RE: Problem with PKCS7 encoding and Capicom

[Rohit Kumar]

Title: Message

Hi,  Thanks to everybody who responded to this mail. As per now, we have not made much progress on it. I think openssl understands the certificate encoding. I was able to decode it usin x509 command. Certificate was in DER format and we were able to get the output in text format from it.   What I am doing is as follows. After getting the certificate I convert it into PEM format because PHP function seems to understand PEM format. Then I encrypt the data in PKCS7 format with the PEM formatted certificate using PHP function . PHP function gives a S/MIME formatted message. We convert this S/MIME formatted mesage to pkcs7 structure before sending it to windows client. On windows client we are trying to use capicom library to decrypt the data where we are failing. I will keep you posted as we make progress. Meanwhile if you got any pointers, please do send us.     Rohit -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bob Kupperstein Sent: Monday, October 21, 2002 6:27 AM To: [EMAIL PROTECTED] Subject: RE: Problem with PKCS7 encoding and Capicom Hi Rohit,   Did you make any progress with this?   I saw your message on the openssl listserv, and the response.   I’m not familiar with the functions that you are using, but I’ll try and help if you need it.  One suggestion is to use the openssl “asn1parse” command to see if it understands the certificate encoding.   -Bob   -----Original Message----- From: Rohit Kumar [mailto:[EMAIL PROTECTED]] Sent: Saturday, October 19, 2002 1:05 AM To: [EMAIL PROTECTED] Subject: Problem with PKCS7 encoding and Capicom   Hi,  I am trying to make pkcs7 encryption work with capicom of Microsoft.  I am facing problem in it. Steps I am taking: i)                     I am getting a DER encoded certificate from a MS client ii)                   I encrypt the data on server with certificate using PHP function openssl_pkcs7_encrypt () whih I believe outputs the data in S/MIME format. iii)                  I generate a PKCS7 structure with the command Openssl smime  -in (S/MIME data generated)  -pk7out –out file.   I send this file to the MS client which is trying to use capicom API to decrypt it. We are having decrypting problems on the client side mostly getting the messages like i) ASN.1 bad tag value or ii) ASN.1 unexpected end of data or iii) Or key not found.   We are not sure what the problem is. If any one can point us in right direction, it will be great. Any help will be greatly appreciated.   Regards Rohit

<<attachment: winmail.dat>>