E-mail encryption
Glenn Steen
glenn.steen at GMAIL.COM
Sat Oct 22 11:34:01 IST 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
On 21/10/05, Leif Neland <mailscanner-user at neland.dk> wrote:
> >> It extracts the key alright, but it is not in a proper base64
> >> encoded .cer format
> >> It is the raw key.
> >>
> >> I.e. it lookes like this:
> >> 0M-^B^E00M-^B^D^X ^C^B^A^B^B^D?¼^B^@0^M^F
> >> *M-^FHM-^F÷^M^A^A^E^E^@011^K0 ^F^CU^D^F^S^BDK1^L0
> >> ^F^CU^D
> >> ^S^CTDC1^T0^R^F^CU^D^C^S^KTDC OCES
> >> CA0^^^W^M031227160115Z^W^M051227163115Z0s1^K0
> >> ^F^CU^D^F^S^BDK1)0'^F^CU^D
> >> ^S Ingen organisatorisk tilknytning190^R^F^CU^D^C^S^KLeif
> >> Neland0#^F^CU^D^E^S^\PID:9208-2002-2-6898543449640M-^AM-^_0^M^F
> >>
> >> But my .cer file looks like this:
> >> -----BEGIN CERTIFICATE-----
> >> MIIFMDCCBBigAwIBAgIEP7wCADANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJESzEMMAoGA1UE^M
> >> ChMDVERDMRQwEgYDVQQDEwtUREMgT0NFUyBDQTAeFw0wMzEyMjcxNjAxMTVaFw0wNTEyMjcxNjMx^M
> >> MTVaMHMxCzAJBgNVBAYTAkRLMSkwJwYDVQQKEyBJbmdlbiBvcmdhbmlzYXRvcmlzayB0aWxrbnl0^M
> >>
> >> Leif
> >>
> > Well that looks like they're stored in DER format. If you'd like them
> > as PEM, just use openssl x509 to convert them:
> > openssl x509 -in ./aaa.der -inform DER -out aaa.pem -outform PEM
>
> Not quite:
> -bash-2.05b# openssl x509 -in ./20051021000346-leif\@neland.dk -inform
> DER -out leif at neland.dk.cer -outform PEM
> unable to load certificate
> 27297:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong
> tag:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/asn1/tasn_dec.c:946:
> 27297:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
> error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/asn1/tasn_dec.c:304:Type=X509_CINF
> 27297:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_D2I:nested asn1
> error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/asn1/tasn_dec.c:566:Field=cert_info,
> Type=X509
>
> Leif
Well then, either I'm completely off-base (wouldn't be the first
time... this week either:-) or there is something slightly wrong with
the "raw key". Perhaps in the "line boundary" department? Since you
have your cert as PEM already, you should be able to turn it into DER
and compare (cmp, hexdumping and diffing or whatever) to see where the
problems at... Or as said, I might be missinterpreting the file
completely:-).
--
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list