RE: problems with making Encrypted mail using SFL

["Colestock, Robert" <Robert.Colestock@xxxxxxxxxxxxxxxx>]

Wooce:

 

The list returned from "GetAlgIDs(...)" will contain the entire list of content encryption algorithms supported by the CTIL.  It will never be different for any PKCS12 file used for the login.  You must re-set the PREFERRED content enryption algorithm, not use "...->Firstl()", which is somewhat arbitrary.  This method is CSM_CtilInst::SetPreferredCSInstAlgs(...).  The actual algorithm used to decrypt the PKCS12 file is not related to that used by the CTIL as a default (it is also not the first).  For the Free3 CTIL it is triple des by default; it is hard-coded in the CSM_Free3::SetDefaultOids(...) method (see ./SMIME/alg_libs/sm_free3/sm_free3.cpp).

 

If you wish to use the PKCS12 file algorithm, you will have to decode the PKCS12 file and determine the appropriate algorithm.  There are some functions available to perform this operation, but they are only present in the Free3 CTIL.

 

Bob Colestock

VDA

-----Original Message-----
From: wooce [mailto:wooce@xxxxxxxx]
Sent: Tuesday, November 27, 2001 3:00 AM
To: William.Adams; SFL List (E-mail)
Subject: Re: problems with making Encrypted mail using SFL

hi,  

here is my program now:

 CSM_AppLogin AppLogin;

 CSM_AlgLst *ppdigestAlgID = new CSM_AlgLst();
 CSM_AlgLst *ppdigestEncryptionAlgID = new CSM_AlgLst();
 CSM_AlgLst *ppkeyEncryptionAlgID = new CSM_AlgLst();
 CSM_AlgLst *ppcontentEncryptionAlgID = new CSM_AlgLst();
 char *dllname="libsm_free3DLL";
 char *args="sm_free3DLL /21cn.pfx 123456";

 AppLogin.AddLogin(dllname,args);        // call AddLogin() function
 CSM_CSInst *pInst;
 CSM_OID contentEOID(rc2_cbc);  //   OID  is 1.2.840.113549.3.2

 

//  testing process begin here....

 CSM_Alg rc2Alg(contentEOID);
 pInst = AppLogin.FindCSInstAlgIds(NULL,NULL,NULL,&rc2Alg);
 if( pInst==NULL)
  cout<<"no rc2 algorithm found!";
 else
  cout<<"find rc2 algorithm instance!";

  pInst->GetAlgIDs(ppdigestAlgID,ppdigestEncryptionAlgID,ppkeyEncryptionAlgID,ppcontentEncryptionAlgID);

  CSM_Alg *pAlg=ppcontentEncryptionAlgID->FirstL();
  while( pAlg!=NULL )
  {
   cout<<pAlg->GetId()->GetOIDDescription()<<","<<pAlg->GetId()->GetChar()<<"\n";
   pAlg = ppcontentEncryptionAlgID->GoNext();
  }

//    end of testing process

 

 smEncryptMsg.SetContentEncryptOID(ppcontentEncryptionAlgID->FirstL()->GetId());

 

  but it still report "no instance supports requested cont encr alg",   and the testing process output:

find rc2 algorithm instance!Instance:sha_1,1.3.14.3.2.26
id_dsa,1.2.840.10040.4.1
rsa,2.5.8.1.1
id_aes128_ECB,2.16.840.1.101.3.4.1.1

 

why I got the content encryption oid as  id_aes128_ECB(2.16.840.1.101.3.4.1.1)   instead  of   rc2_cbc(1.2.840.113549.3.2) from the

instance gained by FindCSInstAlgIds(NULL,NULL,NULL,&rc2Alg) ?    it seems  very strange.

How should I  change the program?   I  don't want to change the last statement  to  smEncryptMsg.SetContentEncryptOID(&contentEOID);

I want to use the content encryption algorithm specified in the pfx file "21cn.pfx".

 

  Thank you and have a nice day.

 

Wooce.
----- Original Message -----

From: William Adams

To: 'wooce' ; SFL List (E-mail)

Sent: Wednesday, October 17, 2001 2:28 AM

Subject: RE: problems with making Encrypted mail using SFL

You can use the

 

void CSM_CSInst::GetAlgs(CSM_AlgLst **ppdigestAlgID,CSM_AlgLst **ppdigestEncryptionAlgID,CSM_AlgLst **ppkeyEncryptionAlgID,CSM_AlgLst **ppcontentEncryptionAlgID);

 

function to get the supported algs for each instance.

 

-----Original Message-----
From: owner-imc-sfl@xxxxxxxxxxxx [mailto:owner-imc-sfl@xxxxxxxxxxxx]On Behalf Of wooce
Sent: 17 October 2001 11:16
To: imc-sfl
Subject: problems with making Encrypted mail using SFL

 hi all,

      Sorry for I'm a new comer to SFL and this mailing list.   Please forgive me for asking so  simple problems. 

  I write  a program  to  make enveloped mail  by SFL.     But it reports:

    ERROR INFORMATION AND STACK:

 

 ERROR INFORMATION: no instance supports requested cont encr alg
        ERROR CODE: 1006        SOURCE LINE NUMBER: 1165
        FILE: sm_Encrypt.cpp
        FUNCTION: CSM_DataToEncrypt::Encrypt

 

     now I find that it's probably for I passed the wrong contentEncryptionOID to pEncryptMsg : 

   

    CSM_MsgToEncrypt *pEncryptMsg;

    CSM_OID oidEncryptedData(id_encryptedData);
    pEncryptMsg->SetContentEncryptOID(&contentEncryptionOID);

   1) How should I  get  the    CSM_OID object to pass it to  pEncryptMsg->SetContentEncryptOID()  function?

  2)  How  can I  see   the list of  the Algorithm OIDs supported by the available instances?  

 

sincerely,

Wooce

wooce@xxxxxxxx