Re: using rsa functions from libcrypto
Hi, I used CA.pl to generate a CA and signed a certificate for myself. (Default openssl.cnf; OpenSSL 0.9.5 28 Feb 2000) After importing the cert to netcape I send a signed message to myself using the mutt email client. First question - maybe this one is for the mutt-list: Can mutt handle pkcs-7-conforming mails? Well, my mutt installation can't. I received the message in two parts, the message and the signature. I saved the signature part and tryed to verifiy the signature with openssl smime -verify -in smime.p7s resulting in Error reading S/MIME message 2108:error:2107A087:PKCS7 routines:SMIME_read_PKCS7:no content type:pk7_mime.c:215: Merging the content of the mail and the signature in one file and trying to verify it resulted in openssl smime -verify -in dummy Error reading S/MIME message 2112:error:2107A087:PKCS7 routines:SMIME_read_PKCS7:no content type:pk7_mime.c:215: The man page of openssl/smime states, that there might be parsing errors when reading S/MIME v3 structure. Is this the reason for this problem?? Thanks for any hints, Martin -- Martin Lohner [EMAIL PROTECTED] Ecrypt AG www.ecrypt.de __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: using rsa functions from libcrypto
Hi Julien, I am working on a similar project and I founda good example of RSA encryption/decryption in /openssl/demos/maurice/example2.c. Look in these dirs, there's some interesting stuff, in /openssl/apps too. Bye, Paolo. - Original Message - From: julien guisset To: [EMAIL PROTECTED] Sent: Friday, August 25, 2000 7:55 AM Subject: using rsa functions from libcrypto Hi,I want to use RSA functions from libcrypto (i386-NetBSD + cc).Can someone send me an example of implementation in C with a public/private keys generation, message encryption/decryption.I need this for a personal project that will not be distributed.thank you.Julien Guissetfrench student from Paris__OpenSSL Project http://www.openssl.orgUser Support Mailing List [EMAIL PROTECTED]Automated List Manager [EMAIL PROTECTED]
Re: using rsa functions from libcrypto
Martin Lohner wrote: Hi, I used CA.pl to generate a CA and signed a certificate for myself. (Default openssl.cnf; OpenSSL 0.9.5 28 Feb 2000) After importing the cert to netcape I send a signed message to myself using the mutt email client. First question - maybe this one is for the mutt-list: Can mutt handle pkcs-7-conforming mails? Well, my mutt installation can't. I received the message in two parts, the message and the signature. I saved the signature part and tryed to verifiy the signature with openssl smime -verify -in smime.p7s resulting in Error reading S/MIME message 2108:error:2107A087:PKCS7 routines:SMIME_read_PKCS7:no content type:pk7_mime.c:215: Merging the content of the mail and the signature in one file and trying to verify it resulted in openssl smime -verify -in dummy Error reading S/MIME message 2112:error:2107A087:PKCS7 routines:SMIME_read_PKCS7:no content type:pk7_mime.c:215: The man page of openssl/smime states, that there might be parsing errors when reading S/MIME v3 structure. Is this the reason for this problem?? Thanks for any hints, With OpenSSL 0.9.5a you need to be able to have the message as a single multipart/signed entity. The errors you are seeing are because OpenSSL cannot see any MIME Content-type: header. For the latest dev version you may be able to do: openssl smime -verify -inform DER -in smime.p7s -content message However the message MUST be available verbatim, that is without any MIME headers being stripped or translated otherwise you'll get a signature failure. This can cause problems because mail readers typically strip off MIME headers and interpret the content appropriately. These must be available to the smime program because they are part of the signed content. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
