On 2006.10.03 at 17:00:28 -0700, Rich Conlan wrote:

> Does anybody know how hard it is to make OpenSSL play nice with Window's
> CryptoAPI?
>
> In particular, to make it so that a file encrypted under OpenSSL can be
> decrypted under CryptoAPI and vice-versa?
>


It depends on what do you mean under "file encrypted under OpenSSL".
If you use OpenSSL smime command with DER or PEM output format, you'll
get pkcs7 structure, which is standard and can be processed with
CryptoAPI-based programs.

For example, you can use Microsoft CAPICOM Active X control to
work with such files.

I've encountered problem that CAPICOM converts data into UCS2 encoding
before computing digest, but this is problem with cleartext signatures,
not with encryption. Non-detached signed data and encrypted files,
created with CAPICOM are processed fine with OpenSSL, although on the
OpenSSL end one have to convert them from UCS2 to something more
readable.



__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org