Hi, it is working ok for me now. the command line to encrypt a binary file would be: openssl cms -encrypt -in BINARY.BIN -pwri_password password -binary -outform DER -aes128 -out ENCRYPTED
and to decrypt: openssl cms -decrypt -in ENCRYPTED -pwri_password password -inform DER -out DECRYPTED after these two calls BINARY.BIN == DECRYPTED best regards, krzysztof kobus >________________________________ >From: Krzysztof Kobus <kk720...@yahoo.com> >To: "openssl-users@openssl.org" <openssl-users@openssl.org> >Cc: "pkos...@gmail.com" <pkos...@gmail.com> >Sent: Friday, August 19, 2011 2:22 PM >Subject: re: consolidation of CMS with PBE in release > > >Hi Paul, > >What command line options have you used for openssl to encrypt (and >effectively to test >openssl -> openssl path)? I am doing: > >openssl cms -encrypt -in in.dcm -pwri_password password -cmsout -outform DER >-binary -out out.dcm > >but it doesn't works for me - I am getting "Error reading S/MIME message". >However my input data is >not S/MIME but regular binary file... > >Decryption works fine. I can decrypt bouncycastle encrypted file using: > >/openssl cms -decrypt -in IMAGE_ENCRYPTED -pwri_password password -inform DER >> IMAGE_DECRYPTED > >Best regards, > >Krzysztof Kobus > > > >--0016364ed6a0cf2a0a04a93414c5 >Content-Type: text/plain; charset=ISO-8859-1 > >On November 26, 2009, Dr. Stephen Henson wrote: >> I've added experimental support to HEAD. This seems to decrypt the example >OK >> and can decrypt its own output. It adds a new option -pwri_password to the >> cms utility (will need something better at some point). > >Are there any plans to consolidate the current support for CMS PBE in HEAD >in an upcoming release? > >I can confirm that PBE support in HEAD works (interoperable) for: >(encrypt -> decrypt) >* openssl -> openssl >* bouncycasltle -> openssl >* openssl -> bouncycastle > >Is there a particular reason PBE support has not been included in a release >version upto now? It would be attractive to have support in an official >release. > >Kind regards, >Paul > >--0016364ed6a0cf2a0a04a93414c5 >Content-Type: text/html; charset=ISO-8859-1 >Content-Transfer-Encoding: quoted-printable > >On November 26, 2009, Dr. Stephen Henson wrote:<br>> I've added expe= >rimental support to HEAD. This seems to decrypt the example OK<br>> and = >can decrypt its own output. It adds a new option -pwri_password to the<br> >> cms utility (will need something better at some point).<br><br>Are the= >re any plans to consolidate the current support for CMS PBE in HEAD in an u= >pcoming release?<br><br>I can confirm that PBE support in HEAD works (inter= >operable) for:<br> >(encrypt -> decrypt)<br>* openssl -> openssl<br>* bouncycasltle ->= >openssl<br>* openssl -> bouncycastle<br><br>Is there a particular reaso= >n PBE support has not been included in a release version upto now? It would= >be attractive to have support in an official release.<br> ><br>Kind regards,<br>Paul<br> > >--0016364ed6a0cf2a0a04a93414c5-- > > >
