > >> look > >> at the RecipientInfos structure with OpenSSL 0.9.8k shipped with openSUSE > >> Linux 11.2 and and also tried with OpenSSL 1.0.0 (self-compiled). > >> > >> But decoding the PKCS#7 failed (see output below). Any idea what's going > >> wrong? > > > > Looks like that isn't a PKCS#7 structure but a CMS structure (which is a > > superset of PKCS#7). Try the cms command in OpenSSL 1.0.0 instead. > > Thanks for your quick answer. > > Yes, openssl cms -cmsout outputs something which I can examine with dumpasn1 > or openssl asn1parse. Looks like there's nothing like RecipientInfos with > issuer name / serial number in there...maybe subject key id is used. >
It was the key identifier option that was causing the PKCS#7 routines to choke. You can do better than asn1parse using the 1.0.0 ASN1 print routines like this: openssl cms -in file.whatever -noout -print Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
