Using openssl for AS2 [I]
Classification: For internal use only Hi, I am using openssl - OpenSSL 0.9.8e 23 Feb 2007 on Solaris. I need to use this to decrypt and verify AS2 messages coming in from customers. Is this possible ? I do not see a cms option available. When I use openssl smime -verify -CAfile ca-file -out output-file , the verification is successful but the output contains the Content-Type, Content-Transfer-Encoding and Content-Disposition Headers. How do I get around this issue ? Thanks and Regards, Dwipin Chandran. --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
Re: Using openssl for AS2 [I]
Classification: For internal use only Thanks Jakob. Do you have any pointers around script that decodes the Content-Transfer-Encoding ? Is there something that is widely used ? Thanks and Regards, Dwipin Chandran. From: Jakob Bohm jb-open...@wisemo.com To: openssl-users@openssl.org, Date: 04/04/2013 11:02 PM Subject: Re: Using openssl for AS2 [I] On 4/4/2013 9:00 AM, Dwipin C wrote: Classification: For internal use only Hi, I am using openssl - OpenSSL 0.9.8e 23 Feb 2007 on Solaris. I need to use this to decrypt and verify AS2 messages coming in from customers. Is this possible ? OpenSSL 0.9.8e is an old insecure version, please upgrade to the latest security upgrade, either version 0.9.8y (contains only security fixes), 1.0.0k (contains 1.0.0 features and security fixes) or 1.0.1e (contains 1.0.0 features, 1.0.1 features and security fixes). I do not see a cms option available. The cms command is a version 1.0.0 and later feature, upgrade to 1.0.0k, 1.0.1e or use the smime command. When I use openssl smime -verify -CAfile ca-file -out output-file , the verification is successful but the output contains the Content-Type, Content-Transfer-Encoding and Content-Disposition Headers. How do I get around this issue ? Just filter the result through a simple script that removes those headers and decodes the Content-Transfer-Encoding. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
Openssl - Bouncy Castle : Signature Verification Failure
I am trying to develop a java utility based on Bouncy Castle that should be able to sign and encrypt data which can later be decrypted and verified on the server side (openssl). Data encrypted by BC gets decrypted fine with Openssl Data signed by BC gets verified fine with Openssl But when I sign and encrypt data with BC and use OpenSSL to decrypt and verify, it fails. But if I only decrypt this content, it decrypts fine. However the output of this decryption when I try to verify, it fails. I then opened the output of decryption, removed the first 3 lines from it. These lines were the 2 Headers and a blank line. After this the verification also went thru fine. So I am not sure how to avoid these extra headers that gets passed as input to openssl verification. My decrypt and verify is something like this - openssl smime -decrypt -in $1 -recip $2 -inkey $3 | openssl smime -verify -CAfile $4 -out $5 These were the extra lines I deleted - Content-Type: application/octet-stream Content-Transfer-Encoding: binary A blank line Anyone know of a solution, please let me know. Thanks, Dwipin. -- View this message in context: http://openssl.6102.n7.nabble.com/Openssl-Bouncy-Castle-Signature-Verification-Failure-tp42468.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Openssl - Bouncy Castle : Signature Verification Failure
Its not exactly Signature Verification Failure. I get the following error - Error reading S/MIME message 24746:error:2107A083:PKCS7 routines:SMIME_read_PKCS7:invalid mime type:pk7_mime.c:364:type: application/octet-stream -- View this message in context: http://openssl.6102.n7.nabble.com/Openssl-Bouncy-Castle-Signature-Verification-Failure-tp42468p42469.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org