On Tue, Nov 16, 2010, Patrick Patterson wrote: > Hi Steve: > > On 2010-11-16, at 7:54 AM, Dr. Stephen Henson wrote: > > > > > Actually it is being set. The cms utility makes use of OpenSSL ASN1 > > diagnostic > > printing routines you can do this: > > > > openssl cms -cmsout -inform DER -noout -print -in cms.der > > > > where cms.der is the output of that program in binary format. > > > Which version are the -print and -noout command in? >
The -noout version is in 0.9.8 and later but -print is in 1.0.0 only. > That said, when I pipe the output through asn1parse, I don't see the SID > information, so I'm not sure where the cms command would pull it from. > It parses the structure and outputs the fields it receives in human readable format. I took the output you posted to see the key ID. You wont see anything obvious in the output of asn1parse because the SID field is implicitly tagged and in general there is no way to know how such a field is interpreted. If you use asn1parse on the output you posted you'll see this: 594:d=5 hl=4 l= 257 prim: BIT STRING 855:d=3 hl=2 l= 55 cons: SET 857:d=4 hl=2 l= 53 cons: SEQUENCE 859:d=5 hl=2 l= 1 prim: INTEGER :03 862:d=5 hl=2 l= 20 prim: cont [ 0 ] <--------- KID 884:d=5 hl=2 l= 7 cons: SEQUENCE 886:d=6 hl=2 l= 5 prim: OBJECT :sha1 893:d=5 hl=2 l= 0 cons: cont [ 0 ] 895:d=5 hl=2 l= 13 cons: SEQUENCE 897:d=6 hl=2 l= 9 prim: OBJECT :rsaEncryption 908:d=6 hl=2 l= 0 prim: NULL 910:d=5 hl=2 l= 0 prim: OCTET STRING The key ID is the line indicated. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
