Re: PKCS7 standard : OpenSSL is following weather v1.5 OR v1.6 OR any other
On Fri, Nov 11, 2005, Konark wrote: Hi All, I found that OpenSSL PKCS#7 module implementation is different from the both the versions . Please tell me which version it is following (URGENT) PKCS#7 v1.5. Very few applications use 1.6. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: PKCS7 standard : OpenSSL is following weather v1.5 OR v1.6 OR any other
Thanks for the reply . But my problem is .. PKCS#7 V1.5 sign implementation uses this structure in process of sign calculation DigestInfo ::= SEQUENCE { digestAlgorithm DigestAlgorithmIdentifier, digest Digest } But I found that OpenSSL is not doing as specified in V1.5 . Reply by cheking the OpenSSl . If incase OpenSSl is not fully folling the v1.5 Please let me know . Regards, konark On Fri, Nov 11, 2005, Konark wrote: Hi All, I found that OpenSSL PKCS#7 module implementation is different from the both the versions . Please tell me which version it is following (URGENT) PKCS#7 v1.5. Very few applications use 1.6. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PKCS7 standard : OpenSSL is following weather v1.5 OR v1.6 OR any other
On Fri, Nov 11, 2005, Konark wrote: Thanks for the reply . But my problem is .. PKCS#7 V1.5 sign implementation uses this structure in process of sign calculation DigestInfo ::= SEQUENCE { digestAlgorithm DigestAlgorithmIdentifier, digest Digest } But I found that OpenSSL is not doing as specified in V1.5 . What makes you think that? Reply by cheking the OpenSSl . If incase OpenSSl is not fully folling the v1.5 Please let me know . OpenSSL passed S/MIME v2 compliance test which check PKCS#7 v1.5 conformance. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: PKCS7 standard : OpenSSL is following weather v1.5 OR v1.6 OR any other
Actually we implemented PKCS#7 V1.5 ( we got the standards from RSA site ) - We did as per standard including DigestInfo structure as part of signature calculation . - When I try to identify signature with OpenSSL I found this thing then I tried with out this DigestInfo structure It's verified successfully . - That's why I doubt which version it is ? konark On Fri, Nov 11, 2005, Konark wrote: Thanks for the reply . But my problem is .. PKCS#7 V1.5 sign implementation uses this structure in process of sign calculation DigestInfo ::= SEQUENCE { digestAlgorithm DigestAlgorithmIdentifier, digest Digest } But I found that OpenSSL is not doing as specified in V1.5 . What makes you think that? Reply by cheking the OpenSSl . If incase OpenSSl is not fully folling the v1.5 Please let me know . OpenSSL passed S/MIME v2 compliance test which check PKCS#7 v1.5 conformance. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PKCS7 standard : OpenSSL is following weather v1.5 OR v1.6 OR any other
On Fri, Nov 11, 2005, Konark wrote: Actually we implemented PKCS#7 V1.5 ( we got the standards from RSA site ) - We did as per standard including DigestInfo structure as part of signature calculation . - When I try to identify signature with OpenSSL I found this thing then I tried with out this DigestInfo structure It's verified successfully . - That's why I doubt which version it is ? The DigestInfo is also part of PKCS#1 so if you tell some implementations (including OpenSSL) to sign a message digest the DigestInfo is automatic. You can see the DigestInfo structure by using the 'rsautl' utility on the signature. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: PKCS7 standard : OpenSSL is following weather v1.5 OR v1.6 OR any other
Thanks Steve. I it seems to be correct But I need to check with my colleague who implemented PKCS#1 (crypto) . konark On Fri, Nov 11, 2005, Konark wrote: Actually we implemented PKCS#7 V1.5 ( we got the standards from RSA site ) - We did as per standard including DigestInfo structure as part of signature calculation . - When I try to identify signature with OpenSSL I found this thing then I tried with out this DigestInfo structure It's verified successfully . - That's why I doubt which version it is ? The DigestInfo is also part of PKCS#1 so if you tell some implementations (including OpenSSL) to sign a message digest the DigestInfo is automatic. You can see the DigestInfo structure by using the 'rsautl' utility on the signature. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]