I am trying to create an android app which can send sign and encrypted mails using OpenSSL.
So far I am able to send Signed Emails and verify them using both web browsers and my android apps. Same is the case with Encryption and Decryption. But now when I am trying to send signed+encrypted mails from my android app. The Exchange server is unable to verify/decrypt the mails send from my android app. When I am trying to open open these mails using OWA I get this error: One or more errors occurred while the message was being loaded. Error: (0x800ccef6) The digital signature of this message couldn't be validated because an error occurred while the message was being loaded. Encryption and signing code: *Sign Code:* public static boolean Java_PKCS7Sign(File inputFile, File outputFile, PrivateKey privateKey, X509Certificate certificate, String signingAlgorithm) { try { String inputFilePath = inputFile.getAbsolutePath(); String outputFilePath = outputFile.getAbsolutePath(); byte arr[] = android.security.Credentials.convertToPem(certificate); InputStream certIs = new ByteArrayInputStream(arr); OpenSSLX509Certificate openSSLcert = OpenSSLX509Certificate.fromX509PemInputStream(certIs); byte openSSLcertEncoded[] = openSSLcert.getEncoded(); long signCertRef = NativeCrypto.d2i_X509(openSSLcertEncoded); OpenSSLKey oKey = OpenSSLKey.fromPrivateKey(privateKey); long evpKeyRef = oKey.getPkeyContext(); //boolean res = PKCS7Sign(signCertRef, pkeyRef, certs, bioRef, flags, a, b) long arr1[] = new long[0]; return PKCS7Sign(inputFilePath, signCertRef, evpKeyRef, arr1, outputFilePath); } catch (Exception e) { e.printStackTrace(); } return false; } In the above code PKCS7Sign is a JNI call to OpenSSL. And the flags used are for signing are: int flgs = PKCS7_STREAM | PKCS7_DETACHED | PKCS7_BINARY ; *Encrypt Code:* public static boolean Java_PKCS7encrypt(File inputData, File output, X509Certificate[] recipientCertificates, String encryptionAlgorithm) { if(!inputData.exists() || !output.exists()) return false; try { fis = new FileInputStream(inputData); OpenSSLBIOInputStream bis = new OpenSSLBIOInputStream(fis); long bioRef = NativeCrypto.create_BIO_InputStream(bis); int certsRefArrLength = recipientCertificates.length; long certsRefArr[] = new long[certsRefArrLength]; for (int i = 0; i < certsRefArrLength; i++) { byte arr[] = android.security.Credentials.convertToPem(recipientCertificates[i]); InputStream certIs = new ByteArrayInputStream(arr); OpenSSLX509Certificate openSSLcert = OpenSSLX509Certificate.fromX509PemInputStream(certIs); byte openSSLcertEncoded[] = openSSLcert.getEncoded(); certsRefArr[i] = NativeCrypto.d2i_X509(openSSLcertEncoded); } String outputFilePath = output.getAbsolutePath(); return PKCS7encrypt(bioRef, certsRefArr, outputFilePath, encryptionAlgorithm); } catch (FileNotFoundException e) { e.printStackTrace(); } catch (CertificateEncodingException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); } return false; } Same as in case of sign PKCS7encrypt is a JNI call to OpenSSL. And flags used are: int flags = PKCS7_STREAM | PKCS7_BINARY; And cipher used for encryption is cipher = EVP_rc2_40_cbc(); Any pointers about my mistake?