Re: Newbie question X509 certificate stores
I'm having a very similar problem as this one. I have a file I made from data sent from an AS2 system. The HTTP headers before the data are (abbreviated to the S/MIME stuff): Subject: EDIINTDATA Message-Id: <[EMAIL PROTECTED]> Disposition-Notification-To: inXServices Disposition-Notification-Options: signed-receipt-protocol=optional,pkcs7-signature; signed-receipt-micalg=optional,sha1 Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name="smime.p7m" Content-Disposition: inline; filename="smime.p7m" Content-Length: 1334 I saved the 1334 bytes after the blank line following the Content-Length to a file. I can't seem to use that file with OpenSSL. On Wed, Dec 28, 2005 at 12:45:18AM +0100, Dr. Stephen Henson wrote: > What does the data look like that you are feeding into d2i_PKCS7()? Doies it > have lines with -BEGIN in it? No. > > If the data is available as a file try: > > openssl pkcs7 -in file -inform DER openssl pkcs7 -inform DER -in src/fo/van/as2/msg.enc unable to load PKCS7 object 23182:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:946: 23182:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:304:Type=PKCS7 > > openssl pkcs7 -in file openssl pkcs7 -in src/fo/van/as2/msg.enc unable to load PKCS7 object 23183:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:637:Expecting: PKCS7 > > and if both of those fail: > > openssl asn1parse -inform DER -in file openssl asn1parse -inform DER -in src/fo/van/as2/msg.enc 0:d=0 hl=2 l= 10 prim: EOC > > There are also some proprietary store outputs from CryptoAPI which can be > produced which OpenSSL cannot handle. > > Steve. Supposedly the public key produced is X.509. However, I can't read that with OpenSSL, either. I an read the private key (which is documented by the AS2 software as PKS#1 RSA private key -- I assume they mean PKCS#1). I can provide the file to anyone who can assist with this. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Newbie question X509 certificate stores
Some problems w/reverse DNS prevented posting this until now. On Wed, Dec 28, 2005 at 07:12:30PM +0100, Dr. Stephen Henson wrote: > On Wed, Dec 28, 2005, George Garvey wrote: > > >I'm having a very similar problem as this one. > >I have a file I made from data sent from an AS2 system. The HTTP > > headers before the data are (abbreviated to the S/MIME stuff): > > Subject: EDIINTDATA > > Message-Id: <[EMAIL PROTECTED]> > > Disposition-Notification-To: inXServices > > Disposition-Notification-Options: > > signed-receipt-protocol=optional,pkcs7-signature; > > signed-receipt-micalg=optional,sha1 > > Content-Type: application/pkcs7-mime; smime-type=enveloped-data; > > name="smime.p7m" > > Content-Disposition: inline; filename="smime.p7m" > > Content-Length: 1334 > > > >I saved the 1334 bytes after the blank line following the > > Content-Length to a file. I can't seem to use that file with OpenSSL. > > > > You should be able to use the "smime" utility on the whole message including > headers for example: > > openssl smime -verify -in message > > or to output a standard PKCS#7 structure in PEM format: > > openssl smime -pk7out -in message > > then the standard "pkcs7" utility should tolerate it. Captured the HTTP post. Tried -verify as above: openssl smime -verify -in src/fo/van/as2/inbound/2005-12-28:12:10:47 Error reading S/MIME message 6747:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:140: 6747:error:21078082:PKCS7 routines:B64_READ_PKCS7:decode error:pk7_mime.c:142: 6747:error:2107A08B:PKCS7 routines:SMIME_read_PKCS7:pkcs7 parse error:pk7_mime.c:315: __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Newbie question X509 certificate stores
Some problems w/reverse DNS prevented posting this until now. On Wed, Dec 28, 2005 at 07:12:30PM +0100, Dr. Stephen Henson wrote: > On Wed, Dec 28, 2005, George Garvey wrote: > > >I'm having a very similar problem as this one. > >I have a file I made from data sent from an AS2 system. The HTTP > > headers before the data are (abbreviated to the S/MIME stuff): > > Subject: EDIINTDATA > > Message-Id: <[EMAIL PROTECTED]> > > Disposition-Notification-To: inXServices > > Disposition-Notification-Options: > > signed-receipt-protocol=optional,pkcs7-signature; > > signed-receipt-micalg=optional,sha1 > > Content-Type: application/pkcs7-mime; smime-type=enveloped-data; > > name="smime.p7m" > > Content-Disposition: inline; filename="smime.p7m" > > Content-Length: 1334 > > > >I saved the 1334 bytes after the blank line following the > > Content-Length to a file. I can't seem to use that file with OpenSSL. > > > > You should be able to use the "smime" utility on the whole message including > headers for example: > > openssl smime -verify -in message > > or to output a standard PKCS#7 structure in PEM format: > > openssl smime -pk7out -in message > > then the standard "pkcs7" utility should tolerate it. Captured the HTTP post. Tried -verify as above: openssl smime -verify -in src/fo/van/as2/inbound/2005-12-28:12:10:47 Error reading S/MIME message 6747:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:140: 6747:error:21078082:PKCS7 routines:B64_READ_PKCS7:decode error:pk7_mime.c:142: 6747:error:2107A08B:PKCS7 routines:SMIME_read_PKCS7:pkcs7 parse error:pk7_mime.c:315: __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
