[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: problems with making Encrypted mail using SFL



wooce:
 
This list of OIDs you show is the list of supported algorithms from the SFL
CTIL crypto library.  It has no interaction with the e-mail environment that
might have some user algorithm preferences.  Such details are handled by the
application; it is impossible for such a low level library as the SFL to
determine such system/application specific details.  Once the application
has determined such details, it can set the preferred algorithms in the SFL.
These algs are for hash, content encryption, signature and key encryption.
 
For the Free3 CTIL, the preferred content encryption algorithm is triple
des; you will not find RC2, the supported algorithm is rc2-cbc.
 
Bob Colestock
VDA
 

-----Original Message-----
From: wooce [mailto:wooce@xxxxxxxx]
Sent: Tuesday, November 27, 2001 2:37 AM
To: SFL List (E-mail)
Subject: Re: problems with making Encrypted mail using SFL


Sorry,  I now have found it's for  the curr pointer in the class CSM_ListC
is initialized to NULL.  
Now I add a statement :         ppcontentEncryptionAlgID->SetCurrToFirst();

just after the statement    CSM_Alg
*pAlg=ppcontentEncryptionAlgID->FirstL();
and now it's solved and output 17 content encryption algorithm oid :
  id_aes128_ECB,2.16.840.1.101.3.4.1.1
id_aes128_CBC,2.16.840.1.101.3.4.1.2
id_aes128_OFB,2.16.840.1.101.3.4.1.3
id_aes128_CFB,2.16.840.1.101.3.4.1.4
id_aes192_ECB,2.16.840.1.101.3.4.1.21
id_aes192_CBC,2.16.840.1.101.3.4.1.22
id_aes192_OFB,2.16.840.1.101.3.4.1.23
id_aes192_CFB,2.16.840.1.101.3.4.1.24
id_aes256_ECB,2.16.840.1.101.3.4.1.41
id_aes256_CBC,2.16.840.1.101.3.4.1.42
id_aes256_OFB,2.16.840.1.101.3.4.1.43
id_aes256_CFB,2.16.840.1.101.3.4.1.44
1.2.840.113549.3.7,1.2.840.113549.3.7
1.2.840.113549.1.9.16.3.6,1.2.840.113549.1.9.16.3.6
1.2.840.113549.3.2,1.2.840.113549.3.2
1.2.840.113549.1.9.16.3.7,1.2.840.113549.1.9.16.3.7
1.3.14.3.2.7,1.3.14.3.2.7
but in the section  2.7.1.1 of RFC 2633 it says:  
   If the sending agent has received a set of capabilities from the
   recipient for the message the agent is about to encrypt, then the
   sending agent SHOULD use that information by selecting the first
   capability in the list (that is, the capability most preferred by the
   intended recipient) for which the sending agent knows how to encrypt.

does it mean that i should choose the first algorithm   "id_aes128_ECB,2.16.
840.1.101.3.4.1.1"?
if not, where can i get the set of capabilities from the recipient?

sincerely,
Wooce.

----- Original Message ----- 
From: wooce <mailto:wooce@xxxxxxxx>  
To: William.Adams <mailto:William.Adams@xxxxxxxxxxx>  ; SFL List (E-mail)
<mailto:imc-sfl@xxxxxxx>  
Sent: Tuesday, November 27, 2001 12:00 AM
Subject: Re: problems with making Encrypted mail using SFL


hi,   
here is my program now:
 CSM_AppLogin AppLogin;
 CSM_AlgLst *ppdigestAlgID = new CSM_AlgLst();
 CSM_AlgLst *ppdigestEncryptionAlgID = new CSM_AlgLst();
 CSM_AlgLst *ppkeyEncryptionAlgID = new CSM_AlgLst();
 CSM_AlgLst *ppcontentEncryptionAlgID = new CSM_AlgLst();
 char *dllname="libsm_free3DLL";
 char *args="sm_free3DLL ./21cn.pfx 123456";
 AppLogin.AddLogin(dllname,args);        // call AddLogin() function
 CSM_CSInst *pInst;
 CSM_OID contentEOID(rc2_cbc);  //   OID  is 1.2.840.113549.3.2
 
//  testing process begin here....
 CSM_Alg rc2Alg(contentEOID);
 pInst = AppLogin.FindCSInstAlgIds(NULL,NULL,NULL,&rc2Alg);
 if( pInst==NULL)
  cout<<"no rc2 algorithm found!";
 else
  cout<<"find rc2 algorithm instance!";

 
pInst->GetAlgIDs(ppdigestAlgID,ppdigestEncryptionAlgID,ppkeyEncryptionAlgID,
ppcontentEncryptionAlgID);
  CSM_Alg *pAlg=ppcontentEncryptionAlgID->FirstL();
  while( pAlg!=NULL )
  {
 
cout<<pAlg->GetId()->GetOIDDescription()<<","<<pAlg->GetId()->GetChar()<<"\n
";
   pAlg = ppcontentEncryptionAlgID->GoNext();
  }
//    end of testing process
 
 
smEncryptMsg.SetContentEncryptOID(ppcontentEncryptionAlgID->FirstL()->GetId(
));

 
  but it still report "no instance supports requested cont encr alg",   and
the testing process output: 
find rc2 algorithm instance!Instance:sha_1,1.3.14.3.2.26
id_dsa,1.2.840.10040.4.1
rsa,2.5.8.1.1
id_aes128_ECB,2.16.840.1.101.3.4.1.1
 
why I got the content encryption oid as  id_aes128_ECB(2.16.840.1.101.3.4.1.
1)   instead  of   rc2_cbc(1.2.840.113549.3.2) from the 
instance gained by FindCSInstAlgIds(NULL,NULL,NULL,&rc2Alg) ?    it seems
very strange.
How should I  change the program?   I  don't want to change the last
statement  to  smEncryptMsg.SetContentEncryptOID(&contentEOID);
I want to use the content encryption algorithm specified in the pfx file
"21cn.pfx".
 
  Thank you and have a nice day.
 
Wooce.