I hope this isn't a repeat of a previous posting, and apologize
if it is (I tried posting this question a couple of days ago and
think the email may not have actually been sent). Anyway, I'm
having trouble using openssl to encrypt email messages, and would
greatly appreciate any advice anyone may have. I'm trying to
write a PERL CGI script that uses openssl to send an encrypted
email. The script is executing the following command, piping the
body of the message to the command's standard input:
openssl smime -subject 'subject' -encrypt /path/to/cert.pem > outfile 2>&1
Standard error is redirected to standard output for debugging.
The command's output (written to outfile) looks like this:
Subject: subject
MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/x-pkcs7-mime; name="smime.p7m"
Content-Transfer-Encoding: base64
MIIBnQYJKoZIhvcNAQcDoIIBjjCCAYoCAQAxggE4MIIBNAIBADCBnDCBlDEaMBgG
A1UEChMRTGVuZGluZyBSZXNvdXJjZXMxKDAmBgkqhkiG9w0BCQEWGXBldGVAbGVu
ZGluZ3Jlc291cmNlcy5uZXQxFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xEzARBgNV
BAgTCkNhbGlmb3JuaWExCzAJBgNVBAYTAlVTMRIwEAYDVQQDEwlQZXRlciBZZWUC
AxAAATANBgkqhkiG9w0BAQEFAASBgKBPMjrDgbB0c6yVAboSeMrBHdKClgajJ53I
kkOA0UZqut71DJsoCm5LPRGJ73bEiydY9R9y2OrsLMPEZ0dNC2JEBTfP1EL1gNom
UkbRpYRpa9liAq2QFEjflcFZBw4d8vIDrMCDJSrEUCWAW3U57nLl6RU5M01V/MuK
3dgWkXhGMEkGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQILKEDpzpFXQmA
IJ6P3o41/T4Tq5J2ak7vHpmGI94Inf/2ObSCXYaCtYMn
unable to write 'random state'
I was reading some info about the "unable to write 'random state'"
message. Apparently this indicates a problem accessing a seeding
file for random number generation. The info I am reading says that
openssl tries to use /dev/urandom by default, and starting with version
0.9.7, tries /dev/random if /dev/urandom is unavailable.
The web server executing the CGI script is running FreeBSD 4.11-STABLE
and the version of openssl installed on the server is 0.9.7d
(17 Mar 2004). I wrote a little CGI script that does an
"ls -l /dev | grep random" and the result looks like this:
crw-r--r-- 1 root wheel 2, 3 Apr 15 11:11 random
crw-r--r-- 1 root wheel 2, 4 Apr 15 11:11 urandom
As shown above, both /dev/urandom and /dev/random exist and are
world-readable. Therefore I do not know why openssl is printing the
error message. Does anyone know why this is happening? Any
suggestions on how to solve this problem are greatly appreciated.
When replying, please cc [EMAIL PROTECTED]
Thanks,
Dave
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
