Hi
In openssl command line.
>>pkcs12 -export -in temp.pem -keypbe PBE-MD5-DES -out temp.pfx
,where temp.pem contains private key and corresponding self-signed certificate.
When I tried to import temp.pfx to MSIE, IE prompt an error message "wrong password"
So I changed openssl source code crypto/evp/e_des.c and rebuild libcrypto.a
original :
static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)
{
des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks,
(des_cblock *)ctx->iv, ctx->encrypt);
return 1;
}
modified :
static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl)
{
des_cbc_encrypt(in, out, (long)inl, ctx->c.des_ks,
(des_cblock *)ctx->iv, ctx->encrypt);
return 1;
}
Then temp.pfx is imported to MSIE.
I think that mapping of object identifier of DES-CBC to coressponding function
is different from that of MSIE.
Openssl maps DES-CBC object identifier to des_ncbc_encrypt! Is it correct?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
