Hi Goetz, Am Samstag, 03. Feb 2007, 21:46:36 +0100 schrieb Goetz Babin-Ebell: > >> You should use the openssl smime command. > > > > I'm using Ruby; S/MIME seems to be rather young here. At > > least it is hidden properly well. I just found it. > > SMIME is basically PKCS#7 with some aditionally data, > so you find the related info in the OpenSSL pkcs7 interface.
I omit signing, the file won't be sent by mail. I'm doing this in Ruby with success: key_crt = OpenSSL::X509::Certificate.new "-----BEGIN CERTIFICATE..." key_pem = OpenSSL::PKey::RSA.new "-----BEGIN RSA PRIVATE KEY..." p7enc = OpenSSL::PKCS7::encrypt( [key_crt], original) encrypted = OpenSSL::PKCS7.write_smime( p7enc) p7dec = OpenSSL::PKCS7::read_smime( encrypted) decrypted = p7dec.decrypt( key_pem, key_crt) if decrypt != original then .... The command line version of this is: openssl smime -encrypt -in original -out encrypted some.crt openssl smime -decrypt -in encrypted -out decrypted -inkey some.pem some.crt Thanks. Bertram -- Bertram Scharpf Stuttgart, Deutschland/Germany http://www.bertram-scharpf.de ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]