Hy. I am trying to encrypt a text into a pkcs7 format without using
PKCS7_encrypt, because i want to control the key used. So I have done almost
everything, but can't put the IV in the pkcs7 data. trying to obtain a PKCS7
enveloped data with aes_cbc_256 encryption.
I can't understand where to put the IV. I've done a normal encryption using
PKCS7_encrypt and saw that it goes into the encryptedcontentinfo, between the
used algorithm name and the actual encrypted data.
EncryptedContentInfo ::= SEQUENCE {
contentType ContentType,
contentEncryptionAlgorithm
ContentEncryptionAlgorithmIdentifier,
encryptedContent <---- i think it goes here
[0] IMPLICIT EncryptedContent OPTIONAL }
EncryptedContent ::= OCTET STRING
Apreciate the help on this one. PS: here is a little part of the code used so
far:
PKCS7_set_type ( pkcs7, NID_pkcs7_enveloped );
ASN1_OCTET_STRING *encrypted_data = ASN1_OCTET_STRING_new();
ASN1_OCTET_STRING_set ( encrypted_data, encrypted_output, inSize );
PKCS7_ENVELOPE *p7_envelope = PKCS7_ENVELOPE_new();
X509_ALGOR *p7_alg = X509_ALGOR_new();
X509_ALGOR_set0( p7_alg, OBJ_nid2obj(NID_aes_256_cbc), V_ASN1_NULL, 0 );
ASN1_OCTET_STRING *aes_key_asn1 = ASN1_OCTET_STRING_new();
ASN1_OCTET_STRING_set ( aes_key_asn1, aesKey_enc, 256 );
PKCS7_RECIP_INFO *info = PKCS7_RECIP_INFO_new();
PKCS7_RECIP_INFO_set ( info, cert );
info->enc_key = aes_key_asn1;
pkcs7->d.enveloped->enc_data->algorithm = p7_alg;
pkcs7->d.enveloped->enc_data->enc_data = encrypted_data;
PKCS7_add_recipient_info ( pkcs7, info );
