PKCS7_verify

2006-05-17 Thread camino (sent by Nabble.com)
when i got a signed smime letter signed by PKCS7_sign suppose the certificate chain is myca -> mycertificate so the PKCS7_verify is ok but if the certificate chain is myca -> myissueca -> mycertificate so the pkcs7_verify will fail even i use openssl smime -verify -certfile my.cer -CAfile

Re: PKCS7_verify

2006-05-17 Thread Dr. Stephen Henson
On Wed, May 17, 2006, camino (sent by Nabble.com) wrote: > > when i got a signed smime letter signed by PKCS7_sign > suppose the certificate chain is > myca -> mycertificate > so the PKCS7_verify is ok > > but if the certificate chain is > myca -> myissueca -> mycertificate > so the pkcs7_

howto make included asn1_sequence?

2006-05-17 Thread [EMAIL PROTECTED]
Hi all! I need to make such stuct: SEQUENCE{ SEQUENCE{ OCTET STRING } OCTET STRING } Is it posible to make it with macros like ASN1_SEQUENCE, ASN1_EXP and etc. And if it posible, then how? ___

Re: howto make included asn1_sequence?

2006-05-17 Thread Dr. Stephen Henson
On Wed, May 17, 2006, [EMAIL PROTECTED] wrote: > Hi all! > > I need to make such stuct: > > SEQUENCE{ > SEQUENCE{ > OCTET STRING > } > OCTET STRING > } > > Is it posible to make it with macros like ASN1_SEQUENCE, ASN1_EXP and etc. > And if it posible, then how?

RC5 in openssl FIPS (versin 7j) is disabled?

2006-05-17 Thread Shicai Hu
Hi, I am new to the openssl. I just compiled openssl FIPS version and I found out that other crypto functions are OK, but I couldn't call those RC5 crypto function. Is this due to RC5 disabled in FIPS version or RC5 is not FIPS approved? I highly appreciate for any helps.  __

Re: RC5 in openssl FIPS (versin 7j) is disabled?

2006-05-17 Thread Brad House
Shicai Hu wrote: > Hi, I am new to the openssl. I just compiled openssl FIPS version and I > found out that other crypto functions are OK, but I couldn't call those > RC5 crypto function. Is this due to RC5 disabled in FIPS version or RC5 > is not FIPS approved? I highly appreciate for any helps.

Re: PKCS7_verify

2006-05-17 Thread camino (sent by Nabble.com)
i have tried openssl smime -sign -in before.eml -signer 666.pem -inkey 666key.pem -out signed.eml -certfile thmid.cer and then verified it. it works thank you very much! -- View this message in context: http://www.nabble.com/PKCS7_verify-t1634754.html#a4442652 Sent from the OpenSSL - Dev forum

how can I get the certificate chain from an end certificate?

2006-05-17 Thread camino (sent by Nabble.com)
i have an end x509 certificate ,and i hope to get the certificate chain do openssl has a function like CertGetCertificateChain in windows api? thanks -- View this message in context: http://www.nabble.com/how-can-I-get-the-certificate-chain-from-an-end-certificate--t1640417.html#a4443193 Sen