I've had a look through some of the OpenSSL PKCS#7 (S/MIME) stuff and
its rather horribly broken in places. Certain bits don't work or will
only work part of the time (like the decryption stuff). It needs a bit
of an overhaul using something like a PKCS7_CTX structure which allows
all the relevant paramaters to be more readily specified and things like
certificate and private key callbacks added.
I've put it on my list of "things to do".
The sign/verify stuff is largely OK though.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
