No Subject

cellecial Wed, 28 Jul 1999 21:32:19 -0700
Hi!
I'm working on openssl-0.9.3.
I wish convert DER to PKCS7. I download a root certificate(root.crt)
from a CA. Then I convert it to crt.pem using d2p.c like below:
---------------------------------------------------
d2p.c
FILE *rfp=fopen("root.crt","r");
X509 *x509=d2i_x509_fp(rfp,NULL,NULL);
/* EVP_PKEY *pkey=X509_extract_key(x509); */
FILE *wfp=fopen("crt.pem","w+");
PEM_WRITE_X509(wfp,x509);
/* PEM_write_RSAPublicKey(wfp,pkey->pkey.rsa); */
----------------------------------------------------
Then I convert crt.pem to root.p7b using p2p7.c:
-----------------------------------------------------
p2p7.c
FILE *rfp=fopen("crt.pem","r");
X509 *x509=PEM_read_X509(rfp,NULL,NULL);
/* EVP_PKEY *pkey=PEM_read_PrivateKey(rfp,NULL,NULL); */
PKCS7 *p7=PKCS7_new();
PKCS7_set_type(p7,NID_pkcs7_signed);
/* PKCS7_add_signature(p7,x,pkey,EVP_sha1()); */
PKCS7_add_certificate(p7,x509);
PKCS7_content_new(p7,NID_pkcs7_data);
FILE *wfp=fopen("root.p7b","w+");
i2d_PKCS7_fp(wfp,p7);
------------------------------------------------------
I think this process is just like creating a new pkcs7.But,
when I use IE5.0 to import root.p7b, it always says "it's
not a valid pkcs#7 certificate". What should
I do to convert from other types to pkcs7?

Another two questions: First,when I use IE5 to export a certificate
to pkcs7 certificate,it only allow me export certificate 
without privatekey. Second, does all pkcs7 need PrivateKey?

root.crt:
0\202^Bm0\202^A\326\240^C^B^A^B^B^B^D\2740^M^F  *\206H\206\367^M^A^A^D^E0d1^K0
^F^CU^D^F^S^BCN1200^F^CU^D
^S)Shanghai Electronic Certificate Authority1^Q0^O^F^CU^D^H^S^HShanghai1^N0^L^F^
CU^D^C^S^ESHECA0^^^W^M990101000000Z^W^M031231235959Z0d1^K0      ^F^CU^D^F^S^BCN1
200^F^CU^D
^S)Shanghai Electronic Certificate Authority1^Q0^O^F^CU^D^H^S^HShanghai1^N0^L^F^
CU^D^C^S^ESHECA0\201\2370^M^F   *\206H\206\367^M^A^A^A^E^C\201\2150\201\211^B\20
1\201\260C\340\350\235N\206\365^Qb4\351\223y\377^SJs\216\223\323^A8rY,^X\370\277
\260^BZR\250\244\320<\301\2726\305.\363I`;\255\234\335\342\220tK^?O`\3712^_
&^Ur\266\321jJ^HG\206^[M\220rT\303-\210\2163<\330\226\271^HoZ\341^W\202*^L\222\2
31\357\321\360\236!^W\264^N\343^Y
\233s\335\333W\327\357\365\300\257\235^Y\205\2028\372^L\261\232~\244#^B^C^A^A\24
3.0,0^K^F^CU^]^O^D^D^C^B^A^F0^L^F^CU^]^S^D^E0^C^A^A\3770^O^F^H`\206H^A\206\370C^
L^D^C^B^A^A0^M^F        *\206H\206\367^M^A^A^D^E^C\201\201W\317\251*,\205\275\34
7&Lw!\317]\365\301D<\220-^YE\216e\273>\300BO\274\370\361\223'(^^\223^X\305M\207\
347^X^B\304^T@\304\231[6\274Q5^Qt\206#\212\261\264\306\275\211\310\250r\345QC\27
2\335\343h\342\343^G\331\241?\256^S\311^H^E\316\206\301^Fy\266-^EP\330\276]U:Q^_
R       O^W:@\375\232\363^G\210_\363@\372\242\367\243&*\246}    0\327E

