Some knowledgeable hints for implementing this I just got:
> > > There isn't a command line option to do this, it would require > > > some modification of the OpenSSL S/MIME code. > > > > > > Typically an S/MIME message will have several several > > > RecipientInfo structures even if there is only one recipient (many > > > S/MIME clients make sure the sender is also included in > > > RecipientInfo) and the order is arbitrary. This > > > makes it a hit and miss process. ... > Well this is strictly a "hack" solution... > > In crypto/pkcs7/pk7_smime.c you need to disable the > X509_check_private_key() > call in PKCS7_decrypt() by commenting it out. > > Then in pk7_doit.c in the function PKCS7_dataDecode there is a section > where it matches a certificate to a RecipientInfo. You need to either > set that to use a specific RecipientInfo or have it loop round > checking if EVP_PKEY_decrypt() works (as happens lower down). > > You may also have to modify the 'smime' utility to no longer expect a > certificate. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
