Virgilio Seoane wrote:
>
> I was investigating the SSLeay's files, searching for information on
> PKCS#7 objects and I didn't find the information that searched for.
> Dr. Henson reported that it's necessary effect certain modifications
> in order to could make the verifications on this object type.
>
> Living outside of the US, I have interest in making a client for email
> that allows to sign messages with strong cryptography.
> I seem that it would be of much utility rely on a email client that
> allows to interchange messages in secure way.
>
> Is there any kind person that could help me in this task?
> Don't you result interesting could develop it?
>
I'm not sure what you mean by "sign messages with strong cryptography".
The signing stuff is pretty strong anyway. The weak stuff is encryption.
I have already posted a fix that allows the stuff in crypto/pkcs7 to
verify PKCS#7 signatures. I have a similar fix (unreleased) that fixes
the signature generation stuff. The latter for a commercial application
though without any copyright restriction.
Both fixes interop fine with Netscape and Outlook Express.
As for adding support for encrypted modes, its not too hard and I could
fairly easily add support: I have some protoype RC2-40 decrypt stuff
(unreleased). However to do this properly you need some kind of
certificate store stuff for users certificates and what encryption they
can handle (so you don't send them something they can't decrypt).
I've no idea if the new version of SSLeay will add support for PKCS#7
enveloping modes (Eric?) if it does there isn't much point in
reinventing the wheel.
If you want strong crytpo S/MIME from Netscape then the latest version
of Fortify enables the strong triple DES stuff.
Steve.
--
************************************************
* Dr Stephen N. Henson. *
* Freelance Cryptographic Consultant. *
* Email: [EMAIL PROTECTED] *
************************************************
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