crt.pem:
-----BEGIN CERTIFICATE-----
MIICbTCCAdagAwIBAgICBLwwDQYJKoZIhvcNAQEEBQAwZDELMAkGA1UEBhMCQ04x
MjAwBgNVBAoTKVNoYW5naGFpIEVsZWN0cm9uaWMgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5MREwDwYDVQQIEwhTaGFuZ2hhaTEOMAwGA1UEAxMFU0hFQ0EwHhcNOTkwMTAx
MDAwMDAwWhcNMDMxMjMxMjM1OTU5WjBkMQswCQYDVQQGEwJDTjEyMDAGA1UEChMp
U2hhbmdoYWkgRWxlY3Ryb25pYyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxETAPBgNV
BAgTCFNoYW5naGFpMQ4wDAYDVQQDEwVTSEVDQTCBnzANBgkqhkiG9w0BAQEFAAOB
jQAwgYkCgYEAsEPg6J1OhvURYjTpk3n/E0pzjpPTAThyWSwY+L+wAlpSqKTQPMG6
ADbFLvNJYDutnN3ikHRLf09g+TIfCiYVcrbRakoIR4YbTZByVMMtiI4zPNiWuQhv
WuEXgioMkpnv0fCeIRe0DuMZCptz3dtX1+/1wK+dGYWCOPoMsZp+pCMCAwEAAaMu
MCwwCwYDVR0PBAQDAgEGMAwGA1UdEwQFMAMBAf8wDwYIYIZIAYb4QwwEAwIBATAN
BgkqhkiG9w0BAQQFAAOBgQBXz6kqLIW95yZMdyHPXfXBRDyQLRlFjmW7PsBCT7z4
8ZMnKB6TGMVNh+cYAsQUQMSZWza8UTURdIYjirG0xr2JyKhy5VFDut3jaOLjB9mh
P64TyQgFzoYAwQZ5ti0FUNi+XVU6UR9SCU8XOkD9mvMHiF/zQPqi96MmKqZ9CTDX
RQ==
-----END CERTIFICATE-----
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBALBD4OidTob1EWI06ZN5/xNKc46T0wE4clksGPi/sAJaUqik0DzBugA2
xS7zSWA7rZzd4pB0S39PYPkyHwomFXK20WpKCEeGG02QclTDLYiOMzzYlrkIb1rh
F4IqDJKZ79HwniEXtA7jGQqbc93bV9fv9cCvnRmFgjj6DLGafqQjAgMBAAE=
-----END RSA PUBLIC KEY-----

root.p7b:
0\200^F *\206H\206\367^M^A^G^B\240\2000\202^B\221^B^A^A10\200^F *\206H\206\367^M
^A^G^A\240\200^D\240\202^Bq0\202^Bm0\202^A\326\240^C^B^A^B^B^B^D\2740^M^F
*\206H\206\367^M^A^A^D^E0d1^K0  ^F^CU^D^F^S^BCN1200^F^CU^D
^S)Shanghai Electronic Certificate Authority1^Q0^O^F^CU^D^H^S^HShanghai1^N0^L^F^
CU^D^C^S^ESHECA0^^^W^M990101000000Z^W^M031231235959Z0d1^K0      ^F^CU^D^F^S^BCN1
200^F^CU^D
^S)Shanghai Electronic Certificate Authority1^Q0^O^F^CU^D^H^S^HShanghai1^N0^L^F^
CU^D^C^S^ESHECA0\201\2370^M^F   *\206H\206\367^M^A^A^A^E^C\201\2150\201\211^B\20
1\201\260C\340\350\235N\206\365^Qb4\351\223y\377^SJs\216\223\323^A8rY,^X\370\277
\260^BZR\250\244\320<\301\2726\305.\363I`;\255\234\335\342\220tK^?O`\3712^_
&^Ur\266\321jJ^HG\206^[M\220rT\303-\210\2163<\330\226\271^HoZ\341^W\202*^L\222\2
31\357\321\360\236!^W\264^N\343^Y
\233s\335\333W\327\357\365\300\257\235^Y\205\2028\372^L\261\232~\244#^B^C^A^A\24
3.0,0^K^F^CU^]^O^D^D^C^B^A^F0^L^F^CU^]^S^D^E0^C^A^A\3770^O^F^H`\206H^A\206\370C^
L^D^C^B^A^A0^M^F        *\206H\206\367^M^A^A^D^E^C\201\201W\317\251*,\205\275\34
7&Lw!\317]\365\301D<\220-^YE\216e\273>\300BO\274\370\361\223'(^^\223^X\305M\207\
347^X^B\304^T@\304\231[6\274Q5^Qt\206#\212\261\264\306\275\211\310\250r\345QC\27
2\335\343h\342\343^G\331\241?\256^S\311^H^E\316\206\301^Fy\266-^EP\330\276]U:Q^_
R       O^W:@\375\232\363^G\210_\363@\372\242\367\243&*\246}    0\327E1
 
----------------------------------------------
欢迎使用 21CN 电子邮件系统http://www.21cn.com
Thank you for using 21CN Email system

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
No Subject

Reply via email to
