Hi all. I would like some help and guidance with using CMS in OpenSSL and general CMS I guess. I just want to use enveloped data to transport an existing cryptogram. The cryptogram was generated using AES-128 CBC with random IV using pre-shared AES keys. I think I need to use "key encryption key recipient info" for this. I haven't seen any examples for just enveloped data in the CMS demos folder.
I guess I start with: CMS_enveloped_data_create(); And then add recipient info with: CMS_add0_recipient_key(); For CMS_add0_recipient_key(), how/what do I specify as the ID? I have an OID sub-branch allocated to me that I can use - should I be allocating an OID to each instance of pre-shared key? Or should I be using the otherTypeId and otherType field for doing this? I don't want to transfer the key itself - just a reference to the key. How do I attach the cryptogram to the envelope? Do I just use CMS_get0_content and directly write the data to the ASN1_OCTET_STRING or is there an API to do this indirectly? I want the envelope out as DER encoded (not SMIME). Do I use CMS_final(CMS_BINARY) to get this? Given an existing envelope in DER format, do I just use d2i_CMS_bio() to convert to CMS_ContentInfo object? Do I need to do anything else to this object to process it? Thanks for any assistance, Regards Carl Note: The reason for moving to CMS enveloped data is so I can migrate our applications away from using pre-shared keys and move forward to better ways of doing things. Moving to a structured format is step one on the path to doing this. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
