On Mon, Sep 29, 2003, Dr Stephen Henson wrote: > There isn't a command to do this but the standard OpenSSL S/MIME code does the > search. If you look at around line 401 in pk7_doit.c you'll see a look which > checks each RecipientInfo structure against each certificate and breaks out > when it finds the right one or errors out if it can't. You should be able to > adapt that to your needs.
Yes ! Thanks for your accurate answer Steve, I could get it to work ! Aside from issuer name and serial number, I also have other questions: On Mon, Sep 29, 2003, I wrote: > (I first wanted to encrypt the cleartext file with each of those 20 > certificates files, and then to compare the MD5 checksum against the MD5 sum > of the "mysterious" encrypted file. I guess this doesnt work because it 2 > successive encryptions of a given file with a given key seem to yield > different encrypted files) This is what I actually did : # openssl smime -encrypt -in cleartext -out test1 certificate.crt # openssl smime -encrypt -in cleartext -out test2 certificate.crt # openssl smime -encrypt -in cleartext -out test3 certificate.crt # openssl smime -encrypt -in cleartext -out test4 certificate.crt # openssl smime -encrypt -in cleartext -out test5 certificate.crt # cp test1 copy1 # md5sum * 719ad63dbda4a607480ab8fa00c99a3b copy1 <snip> 719ad63dbda4a607480ab8fa00c99a3b test1 5e368e517c75d1307a23fc85076dc3b0 test2 b45ac4071a1b133a3505c906838ea3bd test3 c539a908bb79792a8ff98e912efef7d9 test4 178dac41201d36379275dd2ee06b4498 test5 QUESTION 1: So I wanted to ask why it is beneficial/necessary that "2 encryptions of a given file with a given key yield different encrypted files". And also how is it achieved ? # openssl smime -encrypt -in cleartext -out file certificate.crt >From the man page, this command uses the RC2 40bit algorithm. I have had a quick look at the RC2 description but it didn't mention any pseudo-random operation. (http://www.ipa.go.jp/security/rfc/RFC2268EN.html) QUESTION 2: On a side note, the certificate was generated from a 2048-bit private key. The encryption command didn't report any warning/error, so how does it handle that key? ... 40bit RC2 with a 2048bit key ... I'm lost here. Dave ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
