Angus Lee wrote:
>
> >===== Original Message From [EMAIL PROTECTED] =====
> > > I could use OpenSSL to decrypt this signed and encrypted message. Then
> when I
> > > verify the digital signature, OpenSSL told me that 'content and data
> present'.
> > > Is there anything wrong with my code?
> > Can you send me a copy of the message and/or signature. The signed but
> > decrypted version that is?
>
> b4dec.txt is the original signed and encrypted message, while afterdec.txt is
> what I got after decryption. cityuca.pem is the CA certificate of the signer.
>
> > What version of Netscape is this BTW?
>
> 4.71 (40 bit).
>
Ugh. I checked OpenSSL 4.73 too and it does the same. The cause is that
Netscape isn't properly excluding the content. It is including a zero
length content. This is a recent addition to Netscape and is a bug.
I'll see if I can develop a work around.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
